Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nD68TCubaBXWCoQvMcxNUbHW_wE.roa
File: nD68TCubaBXWCoQvMcxNUbHW_wE.roa (raw, json)
Hash identifier: Isbe4Ak4Pk/yoXXG8wwLaTjHgJ6LL63CKtsH2a3/fd8=
Subject key identifier: 9C:3E:BC:4C:2B:9B:68:15:D6:0A:84:2F:31:CC:4D:51:B1:D6:FF:01
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFB40A6D8C3E1B6582221782877D3F3C9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nD68TCubaBXWCoQvMcxNUbHW_wE.roa
Signing time: Thu 23 Nov 2023 08:16:40 +0000
ROA not before: Thu 23 Nov 2023 08:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:40:a6:d8:c3:e1:b6:58:22:21:78:28:77:d3:f3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 08:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c3ebc4c2b9b6815d60a842f31cc4d51b1d6ff01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:88:52:b7:aa:ed:dd:4c:79:ca:f5:cf:ee:da:
2d:34:68:74:b8:c9:45:b5:9e:c4:f9:a8:80:2b:7f:
de:7d:ab:72:bc:28:aa:00:65:d7:98:45:76:65:f0:
7b:93:67:5b:e2:0d:b9:f1:09:e3:22:9f:d2:85:59:
f7:f1:1a:3f:e0:a5:ae:6d:24:24:aa:18:f7:f8:78:
40:74:2a:2a:c4:ac:7e:85:9f:27:bf:25:5f:cd:2b:
18:b9:49:32:e7:e8:92:65:ac:9c:42:ae:29:64:18:
72:14:2d:f5:82:5a:61:36:5e:49:b4:d0:b7:99:9e:
fa:ac:31:c3:5d:81:1e:4e:8d:28:1a:aa:50:ba:02:
d5:56:61:0e:9a:d5:ef:09:4a:9b:f1:eb:0c:da:0f:
e1:27:ee:87:5e:c0:11:bb:3b:f2:ec:3e:91:0d:da:
02:f0:5c:7a:81:e9:1c:48:4e:34:a7:6f:c4:2e:a3:
57:7e:10:4c:52:2e:9f:6d:68:b5:76:07:33:2c:7f:
df:4d:37:a3:f1:0c:34:89:70:70:39:7d:ab:16:67:
32:1f:14:42:c2:08:af:74:37:59:f4:65:fd:99:2e:
4f:9c:ff:01:16:a5:06:08:0e:57:ec:cb:8d:64:90:
ca:3b:47:65:32:ac:a5:7f:33:af:88:2f:09:c4:e7:
95:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:3E:BC:4C:2B:9B:68:15:D6:0A:84:2F:31:CC:4D:51:B1:D6:FF:01
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nD68TCubaBXWCoQvMcxNUbHW_wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:2d:34:19:a5:7e:c4:ea:42:99:d6:67:c6:30:69:d9:d7:ec:
4b:bf:19:c2:eb:88:10:40:e3:48:de:84:01:7f:e1:09:10:e1:
19:e9:09:8b:2f:3e:0a:59:2a:02:c2:50:71:a3:e2:22:5f:3e:
6f:80:f0:54:b6:f1:c6:62:7f:e2:49:6d:00:1a:f1:02:35:03:
da:98:99:b5:1b:3d:08:6f:3b:bd:da:22:00:82:00:0a:6e:f0:
90:26:47:49:80:52:b1:f9:c9:e4:c2:d5:5c:e4:93:cc:3b:65:
2e:aa:7c:50:3d:6c:85:f2:59:d5:86:24:be:a2:ba:82:70:ca:
28:dc:d0:d8:1d:00:4b:cc:26:b0:67:2e:a1:50:b6:5a:09:d0:
4e:f8:ef:b8:49:55:02:60:bf:e1:7d:5e:ab:49:28:f5:1e:3a:
92:5b:a2:e3:10:3f:f2:63:c8:2e:21:c6:4f:7c:29:a8:d4:72:
f3:d2:7e:a2:22:c4:cc:81:53:55:9c:be:66:72:aa:aa:fd:71:
22:57:e2:3b:89:5d:a5:f1:df:56:30:12:9b:82:9f:ce:bd:96:
12:9e:c6:c6:51:13:53:a6:c1:97:01:33:51:20:95:0a:b5:0f:
98:42:a2:7a:04:fb:c4:09:7b:ec:c4:41:86:ce:0a:f9:c4:ee:
25:fd:d0:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv7QKbYw+G2WCIheCh30/PJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMDgxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzNlYmM0YzJiOWI2ODE1ZDYwYTg0MmYzMWNjNGQ1MWIxZDZmZjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YhSt6rt3Ux5yvXP7totNGh0uMlF
tZ7E+aiAK3/efatyvCiqAGXXmEV2ZfB7k2db4g258QnjIp/ShVn38Ro/4KWubSQk
qhj3+HhAdCoqxKx+hZ8nvyVfzSsYuUky5+iSZaycQq4pZBhyFC31glphNl5JtNC3
mZ76rDHDXYEeTo0oGqpQugLVVmEOmtXvCUqb8esM2g/hJ+6HXsARuzvy7D6RDdoC
8Fx6gekcSE40p2/ELqNXfhBMUi6fbWi1dgczLH/fTTej8Qw0iXBwOX2rFmcyHxRC
wgivdDdZ9GX9mS5PnP8BFqUGCA5X7MuNZJDKO0dlMqylfzOviC8JxOeVSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJw+vEwrm2gV1gqELzHMTVGx1v8BMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbkQ2OFRDdWJhQlhXQ29Rdk1jeE5VYkhXX3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE0tNBmlfsTqQpnWZ8Yw
adnX7Eu/GcLriBBA40jehAF/4QkQ4RnpCYsvPgpZKgLCUHGj4iJfPm+A8FS28cZi
f+JJbQAa8QI1A9qYmbUbPQhvO73aIgCCAApu8JAmR0mAUrH5yeTC1Vzkk8w7ZS6q
fFA9bIXyWdWGJL6iuoJwyijc0NgdAEvMJrBnLqFQtloJ0E7477hJVQJgv+F9XqtJ
KPUeOpJbouMQP/JjyC4hxk98KajUcvPSfqIixMyBU1WcvmZyqqr9cSJX4juJXaXx
31YwEpuCn869lhKexsZRE1OmwZcBM1EglQq1D5hConoE+8QJe+zEQYbOCvnE7iX9
0Cw=
-----END CERTIFICATE-----
Generated at Tue May 13 08:19:09 2025 by rpki-client