Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/p9wSQFSjv3joP2W7NZi2ufCZP0A.roa
File: p9wSQFSjv3joP2W7NZi2ufCZP0A.roa (raw, json)
Hash identifier: RlodQ8KxzhPKMfZKGTHSHXAgfq8ZLeBTCK++S2RRGtM=
Subject key identifier: A7:DC:12:40:54:A3:BF:78:E8:3F:65:BB:35:98:B6:B9:F0:99:3F:40
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B145A70800CE271C1B701D5EE7C1F9D49
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/p9wSQFSjv3joP2W7NZi2ufCZP0A.roa
Signing time: Mon 09 Oct 2023 12:12:33 +0000
ROA not before: Mon 09 Oct 2023 12:12:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:5a:70:80:0c:e2:71:c1:b7:01:d5:ee:7c:1f:9d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 12:12:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7dc124054a3bf78e83f65bb3598b6b9f0993f40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:53:2f:b9:1d:83:dd:4c:91:1e:7f:ac:b2:4a:
b7:22:03:6c:be:ad:21:0a:69:ce:16:58:05:6c:45:
2a:aa:8d:ff:88:b6:e4:2f:d5:85:59:8e:c0:bb:b2:
d4:c9:55:4a:76:53:34:3c:41:af:39:55:b5:c1:00:
7c:3d:93:ef:59:12:3f:01:75:27:a0:a0:88:ee:e2:
6e:67:04:de:85:68:18:8c:29:dd:2e:59:11:47:8b:
29:96:ba:d6:9d:65:55:2e:a6:02:c3:d0:0a:c8:16:
b7:93:f8:18:36:45:6d:c1:21:34:42:f1:a5:b4:8d:
be:bf:d5:8e:3b:f7:8d:bc:48:6e:10:17:94:a9:72:
6c:02:24:bc:a5:13:fe:ca:78:36:5d:5f:ff:bf:80:
08:07:61:23:1c:05:bc:44:3d:a2:5a:d7:22:df:02:
29:b1:0d:c9:33:0c:0d:4d:0d:d8:97:f5:20:74:55:
8c:cb:2e:03:6f:15:eb:e6:31:54:51:f5:80:49:e5:
62:cd:16:bd:06:2e:76:5d:fd:f3:98:c4:ba:bc:e5:
1c:6f:bc:ec:3e:68:11:d5:af:2f:c4:af:07:38:a8:
74:c3:28:8d:dd:57:81:c6:83:29:d2:a7:db:c5:0f:
2c:6d:ed:84:cb:14:55:2e:44:80:a9:53:05:59:f1:
f2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:DC:12:40:54:A3:BF:78:E8:3F:65:BB:35:98:B6:B9:F0:99:3F:40
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/p9wSQFSjv3joP2W7NZi2ufCZP0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d4:e8:fe:ec:80:f0:b5:71:1b:2f:9e:50:53:c5:61:27:91:69:
a6:de:fe:2d:7e:16:69:e9:a2:e0:56:8e:12:8c:fd:dc:54:84:
01:d0:2b:b5:7c:bc:1c:ab:57:41:6d:28:13:5c:cd:9a:a3:c8:
68:ba:53:64:da:1d:52:9b:71:47:ec:ca:35:6d:25:1f:88:00:
e2:71:7c:99:49:82:f6:4f:bd:fe:b6:82:13:3f:e1:7f:10:fa:
f4:2a:8a:b0:ab:95:62:00:10:19:0b:66:06:25:cd:7c:b2:05:
95:67:85:85:82:64:ac:25:96:73:94:cc:4a:08:c0:60:ad:49:
65:a3:8a:e6:c5:28:b0:6b:85:7f:9c:2f:aa:5e:1a:bc:26:07:
e7:39:2a:83:3f:d1:30:7c:3a:71:c5:8e:2f:13:ff:10:d7:2f:
21:cf:5f:1f:d8:3f:61:46:51:e1:0e:c9:22:93:92:54:ec:4e:
56:72:cf:92:7a:37:e1:32:f8:5b:97:c0:c3:a1:82:37:2c:b7:
59:ef:e9:39:71:29:ca:56:3a:5c:97:56:6a:4a:42:e9:55:51:
53:21:60:6e:81:a5:69:79:d1:40:18:12:b2:d6:22:39:36:35:
09:ea:bb:b4:bc:82:0f:97:82:ed:77:a2:02:9d:59:f0:7b:f7:
48:61:d6:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsUWnCADOJxwbcB1e58H51JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MTIxMjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2RjMTI0MDU0YTNiZjc4ZTgzZjY1YmIzNTk4YjZiOWYwOTkzZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVMvuR2D3UyRHn+sskq3IgNsvq0h
CmnOFlgFbEUqqo3/iLbkL9WFWY7Au7LUyVVKdlM0PEGvOVW1wQB8PZPvWRI/AXUn
oKCI7uJuZwTehWgYjCndLlkRR4splrrWnWVVLqYCw9AKyBa3k/gYNkVtwSE0QvGl
tI2+v9WOO/eNvEhuEBeUqXJsAiS8pRP+yng2XV//v4AIB2EjHAW8RD2iWtci3wIp
sQ3JMwwNTQ3Yl/UgdFWMyy4DbxXr5jFUUfWASeVizRa9Bi52Xf3zmMS6vOUcb7zs
PmgR1a8vxK8HOKh0wyiN3VeBxoMp0qfbxQ8sbe2EyxRVLkSAqVMFWfHyrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKfcEkBUo7946D9luzWYtrnwmT9AMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcDl3U1FGU2p2M2pvUDJXN05aaTJ1ZkNaUDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANTo/uyA8LVxGy+eUFPF
YSeRaabe/i1+FmnpouBWjhKM/dxUhAHQK7V8vByrV0FtKBNczZqjyGi6U2TaHVKb
cUfsyjVtJR+IAOJxfJlJgvZPvf62ghM/4X8Q+vQqirCrlWIAEBkLZgYlzXyyBZVn
hYWCZKwllnOUzEoIwGCtSWWjiubFKLBrhX+cL6peGrwmB+c5KoM/0TB8OnHFji8T
/xDXLyHPXx/YP2FGUeEOySKTklTsTlZyz5J6N+Ey+FuXwMOhgjcst1nv6TlxKcpW
OlyXVmpKQulVUVMhYG6BpWl50UAYErLWIjk2NQnqu7S8gg+Xgu13ogKdWfB790hh
1iY=
-----END CERTIFICATE-----
Generated at Mon May 12 12:30:15 2025 by rpki-client