Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pN80n2yMPpTK_gboH9qy6tSmG1E.roa
File: pN80n2yMPpTK_gboH9qy6tSmG1E.roa (raw, json)
Hash identifier: tJxPOicYeiIDjer9wvukVLdjywn/s8emy6xl7klNAMo=
Subject key identifier: A4:DF:34:9F:6C:8C:3E:94:CA:FE:06:E8:1F:DA:B2:EA:D4:A6:1B:51
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2F2FFBF0C8BC772D129C51769D24FF38
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pN80n2yMPpTK_gboH9qy6tSmG1E.roa
Signing time: Sat 14 Oct 2023 17:15:55 +0000
ROA not before: Sat 14 Oct 2023 17:15:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2f:2f:fb:f0:c8:bc:77:2d:12:9c:51:76:9d:24:ff:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 17:15:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a4df349f6c8c3e94cafe06e81fdab2ead4a61b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0e:a1:c5:11:b2:b8:31:b5:05:57:fc:e5:f2:
56:e7:0a:c1:00:f6:f5:f5:80:90:7d:84:a9:00:23:
7f:65:2f:dc:8a:a3:47:e7:07:6f:a8:aa:90:9c:7c:
81:5b:3a:82:14:de:88:be:fb:79:06:a5:58:29:e6:
d3:4a:8f:a6:47:21:1e:ee:a3:6d:9a:d2:1c:ea:c4:
16:f3:fb:ba:d9:8c:15:18:b6:55:15:82:55:be:e5:
77:ee:2a:d2:4c:4a:18:99:08:e8:ef:1d:62:31:07:
76:40:e4:13:da:36:9d:86:44:21:b2:fc:4c:41:87:
2b:ec:20:b1:50:27:65:41:67:3d:1b:af:cb:18:09:
ef:c7:a7:af:f0:60:c3:db:17:f7:ec:56:a8:bb:87:
aa:8c:e2:b2:0f:dc:9c:e5:9b:09:ee:ee:ac:ff:4f:
bc:67:69:c2:db:f1:53:72:b8:84:69:9b:c2:ec:ec:
25:11:67:9e:76:b8:17:69:b6:68:cb:9c:06:20:61:
e1:76:5e:7c:32:e9:1e:89:a3:e8:b5:82:72:0b:84:
2a:07:18:a6:1f:5a:f5:97:18:6d:5d:63:22:3c:44:
36:62:aa:b0:eb:75:f4:7a:33:4b:b5:d6:45:2f:a6:
a0:93:c4:3d:7c:ae:73:66:43:ba:b0:8c:fb:51:f3:
cb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:DF:34:9F:6C:8C:3E:94:CA:FE:06:E8:1F:DA:B2:EA:D4:A6:1B:51
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pN80n2yMPpTK_gboH9qy6tSmG1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
44:ca:74:2a:19:7e:62:72:fb:f9:b8:94:74:45:ad:02:28:f9:
87:ee:0e:cf:59:27:a2:2c:34:aa:f9:21:f7:8c:36:9d:99:ef:
0c:c3:43:e0:63:77:28:7a:a0:08:ee:d2:75:a1:c8:11:0f:43:
e5:1b:5d:85:6c:4c:49:8f:51:1d:19:b4:95:91:35:b2:b6:d7:
55:b5:77:ff:1d:82:43:cf:77:97:3a:45:96:88:b1:b0:ad:f2:
4f:0d:23:5d:b4:6a:61:50:7b:53:fb:9e:e7:53:7b:17:09:ad:
54:4d:ba:27:f2:34:e8:21:d2:20:85:21:4f:6b:b2:85:43:2d:
b4:d8:ac:17:6a:70:f5:61:ec:1d:a5:1d:94:c1:b5:bf:0b:85:
a5:5f:77:44:61:ee:d7:36:4f:44:ee:97:32:c5:f5:20:28:c4:
ee:16:73:1e:b2:a9:53:c2:16:36:4a:54:15:8c:06:1f:df:53:
89:1a:eb:fd:99:91:80:92:6c:ab:08:1b:ee:60:fe:0e:b9:af:
07:e8:0d:8f:a6:ed:54:67:9f:27:69:22:1a:89:76:ab:14:8c:
ba:12:a0:b9:4b:5b:92:73:fc:f8:d8:6c:32:21:05:b0:01:75:
4b:a5:e1:3c:8a:f7:b7:d6:0e:2c:16:57:bb:4b:42:81:66:ff:
c6:d1:15:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsvL/vwyLx3LRKcUXadJP84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MTcxNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGRmMzQ5ZjZjOGMzZTk0Y2FmZTA2ZTgxZmRhYjJlYWQ0YTYxYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg6hxRGyuDG1BVf85fJW5wrBAPb1
9YCQfYSpACN/ZS/ciqNH5wdvqKqQnHyBWzqCFN6Ivvt5BqVYKebTSo+mRyEe7qNt
mtIc6sQW8/u62YwVGLZVFYJVvuV37irSTEoYmQjo7x1iMQd2QOQT2jadhkQhsvxM
QYcr7CCxUCdlQWc9G6/LGAnvx6ev8GDD2xf37Faou4eqjOKyD9yc5ZsJ7u6s/0+8
Z2nC2/FTcriEaZvC7OwlEWeedrgXabZoy5wGIGHhdl58MukeiaPotYJyC4QqBxim
H1r1lxhtXWMiPEQ2Yqqw63X0ejNLtdZFL6agk8Q9fK5zZkO6sIz7UfPLVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKTfNJ9sjD6Uyv4G6B/asurUphtRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcE44MG4yeU1QcFRLX2dib0g5cXk2dFNtRzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAETKdCoZfmJy+/m4lHRF
rQIo+YfuDs9ZJ6IsNKr5IfeMNp2Z7wzDQ+Bjdyh6oAju0nWhyBEPQ+UbXYVsTEmP
UR0ZtJWRNbK211W1d/8dgkPPd5c6RZaIsbCt8k8NI120amFQe1P7nudTexcJrVRN
uifyNOgh0iCFIU9rsoVDLbTYrBdqcPVh7B2lHZTBtb8LhaVfd0Rh7tc2T0TulzLF
9SAoxO4Wcx6yqVPCFjZKVBWMBh/fU4ka6/2ZkYCSbKsIG+5g/g65rwfoDY+m7VRn
nydpIhqJdqsUjLoSoLlLW5Jz/PjYbDIhBbABdUul4TyK97fWDiwWV7tLQoFm/8bR
FZM=
-----END CERTIFICATE-----
Generated at Sun May 11 15:52:24 2025 by rpki-client