Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pV-miDw96sEKfhRyNuqL9CEx2W0.roa
File: pV-miDw96sEKfhRyNuqL9CEx2W0.roa (raw, json)
Hash identifier: LoUOWADAxczfuT4e/4xchY+uaZUu9X0wBjR9fCIj/QQ=
Subject key identifier: A5:5F:A6:88:3C:3D:EA:C1:0A:7E:14:72:36:EA:8B:F4:21:31:D9:6D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BCA1813E0BF4AAB7E359D57B7B36D894D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pV-miDw96sEKfhRyNuqL9CEx2W0.roa
Signing time: Mon 13 Nov 2023 19:10:57 +0000
ROA not before: Mon 13 Nov 2023 19:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ca:18:13:e0:bf:4a:ab:7e:35:9d:57:b7:b3:6d:89:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 19:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a55fa6883c3deac10a7e147236ea8bf42131d96d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f9:71:6c:9f:9b:f0:ff:62:f9:62:55:68:36:
dd:6f:41:5b:6b:52:23:8f:b5:38:23:48:70:0f:03:
99:ca:51:c2:8d:cc:6e:ae:11:b1:d5:d8:dc:45:06:
27:1d:3d:23:95:fd:8a:96:7c:4a:3c:14:96:89:da:
3e:85:99:3e:08:47:8e:82:dc:a4:2b:0e:4b:f8:9e:
a3:e4:fe:78:75:a3:45:9b:4d:f7:c0:ac:f8:57:5b:
5a:c2:5a:43:46:bf:10:80:82:d6:4c:5a:0e:c3:53:
0f:26:6d:50:ab:d2:3b:2c:43:b6:94:aa:11:c2:e3:
80:4c:7d:60:11:c3:32:ca:cf:53:12:07:9f:35:df:
ca:93:66:95:56:e0:0e:21:49:a1:d3:47:93:d3:95:
09:6d:b5:5e:36:70:05:8d:30:c5:1d:6c:cd:72:0a:
06:da:38:ea:14:2a:ee:af:4d:e4:c0:d7:50:77:b6:
61:70:05:65:c0:ed:2b:6f:4e:d3:b6:5d:1d:18:1f:
96:d6:c4:b0:b8:f8:cf:d0:4f:45:52:41:06:21:de:
89:b9:64:5e:12:40:25:19:45:ec:c5:51:c9:a1:c8:
78:73:e9:04:c6:2f:71:f4:2a:90:22:1f:6a:5d:23:
24:45:13:3f:c3:3e:03:b6:51:06:ac:64:c9:84:3e:
7b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5F:A6:88:3C:3D:EA:C1:0A:7E:14:72:36:EA:8B:F4:21:31:D9:6D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pV-miDw96sEKfhRyNuqL9CEx2W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c8:7f:41:50:33:c4:59:99:5f:3d:93:ad:a1:6a:4a:9d:f0:1f:
d2:a6:f8:ba:94:dd:42:ea:66:2f:b4:db:26:fa:83:ee:14:9f:
39:aa:9f:aa:23:a0:19:5a:da:ab:9d:fa:7a:3e:79:c4:43:4c:
a3:1c:4e:72:4b:82:39:b9:63:42:eb:d4:95:0d:4d:aa:7d:40:
76:ce:14:d0:ab:64:28:ff:34:ed:9f:6b:41:b6:3d:33:df:e7:
4c:07:1c:ce:55:83:a3:2e:d3:d4:99:3b:f8:e9:93:75:c6:04:
3a:65:85:20:8a:d5:f9:bb:a2:f2:4c:82:61:29:66:f6:e9:f9:
60:12:54:5f:4d:88:57:74:a6:cb:c3:ec:fd:9c:8b:ef:4c:72:
09:ad:8e:6d:73:8b:4b:8a:5e:9d:d6:6f:9d:39:44:df:2d:4d:
3d:2b:4d:c5:f3:17:aa:4c:7a:9a:c6:4c:45:ba:00:e3:3b:73:
2b:b8:0c:2e:4e:5d:87:66:fa:80:f9:00:62:70:11:a0:a5:94:
41:47:6b:12:77:81:9a:0e:12:ca:21:89:c0:f5:6b:36:f8:ec:
6e:0d:01:63:51:48:73:97:39:dd:8f:49:34:29:e0:6a:45:1a:
cc:c0:7c:94:03:6f:0c:d5:d2:49:0d:52:16:8b:93:a2:01:4c:
9f:e2:1e:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvKGBPgv0qrfjWdV7ezbYlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMTkxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTVmYTY4ODNjM2RlYWMxMGE3ZTE0NzIzNmVhOGJmNDIxMzFkOTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlflxbJ+b8P9i+WJVaDbdb0Fba1Ij
j7U4I0hwDwOZylHCjcxurhGx1djcRQYnHT0jlf2KlnxKPBSWido+hZk+CEeOgtyk
Kw5L+J6j5P54daNFm033wKz4V1tawlpDRr8QgILWTFoOw1MPJm1Qq9I7LEO2lKoR
wuOATH1gEcMyys9TEgefNd/Kk2aVVuAOIUmh00eT05UJbbVeNnAFjTDFHWzNcgoG
2jjqFCrur03kwNdQd7ZhcAVlwO0rb07Ttl0dGB+W1sSwuPjP0E9FUkEGId6JuWRe
EkAlGUXsxVHJoch4c+kExi9x9CqQIh9qXSMkRRM/wz4DtlEGrGTJhD57DQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKVfpog8PerBCn4Ucjbqi/QhMdltMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcFYtbWlEdzk2c0VLZmhSeU51cUw5Q0V4MlcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMh/QVAzxFmZXz2TraFq
Sp3wH9Km+LqU3ULqZi+02yb6g+4Unzmqn6ojoBla2qud+no+ecRDTKMcTnJLgjm5
Y0Lr1JUNTap9QHbOFNCrZCj/NO2fa0G2PTPf50wHHM5Vg6Mu09SZO/jpk3XGBDpl
hSCK1fm7ovJMgmEpZvbp+WASVF9NiFd0psvD7P2ci+9Mcgmtjm1zi0uKXp3Wb505
RN8tTT0rTcXzF6pMeprGTEW6AOM7cyu4DC5OXYdm+oD5AGJwEaCllEFHaxJ3gZoO
EsohicD1azb47G4NAWNRSHOXOd2PSTQp4GpFGszAfJQDbwzV0kkNUhaLk6IBTJ/i
HoA=
-----END CERTIFICATE-----
Generated at Mon May 12 19:25:05 2025 by rpki-client