Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/r783KWvgk71H1uIto4VA3moI8Qw.roa
File: r783KWvgk71H1uIto4VA3moI8Qw.roa (raw, json)
Hash identifier: t4z+di9dOf7yHMH7BF2y7xAIoqdmGRo/UsbtHCLM90I=
Subject key identifier: AF:BF:37:29:6B:E0:93:BD:47:D6:E2:2D:A3:85:40:DE:6A:08:F1:0C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C20FA445CA98EA75853E3E6533BF753CD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/r783KWvgk71H1uIto4VA3moI8Qw.roa
Signing time: Thu 30 Nov 2023 16:05:21 +0000
ROA not before: Thu 30 Nov 2023 16:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:20f9:6e44/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:20:fa:44:5c:a9:8e:a7:58:53:e3:e6:53:3b:f7:53:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 30 16:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afbf37296be093bd47d6e22da38540de6a08f10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:37:29:0f:d5:25:b2:cf:75:b1:1d:22:b8:01:
12:8c:41:95:61:56:dd:b9:06:c4:07:48:78:89:d3:
e0:5e:b9:d9:ff:94:a6:23:db:b2:8f:dd:e7:8b:be:
39:b1:9b:7f:f9:23:94:ed:dd:36:6d:d7:8d:a9:ec:
4c:cb:96:35:5e:a5:ee:ed:2f:ab:13:23:a5:0b:96:
0f:d2:a0:43:4a:92:a2:84:aa:3c:b8:dd:f2:2d:b2:
4d:86:22:21:b6:62:44:86:a0:b9:e5:f2:8d:9a:3e:
29:60:9f:7e:65:1a:15:f7:06:32:6d:87:1a:e2:d3:
d6:8c:78:b9:83:f3:91:79:6d:60:e0:3d:22:3d:ad:
50:dc:2a:ce:b0:be:22:56:e2:c0:6d:6b:be:eb:5f:
1a:42:a1:00:4d:e7:a2:d1:4c:7e:91:9d:c6:e2:b4:
22:34:43:fe:9a:57:15:bf:74:ff:f1:1b:47:ad:4e:
36:cf:4d:85:f2:d6:75:cc:39:91:a3:28:6c:7a:ce:
48:e9:27:69:dc:40:ad:1b:89:d8:dd:5e:a4:f9:de:
33:5a:7a:b3:fb:d2:e1:e9:d1:f8:5e:b4:92:9e:d5:
59:6f:6f:54:8c:47:9e:df:56:2b:3f:36:7b:64:21:
7a:d2:82:2a:f1:f6:8f:ea:a8:9b:f0:d0:37:5a:da:
a0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:BF:37:29:6B:E0:93:BD:47:D6:E2:2D:A3:85:40:DE:6A:08:F1:0C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/r783KWvgk71H1uIto4VA3moI8Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:ea:25:57:e4:09:c4:40:17:d1:0b:1b:bc:aa:70:23:ed:37:
9b:f6:e4:23:a0:37:41:82:0c:32:a9:9d:1b:02:d9:92:d7:76:
5e:8b:ca:99:aa:2e:4a:d9:24:1a:ff:97:e3:dc:1f:ba:f0:19:
37:d8:81:00:62:2a:fd:3d:61:c9:82:3d:07:93:7e:4f:75:f3:
86:6a:cb:bd:b0:44:98:2d:48:c0:2e:af:36:6f:7c:f7:80:2c:
1b:ab:54:50:a2:88:b1:52:2e:45:30:fd:8b:8e:3d:94:7d:3e:
9a:e5:0d:01:05:f9:bf:f9:ec:be:35:26:2d:12:b9:3d:1d:42:
1f:6b:91:b5:b7:d5:17:ad:e9:a9:db:43:b2:c8:34:33:14:eb:
af:ef:63:59:78:b4:9f:6c:70:08:76:50:25:3c:de:95:41:9d:
63:c7:24:92:95:61:18:ab:9e:70:ae:3b:2b:29:d8:9c:d9:33:
d7:67:c7:c7:42:35:bd:53:35:eb:eb:1f:c1:bb:09:9c:5c:f0:
4c:fa:47:6b:ad:78:88:dc:3f:2c:7a:73:7b:c5:47:65:69:31:
d1:c6:a4:e9:0d:45:8c:9a:17:fa:04:db:ed:19:a6:c8:3e:32:
de:b7:a3:cb:98:80:89:14:ad:e7:85:d8:23:06:a3:a5:46:35:
1e:9a:a6:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwg+kRcqY6nWFPj5lM791PNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTMwMTYwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmJmMzcyOTZiZTA5M2JkNDdkNmUyMmRhMzg1NDBkZTZhMDhmMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzcpD9Ulss91sR0iuAESjEGVYVbd
uQbEB0h4idPgXrnZ/5SmI9uyj93ni745sZt/+SOU7d02bdeNqexMy5Y1XqXu7S+r
EyOlC5YP0qBDSpKihKo8uN3yLbJNhiIhtmJEhqC55fKNmj4pYJ9+ZRoV9wYybYca
4tPWjHi5g/OReW1g4D0iPa1Q3CrOsL4iVuLAbWu+618aQqEATeei0Ux+kZ3G4rQi
NEP+mlcVv3T/8RtHrU42z02F8tZ1zDmRoyhses5I6Sdp3ECtG4nY3V6k+d4zWnqz
+9Lh6dH4XrSSntVZb29UjEee31YrPzZ7ZCF60oIq8faP6qib8NA3WtqgvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK+/Nylr4JO9R9biLaOFQN5qCPEMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcjc4M0tXdmdrNzFIMXVJdG80VkEzbW9JOFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACfqJVfkCcRAF9ELG7yq
cCPtN5v25COgN0GCDDKpnRsC2ZLXdl6LypmqLkrZJBr/l+PcH7rwGTfYgQBiKv09
YcmCPQeTfk9184Zqy72wRJgtSMAurzZvfPeALBurVFCiiLFSLkUw/YuOPZR9Pprl
DQEF+b/57L41Ji0SuT0dQh9rkbW31Ret6anbQ7LINDMU66/vY1l4tJ9scAh2UCU8
3pVBnWPHJJKVYRirnnCuOysp2JzZM9dnx8dCNb1TNevrH8G7CZxc8Ez6R2uteIjc
Pyx6c3vFR2VpMdHGpOkNRYyaF/oE2+0Zpsg+Mt63o8uYgIkUreeF2CMGo6VGNR6a
ptA=
-----END CERTIFICATE-----
Generated at Wed May 14 08:30:58 2025 by rpki-client