Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rIP-1UrIltvKgkyEAWrAYJYKNVU.roa
File: rIP-1UrIltvKgkyEAWrAYJYKNVU.roa (raw, json)
Hash identifier: LZ2R1Mi5QN+mtK5DiiiCWH4LMVBELYAXqc6d2kLOX+w=
Subject key identifier: AC:83:FE:D5:4A:C8:96:DB:CA:82:4C:84:01:6A:C0:60:96:0A:35:55
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B14C23C9B7A8F4B97B8D89970362D46A7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rIP-1UrIltvKgkyEAWrAYJYKNVU.roa
Signing time: Mon 09 Oct 2023 14:05:55 +0000
ROA not before: Mon 09 Oct 2023 14:05:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:14c1:8485/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:14:c2:3c:9b:7a:8f:4b:97:b8:d8:99:70:36:2d:46:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 14:05:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac83fed54ac896dbca824c84016ac060960a3555
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:73:3f:23:b1:78:a0:89:06:84:eb:30:35:79:
28:1b:5d:94:d3:2b:73:42:31:e9:2f:fc:99:a8:e4:
ea:e6:14:0e:c0:d9:bd:50:f7:cf:40:53:1b:d8:b4:
43:91:a4:51:54:db:4e:a7:e0:da:6a:a5:12:7d:79:
73:80:6e:52:38:7c:de:5d:fc:7c:9f:8d:89:6f:3a:
26:71:b3:19:c6:d7:1f:b5:61:86:3f:47:06:8d:34:
30:f9:a6:fc:3d:ea:6e:57:52:cc:61:b7:dc:48:cd:
52:a3:f6:18:e9:19:21:99:df:23:7d:b6:8f:b3:c1:
46:42:e8:0d:99:22:dd:e6:1f:29:a8:a6:aa:be:f3:
c9:d2:47:6b:e7:5a:fd:4d:6b:19:8b:14:fd:9c:07:
50:4c:8e:da:71:19:73:bd:af:a5:52:2f:72:65:fe:
bd:1d:2a:c9:84:6f:cb:8a:95:ce:70:e4:46:c4:63:
9e:83:b2:3d:78:b5:9c:7d:83:ba:6f:0f:52:9d:1b:
56:71:a3:f3:ad:93:6e:46:f8:8e:d9:b9:8e:af:2d:
74:91:a6:4c:77:cc:01:15:b7:4c:2c:43:fd:f3:1c:
b6:70:12:2c:0a:ef:7a:0d:11:f6:99:22:89:11:19:
84:09:01:f5:94:a0:47:59:37:4f:57:3e:d3:53:55:
e1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:83:FE:D5:4A:C8:96:DB:CA:82:4C:84:01:6A:C0:60:96:0A:35:55
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rIP-1UrIltvKgkyEAWrAYJYKNVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:2d:1a:75:9f:42:54:a9:cb:7a:ff:a0:4c:85:f1:94:16:88:
e4:d1:9f:91:11:26:1c:97:30:e6:2f:61:c2:87:1d:49:aa:81:
a9:a9:81:c3:a8:00:7b:c6:fb:78:e6:48:b5:af:08:96:1e:40:
f5:ea:9b:3c:87:32:10:9e:c1:db:88:80:33:38:49:11:6d:7e:
dd:4b:2f:c9:18:d0:a6:a6:59:6c:f3:7f:56:b0:d6:84:a2:21:
d2:33:9f:6a:64:2a:5f:87:1e:13:4c:44:76:be:d2:77:2f:00:
b1:04:98:c1:9f:7e:81:c7:d4:fd:db:fb:f7:bf:0a:98:57:ff:
ea:1d:fc:39:fb:2a:64:8e:09:16:ac:72:c2:c3:6e:30:0e:13:
75:d3:93:8a:f6:a0:84:6f:44:7e:40:55:11:b8:b3:a8:ad:fb:
a9:41:45:fe:02:19:74:d0:4f:df:74:9a:3c:cb:81:6d:dc:f9:
40:92:d6:80:c0:de:0c:f6:3f:26:d6:1c:46:96:04:74:b8:7f:
1a:0f:cb:de:a2:4e:15:46:5e:43:c2:9d:37:b4:b4:f2:6a:97:
b9:70:63:f2:ad:ce:97:b7:4b:08:f4:80:22:e1:c6:46:9d:44:
29:53:17:c3:68:0c:4a:96:4e:63:32:80:d2:3b:d4:1a:62:d6:
53:09:b4:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsUwjybeo9Ll7jYmXA2LUanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MTQwNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzgzZmVkNTRhYzg5NmRiY2E4MjRjODQwMTZhYzA2MDk2MGEzNTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXM/I7F4oIkGhOswNXkoG12U0ytz
QjHpL/yZqOTq5hQOwNm9UPfPQFMb2LRDkaRRVNtOp+DaaqUSfXlzgG5SOHzeXfx8
n42JbzomcbMZxtcftWGGP0cGjTQw+ab8PepuV1LMYbfcSM1So/YY6Rkhmd8jfbaP
s8FGQugNmSLd5h8pqKaqvvPJ0kdr51r9TWsZixT9nAdQTI7acRlzva+lUi9yZf69
HSrJhG/LipXOcORGxGOeg7I9eLWcfYO6bw9SnRtWcaPzrZNuRviO2bmOry10kaZM
d8wBFbdMLEP98xy2cBIsCu96DRH2mSKJERmECQH1lKBHWTdPVz7TU1XhJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKyD/tVKyJbbyoJMhAFqwGCWCjVVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcklQLTFVcklsdHZLZ2t5RUFXckFZSllLTlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK0tGnWfQlSpy3r/oEyF
8ZQWiOTRn5ERJhyXMOYvYcKHHUmqgampgcOoAHvG+3jmSLWvCJYeQPXqmzyHMhCe
wduIgDM4SRFtft1LL8kY0KamWWzzf1aw1oSiIdIzn2pkKl+HHhNMRHa+0ncvALEE
mMGffoHH1P3b+/e/CphX/+od/Dn7KmSOCRascsLDbjAOE3XTk4r2oIRvRH5AVRG4
s6it+6lBRf4CGXTQT990mjzLgW3c+UCS1oDA3gz2PybWHEaWBHS4fxoPy96iThVG
XkPCnTe0tPJql7lwY/Ktzpe3Swj0gCLhxkadRClTF8NoDEqWTmMygNI71Bpi1lMJ
tPM=
-----END CERTIFICATE-----
Generated at Sun May 11 10:50:14 2025 by rpki-client