Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rNAB0rDzi2NLqZ2PpgZTGTQbU2E.roa
File: rNAB0rDzi2NLqZ2PpgZTGTQbU2E.roa (raw, json)
Hash identifier: r6OWlkpgF53yI8DOYStC7HuESxpTEh8MoJfSGbGgiIo=
Subject key identifier: AC:D0:01:D2:B0:F3:8B:63:4B:A9:9D:8F:A6:06:53:19:34:1B:53:61
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8D9B21821365DAFDC5A304C25564E5B0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rNAB0rDzi2NLqZ2PpgZTGTQbU2E.roa
Signing time: Thu 02 Nov 2023 01:17:16 +0000
ROA not before: Thu 02 Nov 2023 01:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8d:9b:21:82:13:65:da:fd:c5:a3:04:c2:55:64:e5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 2 01:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acd001d2b0f38b634ba99d8fa6065319341b5361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:1e:55:71:a2:ae:c0:14:8f:c7:fc:6a:01:81:
30:05:e4:6e:58:ae:dc:60:a8:4a:8e:09:23:b6:49:
ee:9c:16:36:cf:e3:b0:07:a8:47:ca:45:75:83:51:
55:33:59:5b:a6:6f:a3:51:ae:8d:87:d0:29:06:cd:
cd:a9:13:1f:a0:1f:bf:1a:2a:88:ea:cd:ce:8d:b9:
25:11:0b:a0:2f:c4:a2:6c:81:64:bf:09:f7:4e:7b:
8f:79:90:54:d8:96:77:e8:b7:9b:8b:94:47:d0:13:
37:5e:37:59:8a:8e:3e:6e:19:23:11:fc:9a:a4:28:
2e:c3:0c:a3:d8:66:85:48:b7:c7:26:43:38:9a:1f:
e4:c3:dc:9f:db:65:ab:c9:33:f0:95:8a:71:e3:44:
79:42:da:72:8e:f7:52:fb:8a:52:d8:11:5a:ab:9c:
dc:b7:4f:1a:1e:73:5c:a4:d2:b7:12:46:27:e4:38:
07:38:29:6d:03:42:4b:71:46:39:5f:cf:6a:20:a2:
73:7b:36:ef:55:88:d4:be:f8:34:9b:48:c2:b9:08:
3c:3e:e5:bd:fb:69:cf:04:83:5c:ee:8c:a7:1d:aa:
0d:9a:2f:22:3b:a8:87:96:23:99:18:3e:90:ec:6b:
f4:20:00:9c:1d:d4:46:99:48:cb:25:6a:0d:82:84:
a7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D0:01:D2:B0:F3:8B:63:4B:A9:9D:8F:A6:06:53:19:34:1B:53:61
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rNAB0rDzi2NLqZ2PpgZTGTQbU2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c1:f4:23:65:36:39:e7:71:a7:42:3f:b2:7a:44:61:30:78:89:
f9:2c:b6:7b:26:5b:cd:9e:84:04:11:13:ff:6d:67:35:ae:75:
cf:6c:5f:f0:de:4a:d7:55:9b:cd:e7:6d:64:d2:25:62:80:b1:
41:c2:90:c0:59:2a:fa:3f:50:d7:b9:fd:b1:cf:b3:df:14:84:
88:0c:d7:9b:53:46:22:b5:06:2e:67:23:d8:c6:66:2f:7f:57:
a7:f4:cd:7a:22:2b:13:c1:9f:fd:92:94:20:b8:5e:cf:09:2f:
26:cf:cf:ab:f8:d4:ea:7e:ba:b9:b7:f2:ed:e9:d7:43:8c:bc:
50:c9:cb:29:05:4a:d3:0c:51:4c:c8:ca:ac:e4:11:03:f9:6f:
1d:fc:f3:27:53:43:68:fa:fd:0d:80:ba:b1:b2:72:e5:31:4f:
40:a4:f2:a3:7f:b6:5b:c9:de:0c:c7:35:bd:91:39:8f:60:f5:
4f:a3:dd:5c:ee:3a:c5:22:64:aa:f7:30:84:a6:88:8c:46:33:
cc:9e:29:27:6b:76:68:f1:33:59:0c:35:f4:7f:e0:6f:75:bb:
ff:b4:76:41:8f:a7:52:43:15:bc:c3:c8:70:ea:6c:d6:11:1f:
3f:ce:65:58:74:24:b4:8d:26:53:d7:05:72:db:16:0b:84:c4:
d5:1f:99:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuNmyGCE2Xa/cWjBMJVZOWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAyMDExNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2QwMDFkMmIwZjM4YjYzNGJhOTlkOGZhNjA2NTMxOTM0MWI1MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8B5VcaKuwBSPx/xqAYEwBeRuWK7c
YKhKjgkjtknunBY2z+OwB6hHykV1g1FVM1lbpm+jUa6Nh9ApBs3NqRMfoB+/GiqI
6s3OjbklEQugL8SibIFkvwn3TnuPeZBU2JZ36Lebi5RH0BM3XjdZio4+bhkjEfya
pCguwwyj2GaFSLfHJkM4mh/kw9yf22WryTPwlYpx40R5QtpyjvdS+4pS2BFaq5zc
t08aHnNcpNK3EkYn5DgHOCltA0JLcUY5X89qIKJzezbvVYjUvvg0m0jCuQg8PuW9
+2nPBINc7oynHaoNmi8iO6iHliOZGD6Q7Gv0IACcHdRGmUjLJWoNgoSnJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzQAdKw84tjS6mdj6YGUxk0G1NhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvck5BQjByRHppMk5McVoyUHBnWlRHVFFiVTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMH0I2U2Oedxp0I/snpE
YTB4ifkstnsmW82ehAQRE/9tZzWudc9sX/DeStdVm83nbWTSJWKAsUHCkMBZKvo/
UNe5/bHPs98UhIgM15tTRiK1Bi5nI9jGZi9/V6f0zXoiKxPBn/2SlCC4Xs8JLybP
z6v41Op+urm38u3p10OMvFDJyykFStMMUUzIyqzkEQP5bx388ydTQ2j6/Q2AurGy
cuUxT0Ck8qN/tlvJ3gzHNb2ROY9g9U+j3VzuOsUiZKr3MISmiIxGM8yeKSdrdmjx
M1kMNfR/4G91u/+0dkGPp1JDFbzDyHDqbNYRHz/OZVh0JLSNJlPXBXLbFguExNUf
mfg=
-----END CERTIFICATE-----
Generated at Sun May 11 07:40:29 2025 by rpki-client