Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/riQnkDzE9eFZqNiRGlgD9kIpNcw.roa
File: riQnkDzE9eFZqNiRGlgD9kIpNcw.roa (raw, json)
Hash identifier: oyDd6wjxl1vLH3ShwhaGlPp7QM6BEQOkpXFzhWJ/vl4=
Subject key identifier: AE:24:27:90:3C:C4:F5:E1:59:A8:D8:91:1A:58:03:F6:42:29:35:CC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B78FFDD089DE72120DF415156FF926A0D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/riQnkDzE9eFZqNiRGlgD9kIpNcw.roa
Signing time: Sun 29 Oct 2023 01:15:15 +0000
ROA not before: Sun 29 Oct 2023 01:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:78:ff:dd:08:9d:e7:21:20:df:41:51:56:ff:92:6a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 01:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae2427903cc4f5e159a8d8911a5803f6422935cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:83:05:0b:57:db:43:d2:85:fc:22:e5:b3:e1:
8c:2e:2f:3d:00:75:01:97:f1:74:0c:df:5c:bf:b0:
06:2f:00:4d:49:1d:26:b9:cd:22:c7:4c:6a:57:5c:
e8:cc:26:1c:10:0e:d0:fb:41:67:fd:52:5f:9e:54:
17:2a:8d:a2:02:45:8d:29:7e:45:02:9e:ed:f4:6e:
78:cc:04:2c:be:f5:9a:97:6b:8c:2c:c7:14:55:63:
18:f7:6e:dc:7d:fa:c5:94:ac:30:f7:6d:1a:f2:7b:
41:81:a2:6b:7e:6c:07:3e:1d:e5:49:60:8f:16:f9:
dc:4c:b8:94:24:21:39:97:a1:9b:b9:c3:1b:7e:b5:
ee:9d:27:79:ae:db:56:af:65:e6:94:87:9c:0c:70:
42:75:74:13:a0:d9:a1:a7:fd:ad:ef:0e:ce:e0:b7:
d4:0b:e8:99:77:c7:6e:0b:7d:d0:a6:0a:97:72:a6:
37:a7:1b:ea:da:cb:7e:62:15:4e:c5:84:45:51:bf:
83:09:28:5e:cd:b4:bf:ef:c3:a2:a4:93:18:09:7d:
75:61:fc:53:b0:b6:73:04:14:6a:e8:4b:6c:be:33:
c2:8b:0f:36:05:42:01:a2:48:54:42:a3:b3:6d:0c:
23:6a:c1:c0:43:b3:23:a1:a7:a0:76:cc:a2:ba:bc:
6e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:24:27:90:3C:C4:F5:E1:59:A8:D8:91:1A:58:03:F6:42:29:35:CC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/riQnkDzE9eFZqNiRGlgD9kIpNcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:82:fb:db:97:09:e9:bf:c5:58:68:87:17:4e:bc:83:cc:13:
8f:a4:e7:d0:e0:56:f3:bb:44:56:45:47:de:cf:12:12:f1:66:
64:26:bd:23:57:37:df:ef:3d:b7:20:51:f5:cf:7a:9e:d4:af:
09:b5:dc:23:55:fd:4a:5e:2c:71:86:08:31:01:95:a6:5e:bc:
1f:0a:59:d6:a7:f3:04:eb:45:22:55:0c:a3:95:1a:cb:4c:0d:
1b:b3:45:38:b7:e7:54:ac:ee:50:d4:9a:b7:ae:b6:c0:44:25:
d9:89:b8:db:33:88:fb:23:52:a8:ee:fc:e5:52:a5:18:8e:2b:
8e:d2:7e:93:c9:6f:b6:17:9e:05:bf:ff:18:34:7b:66:53:53:
22:d2:a1:bf:59:73:00:ac:fc:33:6b:e0:01:66:1a:ad:1f:b4:
9c:70:f8:9d:d2:3f:f2:f0:dc:90:67:22:16:82:3e:6d:78:da:
ce:b2:d6:da:c5:ff:88:cc:ee:66:f5:69:f5:ff:ef:66:b9:6d:
b8:6b:1e:ac:e1:ae:09:84:21:51:25:15:9e:64:4c:5c:b8:c6:
65:3f:55:e6:2d:88:72:36:e5:9d:2d:11:1c:d0:ee:ee:fa:04:
eb:a7:d6:22:1e:17:72:71:41:72:0d:f1:13:5f:c4:09:d5:93:
13:b0:26:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt4/90InechIN9BUVb/kmoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MDExNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTI0Mjc5MDNjYzRmNWUxNTlhOGQ4OTExYTU4MDNmNjQyMjkzNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4MFC1fbQ9KF/CLls+GMLi89AHUB
l/F0DN9cv7AGLwBNSR0muc0ix0xqV1zozCYcEA7Q+0Fn/VJfnlQXKo2iAkWNKX5F
Ap7t9G54zAQsvvWal2uMLMcUVWMY927cffrFlKww920a8ntBgaJrfmwHPh3lSWCP
FvncTLiUJCE5l6GbucMbfrXunSd5rttWr2XmlIecDHBCdXQToNmhp/2t7w7O4LfU
C+iZd8duC33QpgqXcqY3pxvq2st+YhVOxYRFUb+DCShezbS/78OipJMYCX11YfxT
sLZzBBRq6EtsvjPCiw82BUIBokhUQqOzbQwjasHAQ7MjoaegdsyiurxuXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK4kJ5A8xPXhWajYkRpYA/ZCKTXMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcmlRbmtEekU5ZUZacU5pUkdsZ0Q5a0lwTmN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE6C+9uXCem/xVhohxdO
vIPME4+k59DgVvO7RFZFR97PEhLxZmQmvSNXN9/vPbcgUfXPep7Urwm13CNV/Upe
LHGGCDEBlaZevB8KWdan8wTrRSJVDKOVGstMDRuzRTi351Ss7lDUmreutsBEJdmJ
uNsziPsjUqju/OVSpRiOK47SfpPJb7YXngW//xg0e2ZTUyLSob9ZcwCs/DNr4AFm
Gq0ftJxw+J3SP/Lw3JBnIhaCPm142s6y1trF/4jM7mb1afX/72a5bbhrHqzhrgmE
IVElFZ5kTFy4xmU/VeYtiHI25Z0tERzQ7u76BOun1iIeF3JxQXIN8RNfxAnVkxOw
JgE=
-----END CERTIFICATE-----
Generated at Wed May 14 10:46:07 2025 by rpki-client