Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/suVjOtPOWKdJMvbx5vFs2iQrY20.roa
File: suVjOtPOWKdJMvbx5vFs2iQrY20.roa (raw, json)
Hash identifier: 8dCkXx8zkJF2PQe5V9/YGmiiK8OT4T+n7qfWAhwq62g=
Subject key identifier: B2:E5:63:3A:D3:CE:58:A7:49:32:F6:F1:E6:F1:6C:DA:24:2B:63:6D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BF161BE6844D0889C64CC13BB550DBF77
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/suVjOtPOWKdJMvbx5vFs2iQrY20.roa
Signing time: Tue 21 Nov 2023 10:16:36 +0000
ROA not before: Tue 21 Nov 2023 10:16:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:61:be:68:44:d0:88:9c:64:cc:13:bb:55:0d:bf:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 21 10:16:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2e5633ad3ce58a74932f6f1e6f16cda242b636d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:78:76:bc:2a:62:5b:f7:24:f5:13:51:5a:8b:
1c:3e:a4:45:45:3d:b8:59:66:c9:e0:33:74:71:f4:
88:5a:4e:d6:ea:d0:4d:aa:7b:b5:b6:ec:67:fd:47:
1f:98:06:b1:42:22:0c:c1:66:c2:79:82:d7:ea:b1:
14:b5:80:e8:a2:d9:69:7d:df:a7:7e:f0:da:69:ef:
00:8e:68:0e:78:0f:c9:0a:b1:14:f3:e6:de:38:ae:
ae:5d:d3:8a:49:25:03:42:c2:ec:09:da:0a:39:e1:
94:2e:e7:f2:04:0d:15:69:9f:f5:7c:78:37:4e:db:
e7:2e:9d:86:85:1f:d5:01:fb:31:ee:0f:97:21:31:
70:a8:62:05:51:1b:1e:2e:20:0c:13:f9:02:f4:85:
6b:de:78:6b:d6:29:cf:70:99:0c:73:c2:ce:2e:98:
9c:3d:4e:63:b3:56:84:45:4f:75:f6:e4:f0:91:06:
81:12:29:3a:57:eb:69:83:e9:96:77:f7:64:f6:ef:
c7:45:86:5d:df:4a:d2:aa:67:19:ef:39:60:ce:1e:
14:74:a9:11:d9:b8:fd:89:36:a3:f2:64:fe:4f:c9:
e4:3e:bb:9d:cb:7e:03:4f:d2:a2:87:18:95:fd:61:
f7:2f:10:df:82:83:39:e8:2e:3e:2b:3f:27:1b:83:
d3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:E5:63:3A:D3:CE:58:A7:49:32:F6:F1:E6:F1:6C:DA:24:2B:63:6D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/suVjOtPOWKdJMvbx5vFs2iQrY20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:62:65:6b:86:bc:c7:95:c3:dd:3b:1d:6b:28:8c:88:7e:e8:
0a:2e:57:07:8e:ae:20:63:d2:f8:92:e8:9a:68:31:b9:ec:53:
19:3d:3e:e3:59:e5:44:62:ca:88:fc:bf:a2:9d:a5:b9:b4:9e:
99:70:20:2f:b5:d6:df:89:29:3b:ba:d3:fd:a2:a0:fb:29:15:
5e:e8:6a:b6:2e:4b:e2:f6:73:4a:ab:96:a1:3d:1a:78:60:14:
48:2c:b3:44:b1:b9:19:4e:7d:6f:2a:fc:cf:98:4f:31:83:40:
ee:62:31:6b:b5:3b:c9:9f:85:8f:e5:6a:f9:65:dc:4f:d1:a0:
b9:3e:1d:6f:9e:07:3b:25:42:29:f7:f0:88:1d:1b:39:db:bb:
cd:e8:f4:53:a4:48:c0:2b:fe:6d:39:af:d9:fd:4a:33:2d:13:
4f:f1:c1:37:96:30:46:b5:e6:2d:6f:19:d6:ed:20:c8:a1:8d:
f9:58:c0:35:e3:6c:2f:19:36:1c:d6:e5:45:03:2a:bf:ae:1b:
e9:94:c9:14:83:d2:5f:e9:8b:b8:e1:b6:2d:13:be:6c:b4:15:
87:4f:46:d2:b8:66:58:7b:71:7d:42:6c:ed:e1:04:18:b4:8b:
de:60:0d:4f:0f:ff:63:69:de:ea:9d:29:72:1d:8d:ec:f0:74:
73:5e:0a:83
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvxYb5oRNCInGTME7tVDb93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIxMTAxNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmU1NjMzYWQzY2U1OGE3NDkzMmY2ZjFlNmYxNmNkYTI0MmI2MzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnh2vCpiW/ck9RNRWoscPqRFRT24
WWbJ4DN0cfSIWk7W6tBNqnu1tuxn/UcfmAaxQiIMwWbCeYLX6rEUtYDootlpfd+n
fvDaae8AjmgOeA/JCrEU8+beOK6uXdOKSSUDQsLsCdoKOeGULufyBA0VaZ/1fHg3
TtvnLp2GhR/VAfsx7g+XITFwqGIFURseLiAME/kC9IVr3nhr1inPcJkMc8LOLpic
PU5js1aERU919uTwkQaBEik6V+tpg+mWd/dk9u/HRYZd30rSqmcZ7zlgzh4UdKkR
2bj9iTaj8mT+T8nkPrudy34DT9KihxiV/WH3LxDfgoM56C4+Kz8nG4PT+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLLlYzrTzlinSTL28ebxbNokK2NtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc3VWak90UE9XS2RKTXZieDV2RnMyaVFyWTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFliZWuGvMeVw907HWso
jIh+6AouVweOriBj0viS6JpoMbnsUxk9PuNZ5URiyoj8v6Kdpbm0nplwIC+11t+J
KTu60/2ioPspFV7oarYuS+L2c0qrlqE9GnhgFEgss0SxuRlOfW8q/M+YTzGDQO5i
MWu1O8mfhY/lavll3E/RoLk+HW+eBzslQin38IgdGznbu83o9FOkSMAr/m05r9n9
SjMtE0/xwTeWMEa15i1vGdbtIMihjflYwDXjbC8ZNhzW5UUDKr+uG+mUyRSD0l/p
i7jhti0Tvmy0FYdPRtK4Zlh7cX1CbO3hBBi0i95gDU8P/2Np3uqdKXIdjezwdHNe
CoM=
-----END CERTIFICATE-----
Generated at Mon May 12 13:35:09 2025 by rpki-client