Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/u3wMvg_o2YEPqpiwykCisFX0Ies.roa
File: u3wMvg_o2YEPqpiwykCisFX0Ies.roa (raw, json)
Hash identifier: 5/0TFPgy8tu7oh5eVYwoxdMt8bUz18ZQ0AS96Zvgwqk=
Subject key identifier: BB:7C:0C:BE:0F:E8:D9:81:0F:AA:98:B0:CA:40:A2:B0:55:F4:21:EB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B94AA61F57091573740DB546C93AAA7A2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/u3wMvg_o2YEPqpiwykCisFX0Ies.roa
Signing time: Fri 03 Nov 2023 10:11:16 +0000
ROA not before: Fri 03 Nov 2023 10:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:aa:61:f5:70:91:57:37:40:db:54:6c:93:aa:a7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 10:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb7c0cbe0fe8d9810faa98b0ca40a2b055f421eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b7:15:a6:b8:f4:81:34:b0:05:7e:58:1a:a5:
2c:1e:87:e8:35:72:bd:0b:c9:e5:1a:6a:03:35:a5:
1e:2a:9c:0c:92:45:0a:c7:c2:30:68:a7:ad:d0:a4:
9e:1d:14:6b:b8:28:71:52:36:0a:ac:eb:fa:9f:00:
96:7f:fc:50:06:6c:31:a3:4f:78:39:8c:b4:2e:38:
31:fd:67:6d:d4:f4:81:f5:15:a0:2f:c6:d1:15:87:
15:af:5e:8c:a1:cc:71:81:19:42:7a:1c:1c:3e:d2:
ac:9c:fe:33:61:0e:0a:d4:38:72:80:13:80:0b:58:
0b:9c:bb:03:8c:36:e1:0c:88:38:5a:75:d6:02:13:
66:ab:50:09:8a:7d:2e:13:89:18:3d:82:ef:33:12:
28:ef:cf:6f:69:44:4b:95:5c:d1:ce:5a:13:48:34:
3b:2a:49:2f:2a:b4:46:84:61:c3:95:fc:b6:3a:5f:
34:82:24:98:63:58:5b:df:d7:da:a9:fb:c7:dd:00:
4c:72:8b:50:f8:36:44:d6:39:6d:01:67:f8:00:23:
0d:c9:f6:76:a9:df:87:87:68:3a:ef:e8:eb:03:22:
18:37:17:35:6b:c7:e0:06:a5:7b:f0:5d:60:aa:77:
bd:e7:a6:4c:7f:c0:f4:eb:98:cd:cc:be:a1:1f:c0:
96:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:7C:0C:BE:0F:E8:D9:81:0F:AA:98:B0:CA:40:A2:B0:55:F4:21:EB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/u3wMvg_o2YEPqpiwykCisFX0Ies.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:62:be:7e:82:1d:5f:f9:da:8a:b7:1d:47:f3:d8:82:56:bb:
21:bb:e8:47:86:58:27:84:d3:f3:69:ad:24:ed:ba:5c:7c:00:
15:5d:e3:fc:b9:c8:55:d2:9c:bc:b4:48:f8:08:fe:c2:0a:55:
b4:e0:5a:7d:7f:c0:8d:24:10:36:ed:2e:71:6b:82:c5:05:a0:
e7:80:5c:ef:60:9f:41:5f:99:24:81:c2:cc:52:6e:d9:64:dd:
fc:a6:27:00:28:ef:a5:78:a5:d8:b6:e6:21:c7:2d:4b:40:d6:
12:bd:2b:f7:88:fc:89:91:03:11:c1:6d:57:ff:84:cd:9d:9a:
ce:35:e9:cd:5e:75:87:fc:1d:18:8f:ed:c7:40:ba:d1:dc:f2:
39:b6:b7:b8:39:aa:b5:6c:46:ab:5a:f5:b2:b5:d1:a3:8d:54:
f1:0e:67:bf:d9:0c:44:63:c0:95:db:59:5c:cd:f1:b5:25:e6:
bb:ae:6b:2a:b1:ec:34:4d:5c:46:b9:83:45:af:2b:6f:2d:11:
31:db:41:b7:47:ad:81:4f:79:5e:29:eb:b9:ae:50:38:43:19:
35:25:fc:93:78:cd:d8:87:54:63:08:6e:0c:38:fd:21:bf:c7:
3b:f2:8b:76:45:5d:fa:0e:3d:a1:a2:43:5f:53:00:ef:33:da:
4b:56:99:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuUqmH1cJFXN0DbVGyTqqeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMTAxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjdjMGNiZTBmZThkOTgxMGZhYTk4YjBjYTQwYTJiMDU1ZjQyMWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrcVprj0gTSwBX5YGqUsHofoNXK9
C8nlGmoDNaUeKpwMkkUKx8IwaKet0KSeHRRruChxUjYKrOv6nwCWf/xQBmwxo094
OYy0Ljgx/Wdt1PSB9RWgL8bRFYcVr16MocxxgRlCehwcPtKsnP4zYQ4K1DhygBOA
C1gLnLsDjDbhDIg4WnXWAhNmq1AJin0uE4kYPYLvMxIo789vaURLlVzRzloTSDQ7
KkkvKrRGhGHDlfy2Ol80giSYY1hb39faqfvH3QBMcotQ+DZE1jltAWf4ACMNyfZ2
qd+Hh2g67+jrAyIYNxc1a8fgBqV78F1gqne956ZMf8D065jNzL6hH8CWBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLt8DL4P6NmBD6qYsMpAorBV9CHrMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdTN3TXZnX28yWUVQcXBpd3lrQ2lzRlgwSWVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGBivn6CHV/52oq3HUfz
2IJWuyG76EeGWCeE0/NprSTtulx8ABVd4/y5yFXSnLy0SPgI/sIKVbTgWn1/wI0k
EDbtLnFrgsUFoOeAXO9gn0FfmSSBwsxSbtlk3fymJwAo76V4pdi25iHHLUtA1hK9
K/eI/ImRAxHBbVf/hM2dms416c1edYf8HRiP7cdAutHc8jm2t7g5qrVsRqta9bK1
0aONVPEOZ7/ZDERjwJXbWVzN8bUl5ruuayqx7DRNXEa5g0WvK28tETHbQbdHrYFP
eV4p67muUDhDGTUl/JN4zdiHVGMIbgw4/SG/xzvyi3ZFXfoOPaGiQ19TAO8z2ktW
maQ=
-----END CERTIFICATE-----
Generated at Sat May 10 11:45:38 2025 by rpki-client