Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wn3AHO2fSBulYkEgjFPsJBNV1Rc.roa
File: wn3AHO2fSBulYkEgjFPsJBNV1Rc.roa (raw, json)
Hash identifier: CASkm3KQB08aqqf1+iOxTtivhotytyrQj7V09mh1sDY=
Subject key identifier: C2:7D:C0:1C:ED:9F:48:1B:A5:62:41:20:8C:53:EC:24:13:55:D5:17
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2A07F19C0C631B966D7873DED40ECE1D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wn3AHO2fSBulYkEgjFPsJBNV1Rc.roa
Signing time: Sat 02 Dec 2023 10:16:52 +0000
ROA not before: Sat 02 Dec 2023 10:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:07:f1:9c:0c:63:1b:96:6d:78:73:de:d4:0e:ce:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 10:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c27dc01ced9f481ba56241208c53ec241355d517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f2:fd:ef:a0:78:47:7b:fb:bd:e4:0c:0a:10:
28:88:57:59:ef:ab:88:f6:1b:49:10:f1:a5:c7:23:
0b:7f:47:da:aa:66:b8:ba:57:3b:60:5e:ac:5e:c1:
fe:72:50:ce:91:b7:e6:23:58:6f:61:36:6a:da:89:
ea:aa:c0:8b:1f:13:6b:16:21:66:db:16:9c:c0:20:
e4:6e:5c:80:65:e2:72:60:b0:c8:7d:ec:18:13:17:
42:92:4c:93:5f:5f:e6:27:39:70:c3:ae:a6:6e:53:
75:e2:31:cc:bb:d1:ec:e0:1d:e9:e8:3f:eb:f2:3e:
38:e0:be:79:b1:94:2a:ef:09:5c:4d:6c:1d:a2:c0:
de:d1:48:d3:f6:44:b6:1c:28:49:d4:34:7a:f2:97:
29:f7:ec:1b:50:88:0f:f4:e6:0f:bb:a0:2a:dc:1c:
b7:48:04:e6:36:42:74:1a:8f:4b:7c:86:26:c2:c5:
4b:6a:bc:9e:d6:dc:6b:80:68:7e:f6:5f:19:32:55:
25:95:0c:6e:2f:d4:80:cd:05:cc:e7:29:92:21:fa:
cf:dd:6c:71:92:82:6d:88:12:0b:34:30:85:35:56:
5d:85:14:4d:54:e4:3d:16:1a:70:9d:e1:79:ca:11:
63:81:82:f5:e3:e3:a0:95:79:21:a9:45:7e:6d:db:
1c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:7D:C0:1C:ED:9F:48:1B:A5:62:41:20:8C:53:EC:24:13:55:D5:17
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wn3AHO2fSBulYkEgjFPsJBNV1Rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:c3:5a:3b:81:02:a4:61:f3:a4:8d:7b:dc:ef:70:8e:e9:44:
79:f5:d2:9e:37:92:4c:63:92:d5:76:9f:5a:e5:ce:3f:08:33:
e4:f2:42:ac:04:c9:a1:8c:72:19:20:7b:2d:b6:ea:5b:5c:17:
f7:d8:58:17:ab:05:e4:b0:9e:6c:af:85:d4:7c:1e:40:5e:84:
e2:85:2d:86:48:bd:b8:c1:e6:30:ab:03:ac:0c:ef:cf:c4:f9:
53:20:6a:78:9c:18:a7:df:74:5d:37:e2:9c:30:9a:b5:66:8d:
73:8e:41:bb:0b:7e:d0:6b:13:94:3d:f9:6a:c7:f7:4f:c0:df:
2c:2c:84:27:54:0d:0e:d5:0c:5b:16:5f:db:3c:4c:34:3b:36:
55:e5:64:ad:99:44:92:d6:45:53:f0:65:6c:95:e2:5f:38:cb:
32:9d:f3:52:05:fd:cf:82:a0:3c:ee:71:cb:48:1a:a3:03:ed:
0f:06:10:ea:0e:f4:d5:5e:7b:44:59:03:6d:b5:0b:ac:ad:c2:
2d:e7:af:b4:25:36:cc:37:d4:4f:73:8c:20:a4:0a:80:25:89:
66:b3:f5:cb:cd:32:de:cb:37:51:38:6e:ac:bb:f0:07:2f:e1:
b5:e0:f1:1c:1f:83:db:55:27:80:fd:2e:51:95:a3:24:3b:14:
d9:b0:6a:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwqB/GcDGMblm14c97UDs4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMTAxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjdkYzAxY2VkOWY0ODFiYTU2MjQxMjA4YzUzZWMyNDEzNTVkNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvL976B4R3v7veQMChAoiFdZ76uI
9htJEPGlxyMLf0faqma4ulc7YF6sXsH+clDOkbfmI1hvYTZq2onqqsCLHxNrFiFm
2xacwCDkblyAZeJyYLDIfewYExdCkkyTX1/mJzlww66mblN14jHMu9Hs4B3p6D/r
8j444L55sZQq7wlcTWwdosDe0UjT9kS2HChJ1DR68pcp9+wbUIgP9OYPu6Aq3By3
SATmNkJ0Go9LfIYmwsVLarye1txrgGh+9l8ZMlUllQxuL9SAzQXM5ymSIfrP3Wxx
koJtiBILNDCFNVZdhRRNVOQ9FhpwneF5yhFjgYL14+OglXkhqUV+bdsctQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMJ9wBztn0gbpWJBIIxT7CQTVdUXMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvd24zQUhPMmZTQnVsWWtFZ2pGUHNKQk5WMVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFjDWjuBAqRh86SNe9zv
cI7pRHn10p43kkxjktV2n1rlzj8IM+TyQqwEyaGMchkgey226ltcF/fYWBerBeSw
nmyvhdR8HkBehOKFLYZIvbjB5jCrA6wM78/E+VMganicGKffdF034pwwmrVmjXOO
QbsLftBrE5Q9+WrH90/A3ywshCdUDQ7VDFsWX9s8TDQ7NlXlZK2ZRJLWRVPwZWyV
4l84yzKd81IF/c+CoDzucctIGqMD7Q8GEOoO9NVee0RZA221C6ytwi3nr7QlNsw3
1E9zjCCkCoAliWaz9cvNMt7LN1E4bqy78Acv4bXg8Rwfg9tVJ4D9LlGVoyQ7FNmw
avM=
-----END CERTIFICATE-----
Generated at Tue May 13 22:47:28 2025 by rpki-client