Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2l0T8xr2-upmrjbaXdUUlR7poJM.roa
File: 2l0T8xr2-upmrjbaXdUUlR7poJM.roa (raw, json)
Hash identifier: mEfgEu2FPnIJeu2E7+8OlIisZtVFiw5PLw3dIa0JeOM=
Subject key identifier: DA:5D:13:F3:1A:F6:FA:EA:66:AE:36:DA:5D:D5:14:95:1E:E9:A0:93
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C8264FF8414E42FEFFDE33D7E84DBF141
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2l0T8xr2-upmrjbaXdUUlR7poJM.roa
Signing time: Tue 19 Dec 2023 14:05:06 +0000
ROA not before: Tue 19 Dec 2023 14:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:8264:1f0d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:64:ff:84:14:e4:2f:ef:fd:e3:3d:7e:84:db:f1:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 14:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da5d13f31af6faea66ae36da5dd514951ee9a093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cf:a9:cc:0f:d3:e4:a4:fd:88:4a:ad:eb:a0:
13:f6:30:5a:f9:c7:52:c2:52:d8:3f:db:46:b7:30:
6e:f6:b3:cf:61:52:13:dc:4c:c2:69:dd:7b:f2:28:
9f:8b:bd:58:ed:da:ca:38:a1:35:b7:01:b4:72:d2:
2e:6b:66:e7:7d:ed:9a:25:a8:3f:ea:3d:1a:30:f8:
02:12:6c:a2:07:65:00:b2:58:26:a0:85:6a:d8:04:
e6:6c:3c:c3:cb:09:56:0d:8d:5c:bf:30:e7:fa:38:
3d:71:c1:1d:b0:cf:86:b2:e2:44:39:bf:3f:10:50:
4a:0f:05:de:f6:79:17:96:f3:22:21:c5:ee:26:ae:
31:42:84:ad:6d:9b:b7:e9:ea:c2:e0:6e:0d:b1:bf:
77:9d:11:1f:58:74:70:5f:5e:ff:d6:99:2d:9b:d5:
7d:48:85:a8:12:80:04:c9:b9:b5:ec:90:09:79:a8:
78:cf:c9:75:74:b5:c6:fc:39:ec:09:20:73:ec:5d:
17:6a:b2:cc:dc:15:8e:fc:4c:83:8e:e0:e0:ad:10:
3b:09:41:ce:d3:47:d0:04:75:5b:58:c7:38:64:67:
a0:d4:ba:f8:1b:15:ff:43:a0:01:79:35:f3:35:25:
a9:e7:bd:a9:5e:c7:98:41:24:ea:65:72:b3:79:cf:
bc:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5D:13:F3:1A:F6:FA:EA:66:AE:36:DA:5D:D5:14:95:1E:E9:A0:93
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2l0T8xr2-upmrjbaXdUUlR7poJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:d4:5b:07:2e:72:60:77:a2:8e:c2:53:8b:94:fd:0c:bd:73:
9d:13:7a:26:f1:62:a6:dd:eb:09:ed:5b:06:90:f2:91:7c:e3:
06:07:72:e9:04:b8:c1:8a:37:41:7a:5e:b1:3e:0b:12:20:bf:
ea:d4:b9:77:af:5f:44:82:8d:ee:d8:14:51:31:1e:c1:7a:87:
54:92:e2:cb:a7:53:e1:53:f8:4d:89:ce:1f:3f:b3:d6:fe:fb:
af:cd:c8:91:67:3b:1c:e1:e5:d7:6f:63:d7:8a:24:d6:a1:49:
ad:94:98:eb:cb:a0:38:ab:c6:8c:11:a8:fa:38:69:c0:b5:82:
a9:e0:8c:4e:4b:ff:f6:22:03:0a:bc:83:b5:07:96:bb:13:77:
15:2a:81:95:0b:21:01:27:b7:c5:b3:e8:d6:6b:32:3a:d5:d6:
c3:a0:03:0a:ff:74:82:b8:3f:b4:6c:05:ee:d8:86:c9:d7:ef:
0e:05:f3:5f:f2:6b:e3:e2:c8:7d:dd:59:28:bb:9b:b8:b7:07:
6f:72:68:39:03:a5:b5:2f:00:53:e1:74:99:f3:73:6e:75:ff:
62:3b:1c:ad:31:49:1b:dc:4d:fc:cf:8f:ce:7e:75:4d:5d:d2:
fb:96:34:a0:71:24:ba:94:98:8e:e9:af:b9:ba:1a:4e:4a:05:
f9:b9:d3:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyCZP+EFOQv7/3jPX6E2/FBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MTQwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTVkMTNmMzFhZjZmYWVhNjZhZTM2ZGE1ZGQ1MTQ5NTFlZTlhMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps+pzA/T5KT9iEqt66AT9jBa+cdS
wlLYP9tGtzBu9rPPYVIT3EzCad178iifi71Y7drKOKE1twG0ctIua2bnfe2aJag/
6j0aMPgCEmyiB2UAslgmoIVq2ATmbDzDywlWDY1cvzDn+jg9ccEdsM+GsuJEOb8/
EFBKDwXe9nkXlvMiIcXuJq4xQoStbZu36erC4G4Nsb93nREfWHRwX17/1pktm9V9
SIWoEoAEybm17JAJeah4z8l1dLXG/DnsCSBz7F0XarLM3BWO/EyDjuDgrRA7CUHO
00fQBHVbWMc4ZGeg1Lr4GxX/Q6ABeTXzNSWp572pXseYQSTqZXKzec+8DQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNpdE/Ma9vrqZq422l3VFJUe6aCTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMmwwVDh4cjItdXBtcmpiYVhkVVVsUjdwb0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG7UWwcucmB3oo7CU4uU
/Qy9c50TeibxYqbd6wntWwaQ8pF84wYHcukEuMGKN0F6XrE+CxIgv+rUuXevX0SC
je7YFFExHsF6h1SS4sunU+FT+E2Jzh8/s9b++6/NyJFnOxzh5ddvY9eKJNahSa2U
mOvLoDirxowRqPo4acC1gqngjE5L//YiAwq8g7UHlrsTdxUqgZULIQEnt8Wz6NZr
MjrV1sOgAwr/dIK4P7RsBe7YhsnX7w4F81/ya+PiyH3dWSi7m7i3B29yaDkDpbUv
AFPhdJnzc251/2I7HK0xSRvcTfzPj85+dU1d0vuWNKBxJLqUmI7pr7m6Gk5KBfm5
05E=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:51:48 2025 by rpki-client