Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3hIfMLdcB7TzQSPpHTFOv2YXBxY.roa
File: 3hIfMLdcB7TzQSPpHTFOv2YXBxY.roa (raw, json)
Hash identifier: MdTJjrHry3xCsJ9cDO2jhHsjhm0+UvPS6n7NK3S8NOQ=
Subject key identifier: DE:12:1F:30:B7:5C:07:B4:F3:41:23:E9:1D:31:4E:BF:66:17:07:16
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD084C7A5AED28FA363CA0782C8963142
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3hIfMLdcB7TzQSPpHTFOv2YXBxY.roa
Signing time: Tue 26 Sep 2023 08:04:37 +0000
ROA not before: Tue 26 Sep 2023 08:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:d084:bc4a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:84:c7:a5:ae:d2:8f:a3:63:ca:07:82:c8:96:31:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 08:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de121f30b75c07b4f34123e91d314ebf66170716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a4:e6:f1:50:4c:92:bb:1c:3a:28:e3:02:4a:
fb:c2:c7:e3:04:3f:01:f9:85:91:58:b0:84:dc:95:
70:f1:4a:93:2a:2f:45:a8:b4:c2:70:1b:4c:dd:00:
42:6f:a2:d2:fe:98:6b:6e:bc:3c:75:22:4e:90:45:
3e:d0:57:12:e0:f8:da:66:32:83:ea:5b:e8:4d:70:
cb:31:a7:45:de:40:18:8c:30:bb:92:b0:52:76:1c:
0f:c9:07:10:9a:37:fe:eb:da:75:ed:b1:23:87:ba:
23:66:bc:f6:7d:72:5f:04:5f:dc:a2:50:81:5e:0a:
63:1a:77:42:0f:64:0d:04:84:57:78:73:65:75:ef:
c3:e6:f7:c1:a4:2b:f5:7a:2a:de:f7:54:ad:13:f6:
b8:b0:bf:78:b9:51:d7:52:69:b4:97:07:b3:83:22:
20:7e:15:7a:b7:d8:ec:12:52:33:a4:2f:11:a4:c2:
2d:5d:30:42:8f:7a:49:1a:7a:30:9a:0b:bf:d0:45:
ec:2f:d9:66:eb:32:31:9d:34:57:e0:9d:38:b7:50:
33:f3:c9:a2:03:f2:48:3e:6f:8e:f5:db:8a:5e:d0:
10:96:92:2e:a0:15:b3:ec:a8:d1:c9:d2:67:f1:33:
28:fb:fa:12:1c:04:fc:2b:5f:f5:5e:8c:c2:01:9c:
d5:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:12:1F:30:B7:5C:07:B4:F3:41:23:E9:1D:31:4E:BF:66:17:07:16
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3hIfMLdcB7TzQSPpHTFOv2YXBxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:2a:f6:8e:a7:de:7b:18:db:e8:68:2a:c6:8b:d6:59:da:50:
df:34:de:29:c8:6e:9c:5f:df:9e:37:af:dd:57:9b:7b:f9:5f:
98:47:7b:2d:64:1e:92:7d:9b:67:66:bf:27:c6:c6:6a:eb:14:
3d:5c:2a:cc:cf:53:f4:4c:1a:f2:b5:c1:65:a6:50:1b:f2:d4:
8b:d1:da:c7:ef:fc:a3:45:11:68:b0:e1:8b:d4:5b:9c:b3:a6:
2f:2d:c0:c1:de:06:4f:24:f0:c1:fa:1a:6a:a6:58:82:46:09:
e3:a1:49:af:bb:d4:d0:62:c4:42:28:67:85:9e:35:f4:18:34:
da:a9:58:79:21:6f:b0:d4:7a:96:68:f0:82:0c:48:35:1c:5e:
26:a5:1f:0d:6c:77:2a:91:f9:6c:31:0c:1f:f3:f9:e3:d5:aa:
da:c6:da:0e:c5:b6:4a:b5:7e:19:93:78:f0:d4:df:30:f1:99:
63:36:f0:25:42:d9:ce:17:bf:05:33:f3:14:98:ee:0f:88:56:
ff:25:ff:eb:4a:52:ff:69:ca:9f:e2:a9:27:0b:62:bf:3a:20:
8b:04:9c:f6:73:94:c6:cc:e2:c5:3b:0f:dc:ce:4f:d9:76:1f:
d8:bc:6f:e1:4f:79:fa:f7:e5:63:c6:ef:25:13:c6:9c:1f:bc:
13:c3:b3:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrQhMelrtKPo2PKB4LIljFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MDgwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTEyMWYzMGI3NWMwN2I0ZjM0MTIzZTkxZDMxNGViZjY2MTcwNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaTm8VBMkrscOijjAkr7wsfjBD8B
+YWRWLCE3JVw8UqTKi9FqLTCcBtM3QBCb6LS/phrbrw8dSJOkEU+0FcS4PjaZjKD
6lvoTXDLMadF3kAYjDC7krBSdhwPyQcQmjf+69p17bEjh7ojZrz2fXJfBF/colCB
XgpjGndCD2QNBIRXeHNlde/D5vfBpCv1eire91StE/a4sL94uVHXUmm0lwezgyIg
fhV6t9jsElIzpC8RpMItXTBCj3pJGnowmgu/0EXsL9lm6zIxnTRX4J04t1Az88mi
A/JIPm+O9duKXtAQlpIuoBWz7KjRydJn8TMo+/oSHAT8K1/1XozCAZzV/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN4SHzC3XAe080Ej6R0xTr9mFwcWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM2hJZk1MZGNCN1R6UVNQcEhURk92MllYQnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHMq9o6n3nsY2+hoKsaL
1lnaUN803inIbpxf3543r91Xm3v5X5hHey1kHpJ9m2dmvyfGxmrrFD1cKszPU/RM
GvK1wWWmUBvy1IvR2sfv/KNFEWiw4YvUW5yzpi8twMHeBk8k8MH6GmqmWIJGCeOh
Sa+71NBixEIoZ4WeNfQYNNqpWHkhb7DUepZo8IIMSDUcXialHw1sdyqR+WwxDB/z
+ePVqtrG2g7Ftkq1fhmTePDU3zDxmWM28CVC2c4XvwUz8xSY7g+IVv8l/+tKUv9p
yp/iqScLYr86IIsEnPZzlMbM4sU7D9zOT9l2H9i8b+FPefr35WPG7yUTxpwfvBPD
s1Y=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:07:51 2025 by rpki-client