Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4d-hmqZVdVQWX2MCmDx0w9BesZA.roa
File: 4d-hmqZVdVQWX2MCmDx0w9BesZA.roa (raw, json)
Hash identifier: 0oXoi1DuLG26xVAzwyb0kLq7/Agt69Du1TXbg5UBuPQ=
Subject key identifier: E1:DF:A1:9A:A6:55:75:54:16:5F:63:02:98:3C:74:C3:D0:5E:B1:90
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABB10879868D3050366B2332E084B4854
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4d-hmqZVdVQWX2MCmDx0w9BesZA.roa
Signing time: Fri 22 Sep 2023 04:05:37 +0000
ROA not before: Fri 22 Sep 2023 04:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:bb0f:ac78/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:10:87:98:68:d3:05:03:66:b2:33:2e:08:4b:48:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 04:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1dfa19aa6557554165f6302983c74c3d05eb190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:45:8b:38:ba:84:f3:ad:ff:71:26:41:79:62:
7f:50:a4:0b:5c:fb:55:e8:45:36:09:7c:84:db:9e:
90:b3:ce:7c:a7:f9:3b:22:fd:17:a5:ba:e6:6a:59:
ab:63:d2:23:e5:e9:69:ce:0e:19:cb:0f:45:ae:2c:
ed:e9:e1:f6:e2:e4:c1:9b:14:71:7a:2c:2b:88:14:
8e:21:ee:19:ab:99:02:84:76:db:51:b8:46:58:48:
09:14:be:a4:7a:94:7b:2d:00:a3:d6:55:98:89:f6:
9a:91:3f:b1:56:56:60:0a:11:ba:63:c9:ab:e0:de:
22:83:c4:49:4d:41:cf:4b:fb:40:8a:6c:71:c5:e8:
83:f4:c5:9b:ec:13:d7:74:c2:0e:a5:eb:11:97:51:
3e:71:1a:33:86:6f:25:b8:b9:2d:42:a4:e0:0c:f1:
a2:7e:49:a1:fe:2e:6b:6a:62:d5:6c:3c:72:7d:1e:
6f:bd:17:ba:f1:3a:03:b1:60:b9:1d:9c:55:36:7c:
c6:58:df:5d:a6:94:aa:4b:91:09:6c:6c:c0:ab:97:
f8:f6:44:05:9e:0c:40:65:44:65:ca:2f:02:f4:cd:
ff:c3:f9:e6:84:2e:6d:14:06:d7:3f:4c:bc:9a:a4:
1d:a0:9f:27:bf:d1:b8:01:a1:50:ef:2d:77:c7:e8:
1d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:DF:A1:9A:A6:55:75:54:16:5F:63:02:98:3C:74:C3:D0:5E:B1:90
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4d-hmqZVdVQWX2MCmDx0w9BesZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:ca:26:45:db:d3:bf:c4:77:c1:46:09:39:26:6d:05:f7:4f:
e6:80:ea:7b:8f:92:a9:c7:b7:6d:08:52:38:87:89:c3:bb:d7:
4c:34:10:24:3f:b6:10:c9:6b:83:f4:38:2f:0d:6a:6f:d9:79:
a5:8c:31:26:78:cc:b2:c1:54:23:dc:6f:ea:45:a9:fd:25:cc:
85:d4:9c:97:5f:c2:1c:aa:f3:5b:14:12:23:bd:a8:62:44:92:
38:ab:43:3d:1f:bb:51:db:15:63:00:0f:c8:b8:79:ec:e9:39:
8f:27:cc:24:94:23:4c:51:b1:67:c1:0d:36:a4:ee:9d:4a:b9:
94:8e:a8:08:99:fe:62:d9:a6:d1:39:0c:c1:59:79:d5:a1:b2:
af:bb:76:9f:97:07:b3:98:0e:a6:56:be:c5:0f:37:c2:a8:bd:
18:c9:74:30:27:5c:53:ca:0b:25:9c:d5:db:c9:fd:ca:25:fc:
6b:a5:be:4c:86:de:b7:01:41:b5:ca:bc:f4:58:ab:de:8b:a6:
98:d4:5d:42:c6:3a:25:63:e4:ab:37:03:ab:d0:1a:f7:a4:40:
23:42:0f:73:c9:55:6b:28:5f:33:62:73:d6:8e:73:97:6e:dc:
56:57:72:f7:1b:9e:53:2d:6f:b2:d1:f6:98:0a:7f:a0:9a:10:
ac:04:49:3c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq7EIeYaNMFA2ayMy4IS0hUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMDQwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWRmYTE5YWE2NTU3NTU0MTY1ZjYzMDI5ODNjNzRjM2QwNWViMTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkWLOLqE863/cSZBeWJ/UKQLXPtV
6EU2CXyE256Qs858p/k7Iv0XpbrmalmrY9Ij5elpzg4Zyw9Frizt6eH24uTBmxRx
eiwriBSOIe4Zq5kChHbbUbhGWEgJFL6kepR7LQCj1lWYifaakT+xVlZgChG6Y8mr
4N4ig8RJTUHPS/tAimxxxeiD9MWb7BPXdMIOpesRl1E+cRozhm8luLktQqTgDPGi
fkmh/i5ramLVbDxyfR5vvRe68ToDsWC5HZxVNnzGWN9dppSqS5EJbGzAq5f49kQF
ngxAZURlyi8C9M3/w/nmhC5tFAbXP0y8mqQdoJ8nv9G4AaFQ7y13x+gdKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOHfoZqmVXVUFl9jApg8dMPQXrGQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNGQtaG1xWlZkVlFXWDJNQ21EeDB3OUJlc1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJzKJkXb07/Ed8FGCTkm
bQX3T+aA6nuPkqnHt20IUjiHicO710w0ECQ/thDJa4P0OC8Nam/ZeaWMMSZ4zLLB
VCPcb+pFqf0lzIXUnJdfwhyq81sUEiO9qGJEkjirQz0fu1HbFWMAD8i4eezpOY8n
zCSUI0xRsWfBDTak7p1KuZSOqAiZ/mLZptE5DMFZedWhsq+7dp+XB7OYDqZWvsUP
N8KovRjJdDAnXFPKCyWc1dvJ/col/GulvkyG3rcBQbXKvPRYq96LppjUXULGOiVj
5Ks3A6vQGvekQCNCD3PJVWsoXzNic9aOc5du3FZXcvcbnlMtb7LR9pgKf6CaEKwE
STw=
-----END CERTIFICATE-----
Generated at Fri Jun 20 12:31:26 2025 by rpki-client