Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5AoBl9JDGEUmGFGqDHHteA6FsMQ.roa
File: 5AoBl9JDGEUmGFGqDHHteA6FsMQ.roa (raw, json)
Hash identifier: 2PcErgtjBfpzvsgzdnh0JciNvDTnkI4XtPLmX/Yx9tY=
Subject key identifier: E4:0A:01:97:D2:43:18:45:26:18:51:AA:0C:71:ED:78:0E:85:B0:C4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C70CC9A8E301BAAF1BAFCF03B9BBB4FC5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5AoBl9JDGEUmGFGqDHHteA6FsMQ.roa
Signing time: Sat 16 Dec 2023 04:05:06 +0000
ROA not before: Sat 16 Dec 2023 04:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:70cb:f736/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:70:cc:9a:8e:30:1b:aa:f1:ba:fc:f0:3b:9b:bb:4f:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 04:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e40a0197d2431845261851aa0c71ed780e85b0c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:31:25:33:e1:4c:d5:79:c6:28:bf:e0:46:5e:
23:64:b0:bd:c1:4a:e0:68:47:29:02:1f:3d:3c:c6:
c1:4b:85:c6:63:2e:e8:dd:0e:6b:ea:e4:ca:a0:75:
81:1f:21:c8:78:76:4c:6a:47:9a:c1:f8:d0:e1:49:
7c:11:9d:e5:df:7e:9e:fe:09:84:bf:c1:52:31:2e:
1f:05:c8:2d:56:17:f8:3e:47:e2:41:c4:3a:97:6c:
d4:e7:d2:cc:44:96:f6:0e:12:92:2a:05:0d:8f:0c:
4d:5d:de:33:41:36:33:47:e4:c4:15:52:6a:c4:6e:
ce:b3:2e:4b:d3:e6:34:4b:e3:b8:a1:78:69:19:22:
b4:80:46:61:2f:f1:64:37:91:87:82:1a:3a:e0:ad:
68:18:82:20:5d:80:c3:ca:f6:e2:38:ee:74:1b:9d:
a6:e8:31:65:d2:e1:f3:3f:b1:c2:ba:93:11:0e:b9:
49:27:9b:c8:4b:d0:88:c2:96:06:3e:2d:4a:43:38:
5d:86:05:3f:95:8a:b1:a4:bf:92:0c:cd:a4:a8:df:
af:37:b5:b1:0d:4d:44:d8:23:85:d7:fe:cc:d5:b7:
3d:fe:6d:81:e8:e7:7b:2b:1c:d6:12:bc:f3:02:01:
6f:2a:ed:d6:f6:f5:95:85:f5:99:d3:da:38:25:5c:
ce:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:0A:01:97:D2:43:18:45:26:18:51:AA:0C:71:ED:78:0E:85:B0:C4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5AoBl9JDGEUmGFGqDHHteA6FsMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bc:dc:c9:0a:2e:66:20:83:a5:2b:6a:94:bb:d2:9a:78:9e:50:
d7:b6:cf:7e:9a:33:9a:a0:0e:57:45:a8:f2:9f:9c:97:85:59:
04:4c:7f:26:54:83:4f:1d:79:00:3c:f0:2a:14:a2:14:24:49:
cb:68:fd:5e:0e:ba:96:e8:6e:ae:bd:1a:3e:3b:3c:6c:fe:00:
38:98:d0:2b:3b:9a:77:9e:0d:c5:b4:15:58:d3:57:e2:27:db:
68:3a:de:8c:60:9e:e4:26:6d:6f:94:45:ac:31:94:6c:2f:e3:
2e:10:bb:1a:c1:6d:99:72:1c:05:2c:7d:5f:22:4b:2e:e9:c9:
00:fe:6d:bd:e9:7c:35:ed:31:7a:76:3a:a8:07:92:f9:ac:69:
a3:b2:50:08:a3:9f:b9:dd:c2:24:7a:b7:14:8f:bb:33:c8:dc:
37:5d:90:25:ad:78:cb:9c:0f:1f:d6:11:42:ae:66:ad:72:7e:
40:9b:23:cb:51:6e:9a:3e:5a:09:48:4d:4a:73:f1:09:83:00:
f2:24:3d:69:ec:05:82:37:27:4b:36:52:04:3b:39:24:67:23:
24:57:4e:04:08:ca:f1:f4:14:89:2b:5f:44:dc:7d:5e:01:16:
7e:ed:4b:c8:db:12:4e:48:8b:6d:80:23:7f:49:f7:55:57:36:
9d:3a:03:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxwzJqOMBuq8br88Dubu0/FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MDQwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDBhMDE5N2QyNDMxODQ1MjYxODUxYWEwYzcxZWQ3ODBlODViMGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTElM+FM1XnGKL/gRl4jZLC9wUrg
aEcpAh89PMbBS4XGYy7o3Q5r6uTKoHWBHyHIeHZMakeawfjQ4Ul8EZ3l336e/gmE
v8FSMS4fBcgtVhf4PkfiQcQ6l2zU59LMRJb2DhKSKgUNjwxNXd4zQTYzR+TEFVJq
xG7Osy5L0+Y0S+O4oXhpGSK0gEZhL/FkN5GHgho64K1oGIIgXYDDyvbiOO50G52m
6DFl0uHzP7HCupMRDrlJJ5vIS9CIwpYGPi1KQzhdhgU/lYqxpL+SDM2kqN+vN7Wx
DU1E2COF1/7M1bc9/m2B6Od7KxzWErzzAgFvKu3W9vWVhfWZ09o4JVzO/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOQKAZfSQxhFJhhRqgxx7XgOhbDEMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNUFvQmw5SkRHRVVtR0ZHcURISHRlQTZGc01RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALzcyQouZiCDpStqlLvS
mnieUNe2z36aM5qgDldFqPKfnJeFWQRMfyZUg08deQA88CoUohQkScto/V4Oupbo
bq69Gj47PGz+ADiY0Cs7mneeDcW0FVjTV+In22g63oxgnuQmbW+URawxlGwv4y4Q
uxrBbZlyHAUsfV8iSy7pyQD+bb3pfDXtMXp2OqgHkvmsaaOyUAijn7ndwiR6txSP
uzPI3DddkCWteMucDx/WEUKuZq1yfkCbI8tRbpo+WglITUpz8QmDAPIkPWnsBYI3
J0s2UgQ7OSRnIyRXTgQIyvH0FIkrX0TcfV4BFn7tS8jbEk5Ii22AI39J91VXNp06
AyQ=
-----END CERTIFICATE-----
Generated at Mon Jun 16 23:03:44 2025 by rpki-client