Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/6e5O8Gxwgm5Z0P--mHOohE4nHYI.roa
File: 6e5O8Gxwgm5Z0P--mHOohE4nHYI.roa (raw, json)
Hash identifier: 1whRhag73GJ5MT1D/sFlcesd72Zts7Q8ubWPNJ53mdE=
Subject key identifier: E9:EE:4E:F0:6C:70:82:6E:59:D0:FF:BE:98:73:A8:84:4E:27:1D:82
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0A746C0DAE8ABCC002A21777F566BBF1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/6e5O8Gxwgm5Z0P--mHOohE4nHYI.roa
Signing time: Sat 07 Oct 2023 14:04:43 +0000
ROA not before: Sat 07 Oct 2023 14:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:a74:358f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0a:74:6c:0d:ae:8a:bc:c0:02:a2:17:77:f5:66:bb:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 14:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9ee4ef06c70826e59d0ffbe9873a8844e271d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:90:e2:0f:92:a1:a3:f6:91:3f:25:54:d6:
40:34:5c:46:f6:0c:13:ce:23:15:bc:30:3d:71:0f:
9b:ea:d5:99:c4:4a:1f:e2:11:20:07:56:bf:b6:cc:
7d:cf:f1:69:bf:9d:84:e4:33:6d:1b:07:bc:7a:a0:
3a:9f:fa:f7:4c:1e:03:3f:86:64:49:f1:54:79:59:
01:a2:9c:8e:81:0c:26:26:11:8b:3b:15:93:61:ad:
90:b6:1d:d4:45:db:c5:cb:2a:c7:d7:6b:7c:6a:ab:
e9:3c:b9:1a:20:06:e3:20:53:e9:3a:45:07:8e:0f:
30:fa:bc:27:61:f1:b3:7f:ea:57:fb:1d:8f:61:32:
d8:87:cb:83:06:a7:d4:d0:ea:be:d4:ca:52:20:60:
80:44:9f:70:4b:81:66:ba:33:c7:16:ad:9a:83:1f:
8f:c1:17:64:7f:ab:ea:c5:34:6a:59:ce:b0:1b:61:
43:07:ad:44:e8:dc:10:57:30:18:df:e1:38:6d:8d:
aa:62:01:6b:d9:0b:19:04:b6:b4:2b:c5:cd:87:5e:
da:11:81:60:de:04:7f:40:3f:d2:fe:48:08:0d:32:
7c:03:14:53:d1:0c:ea:a4:36:ed:d7:9d:43:ff:ee:
61:76:4b:f2:4d:4e:19:ed:28:d8:1d:11:e6:68:b7:
b0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:EE:4E:F0:6C:70:82:6E:59:D0:FF:BE:98:73:A8:84:4E:27:1D:82
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/6e5O8Gxwgm5Z0P--mHOohE4nHYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:c6:bf:25:f6:e4:f6:93:2a:2f:ab:5e:9a:f1:1a:6c:80:e3:
d9:2a:3e:25:1a:ac:9b:dc:ab:cc:f1:61:0d:17:87:57:fe:27:
85:c2:bc:d5:38:3d:bc:55:82:be:98:5f:e4:c4:c5:84:5a:71:
c9:80:0d:c1:d1:44:96:b9:d8:92:c1:65:4a:99:aa:70:1c:59:
c9:b3:d5:66:5d:63:61:08:75:57:fb:0e:28:00:f4:b4:00:7d:
23:f4:e7:2d:33:57:74:be:36:a9:e4:3f:4d:69:1a:4d:e6:ac:
84:de:ef:29:f6:43:79:f2:22:27:1d:a3:e2:05:9b:1c:c7:db:
fb:6b:00:76:8d:f7:63:4c:db:86:86:20:42:e5:29:65:4f:6b:
aa:4d:0b:49:ee:5e:2f:39:83:9c:b0:67:88:bb:e0:65:25:a8:
f3:ba:71:18:9d:c4:e0:d7:f2:9a:e0:3a:c3:be:b0:b6:40:00:
01:74:2c:2f:a7:57:9c:9c:e7:f0:39:01:ea:6a:33:d2:5b:b9:
cd:54:ec:49:8d:cd:83:2b:2e:31:b3:f3:fc:fa:2f:17:ae:72:
e5:d1:a9:13:1c:b6:3a:94:e5:7d:db:a2:67:5d:66:1a:d3:90:
f9:94:10:73:3b:5d:71:59:23:2b:f4:dd:c0:f4:44:ef:9c:7d:
e0:35:61:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsKdGwNroq8wAKiF3f1ZrvxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MTQwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWVlNGVmMDZjNzA4MjZlNTlkMGZmYmU5ODczYTg4NDRlMjcxZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDWQ4g+SoaP2kT8lVNZANFxG9gwT
ziMVvDA9cQ+b6tWZxEof4hEgB1a/tsx9z/Fpv52E5DNtGwe8eqA6n/r3TB4DP4Zk
SfFUeVkBopyOgQwmJhGLOxWTYa2Qth3URdvFyyrH12t8aqvpPLkaIAbjIFPpOkUH
jg8w+rwnYfGzf+pX+x2PYTLYh8uDBqfU0Oq+1MpSIGCARJ9wS4FmujPHFq2agx+P
wRdkf6vqxTRqWc6wG2FDB61E6NwQVzAY3+E4bY2qYgFr2QsZBLa0K8XNh17aEYFg
3gR/QD/S/kgIDTJ8AxRT0QzqpDbt151D/+5hdkvyTU4Z7SjYHRHmaLewuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOnuTvBscIJuWdD/vphzqIROJx2CMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNmU1TzhHeHdnbTVaMFAtLW1IT29oRTRuSFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACzGvyX25PaTKi+rXprx
GmyA49kqPiUarJvcq8zxYQ0Xh1f+J4XCvNU4PbxVgr6YX+TExYRaccmADcHRRJa5
2JLBZUqZqnAcWcmz1WZdY2EIdVf7DigA9LQAfSP05y0zV3S+NqnkP01pGk3mrITe
7yn2Q3nyIicdo+IFmxzH2/trAHaN92NM24aGIELlKWVPa6pNC0nuXi85g5ywZ4i7
4GUlqPO6cRidxODX8prgOsO+sLZAAAF0LC+nV5yc5/A5AepqM9Jbuc1U7EmNzYMr
LjGz8/z6LxeucuXRqRMctjqU5X3bomddZhrTkPmUEHM7XXFZIyv03cD0RO+cfeA1
Yc0=
-----END CERTIFICATE-----
Generated at Wed Jun 18 23:42:10 2025 by rpki-client