Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/70TpFAeKdH-4BHwf0yfwIhwAV4o.roa
File: 70TpFAeKdH-4BHwf0yfwIhwAV4o.roa (raw, json)
Hash identifier: Xcr04sfMEknVy4FPiuacXpb5seO4GaOCX/v4Y2Vz1Hw=
Subject key identifier: EF:44:E9:14:07:8A:74:7F:B8:04:7C:1F:D3:27:F0:22:1C:00:57:8A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B7A453D7FE6D2411BA28BC7FC7AC0B503
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/70TpFAeKdH-4BHwf0yfwIhwAV4o.roa
Signing time: Sun 29 Oct 2023 07:10:39 +0000
ROA not before: Sun 29 Oct 2023 07:10:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:7a3f:8701/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7a:45:3d:7f:e6:d2:41:1b:a2:8b:c7:fc:7a:c0:b5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 07:10:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef44e914078a747fb8047c1fd327f0221c00578a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0d:e6:d6:67:21:8f:1a:fe:83:3f:21:e6:0a:
d5:48:0b:ac:f2:5f:fd:6d:19:92:1c:23:9e:af:b2:
f8:94:5f:1a:39:47:c9:3e:e5:5f:08:b0:16:91:2b:
e0:53:b1:64:58:89:8e:39:c5:5a:c3:20:f1:87:5f:
d6:a4:ad:9d:15:e6:68:f3:96:e8:11:d4:79:50:28:
9c:f8:61:d4:84:d6:0b:e5:a1:e0:a3:6c:7a:8b:e8:
e1:45:b7:c0:6b:5d:af:90:67:e6:df:19:ab:0b:e9:
79:1a:8c:a5:4a:9e:30:c3:32:e2:eb:18:17:5b:fa:
2c:8c:b4:7c:48:73:46:c3:be:2d:8c:40:d4:9f:6d:
c0:07:f5:4f:e3:c5:72:01:bd:63:c8:d4:fb:b1:47:
36:2b:64:00:b4:66:25:e7:35:2d:4b:0f:72:33:fe:
38:12:6d:e4:ba:b1:09:c8:87:49:77:bd:ca:08:d7:
6e:9a:1b:7a:e1:0b:bf:e2:98:e5:01:8d:72:c0:16:
1c:97:9f:d9:f4:32:8c:ce:51:8e:6b:44:af:7b:5f:
91:bc:17:c7:bd:e7:c2:1e:fa:f3:4e:62:a9:ff:86:
4b:6a:c0:3d:9d:54:d2:32:8f:69:cd:b8:07:57:2f:
7f:12:52:07:92:40:fe:87:54:d5:e0:b3:de:4a:33:
9d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:44:E9:14:07:8A:74:7F:B8:04:7C:1F:D3:27:F0:22:1C:00:57:8A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/70TpFAeKdH-4BHwf0yfwIhwAV4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:4b:ca:39:34:e1:c5:e4:61:d0:3a:9d:ef:24:08:ff:c4:c8:
cb:07:42:3a:db:c7:3f:ca:9f:8a:3e:a0:75:e9:27:3f:97:8c:
b8:28:2f:c4:d3:87:03:2c:24:83:92:d1:4f:b0:5f:9a:3e:e0:
a0:49:91:f7:36:74:d3:9e:35:47:fc:d9:df:0f:52:de:39:9e:
4a:df:ba:19:75:51:43:2c:a6:ce:0b:14:97:4e:2c:7f:57:4a:
00:e9:13:5d:57:98:71:42:bb:5a:e0:2a:a2:9f:12:dd:43:5c:
9e:e6:0e:6e:80:fa:39:8f:ff:e2:34:2d:d0:19:af:c3:e5:52:
5d:88:c4:31:29:d6:ea:29:9d:5e:e9:d6:19:9c:09:fe:71:ab:
34:9f:e5:41:b3:eb:14:1c:5a:46:c6:18:fd:a7:80:c8:05:c0:
f6:44:ea:21:04:3a:7a:62:a6:a6:40:d2:d8:aa:8e:0e:c8:02:
39:0f:ad:c5:86:66:80:51:9b:4d:fb:51:b2:94:b5:5f:ba:c8:
31:16:ef:50:b6:b5:af:5d:56:01:98:3f:06:f7:50:45:37:7f:
af:dc:c1:4f:d5:f8:64:98:1b:3b:a3:aa:74:ab:0e:a5:1e:ec:
14:34:d0:eb:99:e5:42:1f:7c:ae:cf:3f:94:54:69:37:44:02:
70:08:30:61
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt6RT1/5tJBG6KLx/x6wLUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MDcxMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjQ0ZTkxNDA3OGE3NDdmYjgwNDdjMWZkMzI3ZjAyMjFjMDA1NzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA3m1mchjxr+gz8h5grVSAus8l/9
bRmSHCOer7L4lF8aOUfJPuVfCLAWkSvgU7FkWImOOcVawyDxh1/WpK2dFeZo85bo
EdR5UCic+GHUhNYL5aHgo2x6i+jhRbfAa12vkGfm3xmrC+l5GoylSp4wwzLi6xgX
W/osjLR8SHNGw74tjEDUn23AB/VP48VyAb1jyNT7sUc2K2QAtGYl5zUtSw9yM/44
Em3kurEJyIdJd73KCNdumht64Qu/4pjlAY1ywBYcl5/Z9DKMzlGOa0Sve1+RvBfH
vefCHvrzTmKp/4ZLasA9nVTSMo9pzbgHVy9/ElIHkkD+h1TV4LPeSjOdzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO9E6RQHinR/uAR8H9Mn8CIcAFeKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNzBUcEZBZUtkSC00Qkh3ZjB5ZndJaHdBVjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHBLyjk04cXkYdA6ne8k
CP/EyMsHQjrbxz/Kn4o+oHXpJz+XjLgoL8TThwMsJIOS0U+wX5o+4KBJkfc2dNOe
NUf82d8PUt45nkrfuhl1UUMsps4LFJdOLH9XSgDpE11XmHFCu1rgKqKfEt1DXJ7m
Dm6A+jmP/+I0LdAZr8PlUl2IxDEp1uopnV7p1hmcCf5xqzSf5UGz6xQcWkbGGP2n
gMgFwPZE6iEEOnpipqZA0tiqjg7IAjkPrcWGZoBRm037UbKUtV+6yDEW71C2ta9d
VgGYPwb3UEU3f6/cwU/V+GSYGzujqnSrDqUe7BQ00OuZ5UIffK7PP5RUaTdEAnAI
MGE=
-----END CERTIFICATE-----
Generated at Thu Jun 19 12:46:39 2025 by rpki-client