Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9pwzlAcu-agyu43p1s7VIw8c4kU.roa
File: 9pwzlAcu-agyu43p1s7VIw8c4kU.roa (raw, json)
Hash identifier: e/SXqCPnqNX+u0f9CKl4mmEslgVw/ENM2Z9thJGoEzQ=
Subject key identifier: F6:9C:33:94:07:2E:F9:A8:32:BB:8D:E9:D6:CE:D5:23:0F:1C:E2:45
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C60EBAA03ED4543C1ACDEC3615181D3D3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9pwzlAcu-agyu43p1s7VIw8c4kU.roa
Signing time: Wed 13 Dec 2023 02:05:06 +0000
ROA not before: Wed 13 Dec 2023 02:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18c:60ea:bded/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:60:eb:aa:03:ed:45:43:c1:ac:de:c3:61:51:81:d3:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 02:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f69c3394072ef9a832bb8de9d6ced5230f1ce245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2c:97:c5:f0:3c:69:c7:08:b7:00:32:c6:c4:
3e:81:99:f8:81:f0:94:2d:7f:6e:68:f3:17:6e:87:
3c:9d:30:ce:15:19:c1:d9:c1:61:09:80:97:5c:a7:
c6:36:34:86:61:57:2c:ae:b4:4f:2a:8e:ac:8e:82:
71:a4:e3:7e:f8:42:3f:05:93:23:4e:3f:91:b3:de:
c3:90:c6:0c:39:0d:82:bc:c0:7d:20:c5:58:8d:eb:
8a:5c:70:4c:40:a4:80:11:11:20:1d:9b:0f:22:52:
62:d5:79:23:d1:b3:c4:7c:e7:c0:67:ee:80:ae:bf:
50:78:02:fa:7d:fe:3c:17:d8:9c:27:5a:bd:b6:8b:
ce:92:a6:e2:5f:ac:c5:6a:59:27:e7:b0:b5:a9:97:
c1:9c:c8:03:f9:32:ca:cc:18:8d:ec:60:2f:e6:36:
d1:c5:a2:2e:1e:de:e9:f3:11:2d:f6:b3:63:61:b0:
4e:13:73:62:3f:1d:51:16:58:10:5e:93:5a:24:d2:
32:f0:fb:8a:2f:82:93:56:fd:29:f4:96:eb:e5:33:
25:ee:c4:30:34:95:6f:a8:d6:84:e5:82:ca:77:f0:
46:bb:4f:9d:bd:d9:ba:26:65:d3:d1:fc:67:9f:8e:
f6:46:fc:a7:d7:bc:85:93:13:5c:a7:d1:80:32:de:
34:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:9C:33:94:07:2E:F9:A8:32:BB:8D:E9:D6:CE:D5:23:0F:1C:E2:45
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9pwzlAcu-agyu43p1s7VIw8c4kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:28:25:96:9c:68:7b:cf:0e:80:f7:da:4a:24:ee:24:97:88:
1d:1f:a6:59:91:9c:45:f6:3f:87:6c:b7:01:b0:5c:17:15:71:
9c:42:45:a6:ec:27:0a:44:fe:84:77:8f:74:f8:52:03:9a:7d:
5c:88:6b:ac:90:39:37:83:1c:a1:e3:d0:fa:8e:42:4c:63:20:
71:e6:d8:34:f5:69:f0:0c:e1:4b:a0:34:f4:b8:ec:a3:0f:90:
15:49:d1:1a:32:b1:d4:9d:98:b9:02:d7:1a:1f:50:a3:d6:55:
ab:c8:78:b2:ce:c0:4f:8d:69:b4:3c:ce:e6:9c:18:e6:41:ee:
9f:ec:47:21:e8:28:4f:a2:4a:b1:c4:67:a4:1d:76:10:77:18:
37:15:ee:fc:5b:98:fb:2d:61:ee:0b:39:ce:67:d9:fc:19:bc:
f2:ba:f2:aa:17:9f:cf:73:6f:1e:f7:dc:c0:8c:69:87:d7:99:
b6:09:4f:42:74:c4:6f:2e:98:cb:03:1f:62:3e:1c:ff:26:21:
60:68:c2:34:55:86:25:7a:84:e1:c7:3b:09:ac:58:52:07:da:
24:4b:a1:9e:99:5b:d1:47:19:05:23:87:aa:59:ab:f0:5e:9d:
6d:72:a7:98:de:7d:c3:7f:7e:0e:49:42:66:1c:bb:60:72:b5:
ed:e5:77:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxg66oD7UVDwazew2FRgdPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMDIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjljMzM5NDA3MmVmOWE4MzJiYjhkZTlkNmNlZDUyMzBmMWNlMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SyXxfA8accItwAyxsQ+gZn4gfCU
LX9uaPMXboc8nTDOFRnB2cFhCYCXXKfGNjSGYVcsrrRPKo6sjoJxpON++EI/BZMj
Tj+Rs97DkMYMOQ2CvMB9IMVYjeuKXHBMQKSAEREgHZsPIlJi1Xkj0bPEfOfAZ+6A
rr9QeAL6ff48F9icJ1q9tovOkqbiX6zFalkn57C1qZfBnMgD+TLKzBiN7GAv5jbR
xaIuHt7p8xEt9rNjYbBOE3NiPx1RFlgQXpNaJNIy8PuKL4KTVv0p9Jbr5TMl7sQw
NJVvqNaE5YLKd/BGu0+dvdm6JmXT0fxnn472Rvyn17yFkxNcp9GAMt40lwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPacM5QHLvmoMruN6dbO1SMPHOJFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOXB3emxBY3UtYWd5dTQzcDFzN1ZJdzhjNGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFYoJZacaHvPDoD32kok
7iSXiB0fplmRnEX2P4dstwGwXBcVcZxCRabsJwpE/oR3j3T4UgOafVyIa6yQOTeD
HKHj0PqOQkxjIHHm2DT1afAM4UugNPS47KMPkBVJ0RoysdSdmLkC1xofUKPWVavI
eLLOwE+NabQ8zuacGOZB7p/sRyHoKE+iSrHEZ6QddhB3GDcV7vxbmPstYe4LOc5n
2fwZvPK68qoXn89zbx733MCMaYfXmbYJT0J0xG8umMsDH2I+HP8mIWBowjRVhiV6
hOHHOwmsWFIH2iRLoZ6ZW9FHGQUjh6pZq/BenW1yp5jefcN/fg5JQmYcu2Byte3l
d24=
-----END CERTIFICATE-----
Generated at Fri Jun 20 23:56:10 2025 by rpki-client