Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Do1HvIjLKVU39KvriSlT8McN6Qw.roa
File: Do1HvIjLKVU39KvriSlT8McN6Qw.roa (raw, json)
Hash identifier: bTLX61bmfAGgEPojSBPwhMqON56fMlGCnZp3q42j08w=
Subject key identifier: 0E:8D:47:BC:88:CB:29:55:37:F4:AB:EB:89:29:53:F0:C7:0D:E9:0C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B36DF7505FC0DC4727A1DFE066593A79F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Do1HvIjLKVU39KvriSlT8McN6Qw.roa
Signing time: Mon 16 Oct 2023 05:04:56 +0000
ROA not before: Mon 16 Oct 2023 05:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:36df:166c/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:36:df:75:05:fc:0d:c4:72:7a:1d:fe:06:65:93:a7:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 05:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e8d47bc88cb295537f4abeb892953f0c70de90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1b:13:4a:eb:20:79:a2:e0:fe:64:11:9d:a1:
e1:3d:3a:fe:f3:06:e9:db:27:33:72:15:43:e7:4c:
05:8f:bf:ae:ba:18:a6:eb:6c:70:8f:97:6a:f2:74:
dc:c5:f3:cd:1c:05:6f:dd:e7:4c:cb:0d:ec:c9:4b:
18:c1:8a:fe:c0:a6:17:13:19:87:3d:32:db:95:99:
5f:1d:d0:ef:d6:d3:aa:65:0e:6d:ca:bf:fb:02:bd:
aa:7c:ea:1c:10:36:bf:fe:fe:9a:65:d7:22:93:e1:
d2:da:1e:9d:c1:c9:8e:da:7a:50:f8:36:1b:7e:3e:
c5:96:0b:c2:67:30:9a:9f:5d:c2:c9:31:89:1b:0b:
e4:ca:c5:6e:e4:96:5b:22:a7:fd:12:46:87:bb:a6:
5f:a2:1f:e0:31:2e:e9:d8:fa:1c:3b:9f:c0:fb:ae:
43:16:53:da:8c:24:86:e4:1d:35:52:c7:e6:27:61:
0d:e1:b2:53:c8:bd:64:74:4a:c8:46:a8:29:d6:ab:
42:e6:60:ad:82:d8:6c:6d:68:37:1c:ae:f4:34:5a:
46:93:c7:8d:34:7e:d6:04:46:2f:64:27:b1:a1:e6:
8e:4b:b9:13:6f:52:28:fe:3d:af:43:00:a3:75:a3:
c1:e6:7d:76:59:2b:83:75:7b:41:83:62:34:fe:bd:
5b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8D:47:BC:88:CB:29:55:37:F4:AB:EB:89:29:53:F0:C7:0D:E9:0C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Do1HvIjLKVU39KvriSlT8McN6Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:ab:36:4b:f8:06:64:2e:61:1e:32:9c:b1:19:d1:77:1b:8b:
76:33:db:34:c4:c0:2f:63:3c:c8:27:31:ac:02:e3:65:1a:cc:
64:66:a2:9a:e3:d4:5d:c0:7a:b9:9f:c2:0f:a4:e3:9b:06:d3:
c8:cd:d2:05:6c:49:9d:28:b2:4e:47:82:0e:d2:24:88:4e:05:
c7:ed:65:40:87:8a:40:a7:0a:23:5b:f4:fb:c0:d2:df:80:39:
4a:eb:78:bb:88:c0:c9:a8:4b:c8:8b:ec:f8:eb:36:75:7d:16:
10:fd:39:d5:96:9b:20:62:51:d8:75:a9:5f:a0:3a:8a:16:4c:
9e:78:d5:12:62:9c:09:9f:c2:fa:a7:9f:7a:a6:20:39:77:02:
c9:23:d0:05:bf:f7:1f:d5:f9:6f:70:ec:45:50:68:c4:f5:bd:
0e:bd:83:f6:2b:54:61:f3:80:21:42:a6:3d:ea:39:61:9a:62:
63:ce:50:b8:fc:68:24:b1:57:6d:47:aa:26:d9:e6:41:b5:fe:
0a:b8:d9:bb:c8:6d:b8:ae:53:8d:04:f6:43:a8:d1:96:9d:94:
75:e0:84:e6:ee:01:99:a4:a5:bd:3c:fb:e5:a6:af:0b:59:77:
6e:ad:e0:0e:f6:f3:1f:16:aa:07:cb:cd:83:6a:be:63:c7:91:
ec:d3:ab:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs233UF/A3Ecnod/gZlk6efMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MDUwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZThkNDdiYzg4Y2IyOTU1MzdmNGFiZWI4OTI5NTNmMGM3MGRlOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBsTSusgeaLg/mQRnaHhPTr+8wbp
2yczchVD50wFj7+uuhim62xwj5dq8nTcxfPNHAVv3edMyw3syUsYwYr+wKYXExmH
PTLblZlfHdDv1tOqZQ5tyr/7Ar2qfOocEDa//v6aZdcik+HS2h6dwcmO2npQ+DYb
fj7FlgvCZzCan13CyTGJGwvkysVu5JZbIqf9EkaHu6Zfoh/gMS7p2PocO5/A+65D
FlPajCSG5B01UsfmJ2EN4bJTyL1kdErIRqgp1qtC5mCtgthsbWg3HK70NFpGk8eN
NH7WBEYvZCexoeaOS7kTb1Io/j2vQwCjdaPB5n12WSuDdXtBg2I0/r1bJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA6NR7yIyylVN/Sr64kpU/DHDekMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRG8xSHZJakxLVlUzOUt2cmlTbFQ4TWNONlF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKerNkv4BmQuYR4ynLEZ
0Xcbi3Yz2zTEwC9jPMgnMawC42UazGRmoprj1F3Aermfwg+k45sG08jN0gVsSZ0o
sk5Hgg7SJIhOBcftZUCHikCnCiNb9PvA0t+AOUrreLuIwMmoS8iL7PjrNnV9FhD9
OdWWmyBiUdh1qV+gOooWTJ541RJinAmfwvqnn3qmIDl3Askj0AW/9x/V+W9w7EVQ
aMT1vQ69g/YrVGHzgCFCpj3qOWGaYmPOULj8aCSxV21HqibZ5kG1/gq42bvIbbiu
U40E9kOo0ZadlHXghObuAZmkpb08++WmrwtZd26t4A728x8WqgfLzYNqvmPHkezT
qzQ=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:29:22 2025 by rpki-client