Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IUhNlPMMzyQCL6mbsFHjAenMJYE.roa
File: IUhNlPMMzyQCL6mbsFHjAenMJYE.roa (raw, json)
Hash identifier: e5vEyDiiCn/VtRdmjhzHJZTFqrYs3v+h4TXzUjW/O5Q=
Subject key identifier: 21:48:4D:94:F3:0C:CF:24:02:2F:A9:9B:B0:51:E3:01:E9:CC:25:81
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9F2D7C90287C6ECCA6A7F1D1A6412FA8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IUhNlPMMzyQCL6mbsFHjAenMJYE.roa
Signing time: Sun 05 Nov 2023 11:10:40 +0000
ROA not before: Sun 05 Nov 2023 11:10:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:9f27:e03f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9f:2d:7c:90:28:7c:6e:cc:a6:a7:f1:d1:a6:41:2f:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 11:10:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21484d94f30ccf24022fa99bb051e301e9cc2581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:96:f5:30:e9:ef:61:10:8c:1a:e1:0c:54:
d2:ce:92:d6:2d:de:0c:41:d2:e6:20:58:f8:ee:65:
2f:e7:0a:61:7d:1c:be:c5:da:a9:ba:49:bc:07:69:
8b:e1:b1:d1:5b:f4:e5:2b:d6:bc:3b:02:95:4e:ff:
e4:e9:d3:07:68:e2:89:26:13:fb:09:1c:35:fb:07:
66:56:90:e2:e3:6d:9b:49:ce:c6:e8:3f:81:6e:b1:
04:31:e5:1a:8c:1f:e4:7c:35:d1:4d:38:33:b3:3f:
12:be:41:5f:af:91:5e:5e:42:7e:bf:ca:13:77:2d:
6f:fe:e8:1e:aa:66:52:0b:db:d3:dc:16:05:f7:cf:
ff:08:79:ba:91:12:bb:b5:1c:b1:da:60:15:42:d8:
27:12:60:78:00:ca:3b:ca:9e:16:04:a9:de:50:b5:
87:6c:43:4a:b9:30:3e:55:ea:24:96:af:eb:fd:5d:
90:be:88:b8:26:4c:79:79:97:bf:31:c9:a6:01:c3:
f0:3a:95:28:7c:fb:2c:8c:dd:c4:0c:7f:cb:46:64:
2e:8a:d8:36:55:3f:23:1b:95:3d:13:a2:b4:de:3c:
65:c6:26:24:3d:cd:a2:ec:bf:10:57:b9:62:cb:88:
22:02:f3:85:a6:7c:56:57:a1:cf:ab:fc:c9:8d:d6:
29:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:48:4D:94:F3:0C:CF:24:02:2F:A9:9B:B0:51:E3:01:E9:CC:25:81
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/IUhNlPMMzyQCL6mbsFHjAenMJYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:e3:5c:32:4d:69:b4:e2:a4:dc:09:ce:4a:62:32:b7:87:3d:
dd:b1:de:df:c3:59:36:7b:fe:5b:25:6f:65:f4:a1:d0:c2:37:
f9:86:da:96:f3:c2:dc:bd:7a:5a:57:f0:b3:46:e7:fd:7f:47:
72:49:5a:07:54:9a:07:38:1e:45:46:89:08:ac:04:3e:17:5c:
71:5f:5f:d6:29:a8:bf:73:6d:fd:4f:b5:00:67:1c:b1:39:f1:
f2:ca:2a:f7:77:73:f4:a9:0c:d9:76:83:09:f8:22:db:d5:24:
91:bc:69:fc:17:e6:cf:00:1d:11:6d:4f:a9:15:d3:db:5e:05:
cf:97:57:2f:e5:12:91:06:a3:b3:51:f7:f9:29:8c:04:94:34:
2a:41:3d:49:6f:1c:2b:e6:d4:89:9c:fc:15:fe:ce:14:73:ed:
e6:e5:1e:bc:79:91:35:3e:7d:93:2e:46:c0:85:18:c0:e3:d9:
b3:0b:f3:12:b7:05:1b:40:ef:69:39:91:28:f9:9f:da:97:13:
be:d7:7c:1d:4d:1b:9e:f1:45:c0:6b:05:bc:4c:d3:3a:8c:86:
e0:5d:b5:9b:9c:4e:f1:9f:4b:c1:3f:1e:69:0a:cb:c7:25:2a:
9d:17:b0:d6:38:76:99:3f:cd:8a:61:e6:f3:4e:82:c7:29:76:
ce:2d:2e:8b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYufLXyQKHxuzKan8dGmQS+oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MTExMDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ4NGQ5NGYzMGNjZjI0MDIyZmE5OWJiMDUxZTMwMWU5Y2MyNTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2yW9TDp72EQjBrhDFTSzpLWLd4M
QdLmIFj47mUv5wphfRy+xdqpukm8B2mL4bHRW/TlK9a8OwKVTv/k6dMHaOKJJhP7
CRw1+wdmVpDi422bSc7G6D+BbrEEMeUajB/kfDXRTTgzsz8SvkFfr5FeXkJ+v8oT
dy1v/ugeqmZSC9vT3BYF98//CHm6kRK7tRyx2mAVQtgnEmB4AMo7yp4WBKneULWH
bENKuTA+Veoklq/r/V2Qvoi4Jkx5eZe/McmmAcPwOpUofPssjN3EDH/LRmQuitg2
VT8jG5U9E6K03jxlxiYkPc2i7L8QV7liy4giAvOFpnxWV6HPq/zJjdYpBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCFITZTzDM8kAi+pm7BR4wHpzCWBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvSVVoTmxQTU16eVFDTDZtYnNGSGpBZW5NSllFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPjXDJNabTipNwJzkpi
MreHPd2x3t/DWTZ7/lslb2X0odDCN/mG2pbzwty9elpX8LNG5/1/R3JJWgdUmgc4
HkVGiQisBD4XXHFfX9YpqL9zbf1PtQBnHLE58fLKKvd3c/SpDNl2gwn4ItvVJJG8
afwX5s8AHRFtT6kV09teBc+XVy/lEpEGo7NR9/kpjASUNCpBPUlvHCvm1Imc/BX+
zhRz7eblHrx5kTU+fZMuRsCFGMDj2bML8xK3BRtA72k5kSj5n9qXE77XfB1NG57x
RcBrBbxM0zqMhuBdtZucTvGfS8E/HmkKy8clKp0XsNY4dpk/zYph5vNOgscpds4t
Los=
-----END CERTIFICATE-----
Generated at Wed Jun 18 13:52:40 2025 by rpki-client