Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/L3oyrFTvYZ8dEyvnzbta-GDVTiE.roa
File: L3oyrFTvYZ8dEyvnzbta-GDVTiE.roa (raw, json)
Hash identifier: KBujGjtfhqy/V5rQkSH2rVyUC1UF9Wqz2pg2u0Oqsq0=
Subject key identifier: 2F:7A:32:AC:54:EF:61:9F:1D:13:2B:E7:CD:BB:5A:F8:60:D5:4E:21
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B12D2C112A67DFC375E94F12D9BA6B9ED
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/L3oyrFTvYZ8dEyvnzbta-GDVTiE.roa
Signing time: Mon 09 Oct 2023 05:04:43 +0000
ROA not before: Mon 09 Oct 2023 05:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:12d2:b3b3/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:12:d2:c1:12:a6:7d:fc:37:5e:94:f1:2d:9b:a6:b9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 05:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f7a32ac54ef619f1d132be7cdbb5af860d54e21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7a:d2:60:82:50:aa:b2:6a:e0:5f:59:85:12:
23:84:ef:ec:4d:a6:b0:13:ab:9f:6a:62:48:5f:41:
12:db:ae:b6:25:2a:7d:b4:d8:16:c4:c5:ad:f0:cd:
ad:ed:2f:6a:8b:6d:28:e4:f5:50:8e:a4:2b:8f:29:
2e:01:e1:f5:58:14:8f:d3:20:32:1d:41:57:86:24:
00:c1:57:44:2c:ce:e7:ed:0e:0f:5e:e9:36:42:53:
ea:ea:dc:b7:b3:15:24:ec:06:90:f5:8a:17:d4:f8:
96:09:20:f2:13:8f:78:aa:16:bb:cf:51:59:55:91:
e0:fd:81:67:b1:cb:af:0c:27:15:e7:09:12:38:82:
ab:15:9b:08:08:c2:6c:ee:37:0b:d1:23:9b:c0:a0:
f6:5e:51:3e:09:09:c7:56:2b:0c:7c:0f:63:8d:52:
2e:36:46:0c:6b:31:af:25:50:3a:75:48:13:f4:ad:
f2:13:7f:49:8d:97:60:63:47:ee:9d:24:fe:ab:42:
38:93:17:97:3a:c9:56:ca:40:3b:52:08:01:dc:b0:
0e:5f:e7:0a:20:1c:fc:1b:07:9e:89:79:90:f3:df:
b6:b2:69:da:50:c6:06:27:ac:5e:5c:56:a4:c0:fc:
b9:88:c3:2e:23:ec:5a:d0:fa:86:97:8a:98:74:65:
fb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7A:32:AC:54:EF:61:9F:1D:13:2B:E7:CD:BB:5A:F8:60:D5:4E:21
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/L3oyrFTvYZ8dEyvnzbta-GDVTiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:2f:61:5f:c4:d1:b7:1d:45:cf:3a:2f:12:0d:7d:79:af:dc:
8c:5f:26:6d:54:84:51:8d:87:b8:02:fa:a3:46:13:0e:00:b3:
37:27:d8:f9:f7:36:90:08:8b:4c:fc:36:f1:02:a5:a6:1b:da:
76:24:8e:2d:8c:9b:1f:82:d1:83:38:c8:74:42:91:57:0d:d3:
4d:2b:f2:ad:de:a8:96:8a:42:7f:4f:34:41:2e:02:8e:ff:d3:
2f:92:ec:0b:72:f4:9d:36:13:57:66:82:8f:2d:39:8e:27:09:
b4:da:e9:47:6c:8d:23:8d:a3:02:26:0c:26:f5:36:75:c9:e2:
d4:18:e9:b1:dc:28:d8:35:0b:95:cd:76:0a:ca:36:d8:42:dd:
d1:58:f0:ad:7b:d5:18:c2:c2:80:44:1a:34:8a:5c:8d:11:03:
c1:2c:10:1f:03:a1:97:04:89:f4:8f:13:05:e9:85:03:a6:2b:
81:bb:25:60:60:b6:63:b2:0b:7e:ee:4d:b9:12:5b:2d:27:c7:
25:df:42:18:14:7a:7e:3c:7c:68:52:ce:d4:4d:83:d0:16:66:
1d:0b:6e:6d:5d:31:5b:74:a0:27:26:7e:aa:d1:37:b3:c3:ea:
c1:35:cd:a4:c1:55:f6:70:00:d3:cb:10:1c:f8:57:d1:10:33:
f8:f4:0f:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsS0sESpn38N16U8S2bprntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MDUwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjdhMzJhYzU0ZWY2MTlmMWQxMzJiZTdjZGJiNWFmODYwZDU0ZTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nrSYIJQqrJq4F9ZhRIjhO/sTaaw
E6ufamJIX0ES2662JSp9tNgWxMWt8M2t7S9qi20o5PVQjqQrjykuAeH1WBSP0yAy
HUFXhiQAwVdELM7n7Q4PXuk2QlPq6ty3sxUk7AaQ9YoX1PiWCSDyE494qha7z1FZ
VZHg/YFnscuvDCcV5wkSOIKrFZsICMJs7jcL0SObwKD2XlE+CQnHVisMfA9jjVIu
NkYMazGvJVA6dUgT9K3yE39JjZdgY0funST+q0I4kxeXOslWykA7UggB3LAOX+cK
IBz8GweeiXmQ89+2smnaUMYGJ6xeXFakwPy5iMMuI+xa0PqGl4qYdGX7PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC96MqxU72GfHRMr5827Wvhg1U4hMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTDNveXJGVHZZWjhkRXl2bnpidGEtR0RWVGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ0vYV/E0bcdRc86LxIN
fXmv3IxfJm1UhFGNh7gC+qNGEw4Aszcn2Pn3NpAIi0z8NvECpaYb2nYkji2Mmx+C
0YM4yHRCkVcN000r8q3eqJaKQn9PNEEuAo7/0y+S7Aty9J02E1dmgo8tOY4nCbTa
6UdsjSONowImDCb1NnXJ4tQY6bHcKNg1C5XNdgrKNthC3dFY8K171RjCwoBEGjSK
XI0RA8EsEB8DoZcEifSPEwXphQOmK4G7JWBgtmOyC37uTbkSWy0nxyXfQhgUen48
fGhSztRNg9AWZh0Lbm1dMVt0oCcmfqrRN7PD6sE1zaTBVfZwANPLEBz4V9EQM/j0
D78=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:22:56 2025 by rpki-client