Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MWjrDAPJIDa4ysKAKl2r3HzjWd4.roa
File: MWjrDAPJIDa4ysKAKl2r3HzjWd4.roa (raw, json)
Hash identifier: u+lhWocHwJquOn8xle14PIOEv82rHpXv+wtTa4fzgXo=
Subject key identifier: 31:68:EB:0C:03:C9:20:36:B8:CA:C2:80:2A:5D:AB:DC:7C:E3:59:DE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0C99BDA6ADDEC58811E7DD756AA1286E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MWjrDAPJIDa4ysKAKl2r3HzjWd4.roa
Signing time: Sun 08 Oct 2023 00:04:44 +0000
ROA not before: Sun 08 Oct 2023 00:04:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:c99:4c06/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0c:99:bd:a6:ad:de:c5:88:11:e7:dd:75:6a:a1:28:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 00:04:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3168eb0c03c92036b8cac2802a5dabdc7ce359de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:7e:3f:41:35:64:7c:0d:5b:3b:91:0d:d0:8e:
bd:0b:ca:10:28:4f:de:f8:de:40:a2:1b:00:83:27:
f4:cf:c6:71:85:21:28:e5:5b:04:88:eb:4a:98:95:
d3:f5:e0:8c:61:78:ed:0a:5c:35:20:28:d0:5c:a0:
14:6b:ac:22:98:4a:b9:3a:8b:18:24:5a:7e:ec:9e:
5c:63:1e:23:7d:ed:be:a6:4b:bb:2f:c2:a1:f7:bd:
04:e7:1d:97:5a:cd:0d:23:5d:84:e5:d2:15:8b:f2:
66:02:31:8a:3b:ea:ac:5e:2f:9e:83:62:ac:ba:c9:
44:77:35:1f:11:1c:86:54:10:b3:a1:a4:26:d9:20:
d8:5c:5c:21:15:50:42:a9:0a:0c:4a:3a:27:68:45:
cb:67:c0:6b:56:3e:bf:de:ad:19:cd:96:d8:08:61:
76:b8:3c:cb:c5:e0:66:04:2a:f5:79:c3:24:88:88:
ce:68:fc:d6:20:d9:89:11:59:f7:33:a8:df:d1:99:
41:3e:7a:24:f0:7a:ea:7a:19:4c:2d:07:b0:c7:b3:
5c:83:52:1e:71:f3:5b:5c:ce:1f:c6:d5:fc:8f:c9:
aa:26:56:e6:55:b2:da:b9:88:89:e3:ba:46:54:26:
1b:be:9b:27:0f:23:25:42:a1:a4:3b:0d:75:8a:48:
31:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:68:EB:0C:03:C9:20:36:B8:CA:C2:80:2A:5D:AB:DC:7C:E3:59:DE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MWjrDAPJIDa4ysKAKl2r3HzjWd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:1f:f6:3d:f0:9b:38:92:9e:60:a9:b4:b5:c0:06:0e:3d:31:
b5:34:e0:70:b0:16:19:d1:85:a9:11:6f:e9:a9:9f:82:38:22:
55:d2:34:8c:9e:08:83:8f:49:3d:1f:20:b2:64:a7:5f:c5:64:
33:3c:ab:20:d3:25:0a:8d:98:c0:75:7f:34:c7:86:7d:43:43:
47:83:c1:d9:79:53:53:5b:01:16:b8:70:99:5e:c3:a9:1c:6e:
91:91:b1:72:6c:da:ee:1f:73:ba:d1:44:b3:b5:73:0c:35:04:
39:68:c9:9a:98:4f:b3:9d:7c:b1:33:99:c2:60:87:1a:76:04:
c1:96:42:17:8e:e6:86:c0:e2:95:34:c8:ea:29:a7:08:7f:4f:
26:03:6a:f0:be:f7:ff:aa:90:3c:4c:a3:37:5d:2f:b3:64:df:
2e:0f:47:a2:65:a0:53:70:9b:55:01:c0:fd:b9:6d:96:57:8f:
ce:9f:de:c0:5b:b5:d3:19:c5:f8:62:46:f7:c1:5d:5c:80:ee:
9d:90:77:45:1f:1c:f7:d1:3a:be:67:bc:44:1a:4b:1b:c3:eb:
0a:70:ea:27:0e:5e:c2:c0:0a:ca:31:29:6d:8a:ec:97:57:40:
05:e7:6c:d1:01:c5:01:90:a1:c2:88:32:3c:ee:e1:c1:2c:42:
15:ce:90:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsMmb2mrd7FiBHn3XVqoShuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MDAwNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY4ZWIwYzAzYzkyMDM2YjhjYWMyODAyYTVkYWJkYzdjZTM1OWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4n4/QTVkfA1bO5EN0I69C8oQKE/e
+N5AohsAgyf0z8ZxhSEo5VsEiOtKmJXT9eCMYXjtClw1ICjQXKAUa6wimEq5OosY
JFp+7J5cYx4jfe2+pku7L8Kh970E5x2XWs0NI12E5dIVi/JmAjGKO+qsXi+eg2Ks
uslEdzUfERyGVBCzoaQm2SDYXFwhFVBCqQoMSjonaEXLZ8BrVj6/3q0ZzZbYCGF2
uDzLxeBmBCr1ecMkiIjOaPzWINmJEVn3M6jf0ZlBPnok8HrqehlMLQewx7Ncg1Ie
cfNbXM4fxtX8j8mqJlbmVbLauYiJ47pGVCYbvpsnDyMlQqGkOw11ikgxuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDFo6wwDySA2uMrCgCpdq9x841neMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTVdqckRBUEpJRGE0eXNLQUtsMnIzSHpqV2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEsf9j3wmziSnmCptLXA
Bg49MbU04HCwFhnRhakRb+mpn4I4IlXSNIyeCIOPST0fILJkp1/FZDM8qyDTJQqN
mMB1fzTHhn1DQ0eDwdl5U1NbARa4cJlew6kcbpGRsXJs2u4fc7rRRLO1cww1BDlo
yZqYT7OdfLEzmcJghxp2BMGWQheO5obA4pU0yOoppwh/TyYDavC+9/+qkDxMozdd
L7Nk3y4PR6JloFNwm1UBwP25bZZXj86f3sBbtdMZxfhiRvfBXVyA7p2Qd0UfHPfR
Or5nvEQaSxvD6wpw6icOXsLACsoxKW2K7JdXQAXnbNEBxQGQocKIMjzu4cEsQhXO
kIQ=
-----END CERTIFICATE-----
Generated at Tue Jun 17 14:34:05 2025 by rpki-client