Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MjDlnb2KVwjJOC8fppGQEZucy1c.roa
File: MjDlnb2KVwjJOC8fppGQEZucy1c.roa (raw, json)
Hash identifier: 2UqbtZ63Bxe7Y7zAsIgxbXqFDCj5jS8JEJDXrXF4waU=
Subject key identifier: 32:30:E5:9D:BD:8A:57:08:C9:38:2F:1F:A6:91:90:11:9B:9C:CB:57
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1E3250CD0691A00E5E637097EA9A0634
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MjDlnb2KVwjJOC8fppGQEZucy1c.roa
Signing time: Wed 11 Oct 2023 10:04:55 +0000
ROA not before: Wed 11 Oct 2023 10:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:1e31:aee1/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:32:50:cd:06:91:a0:0e:5e:63:70:97:ea:9a:06:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 11 10:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3230e59dbd8a5708c9382f1fa69190119b9ccb57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:b9:55:86:a9:44:f3:37:f0:4c:51:93:7d:3f:
54:79:7d:6d:f3:63:68:20:ce:4d:35:70:c3:4e:74:
1c:7c:04:12:84:3a:4e:1f:a4:d9:c0:e4:f7:03:d6:
01:f7:ca:bd:72:c0:f6:ce:ba:5b:70:77:63:80:9c:
53:57:fd:a7:66:4d:7e:0a:e6:5d:1b:f4:79:d0:5c:
84:00:d5:27:da:0e:c8:68:da:eb:18:6d:bd:b4:cd:
a3:7d:fb:b7:8e:10:a1:75:5b:7e:47:3b:b9:8d:38:
aa:cd:fd:2c:9d:45:3a:c2:f9:d5:5d:9f:9a:ae:3a:
a4:60:76:e7:5f:f9:1c:dc:81:c0:58:12:60:2e:c4:
d7:75:fa:fc:82:0a:0e:bb:7d:67:e4:ad:ee:47:af:
9d:e7:63:23:57:20:bd:02:bc:ad:09:c2:87:b2:29:
38:e6:80:36:5e:25:4e:3c:50:9c:be:8d:3e:fc:09:
a6:dd:e0:57:42:f3:87:ec:cb:e8:bb:f5:d1:22:35:
b1:f3:ff:2b:56:be:15:75:0c:7d:72:d3:32:59:04:
31:70:29:77:1b:1b:b7:75:f1:e0:e5:33:43:ef:9b:
09:7e:94:3b:46:c4:85:0f:0f:79:90:71:08:ca:11:
c6:7e:5c:5a:96:ad:dd:64:a8:45:a2:cb:8b:2f:80:
ee:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:30:E5:9D:BD:8A:57:08:C9:38:2F:1F:A6:91:90:11:9B:9C:CB:57
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MjDlnb2KVwjJOC8fppGQEZucy1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:0c:02:eb:ca:5f:82:bf:8c:4b:26:8d:6a:de:98:a5:c3:8a:
22:64:3e:c1:c7:d6:23:60:8c:af:62:d6:f6:09:fb:2f:e9:6b:
ac:e3:27:5c:36:c6:ef:07:e1:8c:b4:10:ea:d4:09:24:8f:7f:
5f:90:2b:a9:89:6c:ef:6c:5f:c7:03:3a:44:50:d1:dc:12:46:
1b:49:56:c8:a6:de:67:3b:1f:2a:7d:2e:14:93:5f:f3:6d:94:
66:7e:72:3c:86:83:7d:ea:59:22:ca:1f:b1:e1:87:2b:e4:31:
c2:6e:20:8d:9a:14:aa:cb:35:fa:8d:55:e5:20:a6:cd:92:3c:
fb:17:c7:10:30:e0:0a:f4:67:90:a4:5e:2a:b1:45:60:c7:de:
71:3f:05:cc:f7:3b:d6:27:57:83:59:8d:46:5f:fd:16:27:42:
6f:81:0e:56:54:46:e7:f4:e2:0b:a1:45:af:af:4a:39:ae:77:
95:57:f7:73:48:23:78:0b:eb:8e:1e:c8:23:11:05:81:81:d9:
39:18:da:ff:3a:f1:f9:33:51:6f:a1:09:46:70:b9:cf:cd:c5:
fa:ca:76:36:85:dd:4e:7c:79:a2:9c:8e:06:26:d6:c8:c9:3f:
f8:63:36:82:7e:e6:fb:cb:90:ce:c5:88:d2:30:d9:c2:dd:9d:
a0:42:65:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYseMlDNBpGgDl5jcJfqmgY0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDExMTAwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjMwZTU5ZGJkOGE1NzA4YzkzODJmMWZhNjkxOTAxMTliOWNjYjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLlVhqlE8zfwTFGTfT9UeX1t82No
IM5NNXDDTnQcfAQShDpOH6TZwOT3A9YB98q9csD2zrpbcHdjgJxTV/2nZk1+CuZd
G/R50FyEANUn2g7IaNrrGG29tM2jffu3jhChdVt+Rzu5jTiqzf0snUU6wvnVXZ+a
rjqkYHbnX/kc3IHAWBJgLsTXdfr8ggoOu31n5K3uR6+d52MjVyC9ArytCcKHsik4
5oA2XiVOPFCcvo0+/Amm3eBXQvOH7Mvou/XRIjWx8/8rVr4VdQx9ctMyWQQxcCl3
Gxu3dfHg5TND75sJfpQ7RsSFDw95kHEIyhHGflxalq3dZKhFosuLL4DuWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDIw5Z29ilcIyTgvH6aRkBGbnMtXMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTWpEbG5iMktWd2pKT0M4ZnBwR1FFWnVjeTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGwMAuvKX4K/jEsmjWre
mKXDiiJkPsHH1iNgjK9i1vYJ+y/pa6zjJ1w2xu8H4Yy0EOrUCSSPf1+QK6mJbO9s
X8cDOkRQ0dwSRhtJVsim3mc7Hyp9LhSTX/NtlGZ+cjyGg33qWSLKH7HhhyvkMcJu
II2aFKrLNfqNVeUgps2SPPsXxxAw4Ar0Z5CkXiqxRWDH3nE/Bcz3O9YnV4NZjUZf
/RYnQm+BDlZURuf04guhRa+vSjmud5VX93NII3gL644eyCMRBYGB2TkY2v868fkz
UW+hCUZwuc/NxfrKdjaF3U58eaKcjgYm1sjJP/hjNoJ+5vvLkM7FiNIw2cLdnaBC
ZVA=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:25:13 2025 by rpki-client