Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NEngcVn1PkNb1RsZofogp5Lb5ys.roa
File: NEngcVn1PkNb1RsZofogp5Lb5ys.roa (raw, json)
Hash identifier: YGf6ifq3vkz4Bva9yPC8JinY1xB60WLre7Zri14xLG0=
Subject key identifier: 34:49:E0:71:59:F5:3E:43:5B:D5:1B:19:A1:FA:20:A7:92:DB:E7:2B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB958290DFB90295936BC8F9984BB4E13
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NEngcVn1PkNb1RsZofogp5Lb5ys.roa
Signing time: Thu 21 Sep 2023 20:04:37 +0000
ROA not before: Thu 21 Sep 2023 20:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:b957:eb84/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b9:58:29:0d:fb:90:29:59:36:bc:8f:99:84:bb:4e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 21 20:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3449e07159f53e435bd51b19a1fa20a792dbe72b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b3:ee:f1:a7:2a:5b:e3:c1:6c:07:a6:bc:02:
07:2b:0a:04:22:c2:06:97:22:53:ff:41:e4:99:50:
65:7d:ac:1b:80:f3:d8:7e:10:65:52:c9:01:a5:45:
f1:df:a6:4b:00:90:0f:10:5f:49:78:e5:17:e7:0b:
2c:9c:38:7b:f7:ee:5e:08:af:27:0d:7d:9e:23:be:
b1:ce:7a:89:57:d3:60:67:39:c7:75:02:06:9a:21:
b9:e0:3f:64:bf:14:ea:ef:83:83:9c:67:9e:f8:a5:
9e:b9:e4:92:32:45:5a:cd:22:50:eb:73:7b:2d:f7:
d3:db:50:0e:9f:c7:96:c4:db:46:31:77:a6:03:24:
70:22:d5:e9:5e:aa:1f:b5:00:12:29:8b:c9:d2:5d:
9d:5b:b9:14:7a:59:0a:b0:ea:52:4e:ea:04:57:0e:
2c:2e:a5:ff:0f:ab:20:c1:1e:24:74:c3:43:eb:fa:
f4:f4:f3:4b:84:d2:36:8a:4d:aa:3c:ea:43:ea:84:
b8:af:76:97:79:8f:d1:f5:e8:87:e1:fa:54:2c:49:
af:4f:93:a1:3d:8a:24:ff:9b:d3:bb:6a:06:d7:53:
06:50:52:bc:0b:60:14:5f:8b:e1:1d:a6:34:b1:df:
4d:2e:24:0a:db:51:ac:c1:af:ae:30:1a:27:be:f5:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:49:E0:71:59:F5:3E:43:5B:D5:1B:19:A1:FA:20:A7:92:DB:E7:2B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/NEngcVn1PkNb1RsZofogp5Lb5ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:d2:5e:d4:96:60:bb:94:bc:42:7f:b2:f4:a1:b7:a1:f1:96:
e1:f1:c7:f3:53:93:f4:ed:fd:a5:7e:62:9c:ac:5f:ae:24:c5:
d9:de:fe:66:c4:28:ef:40:7c:af:d3:4c:a0:85:7c:79:8f:c1:
c0:29:d6:3f:d3:4a:83:d7:23:c1:b3:1b:ef:9e:fe:cb:c2:36:
c6:c4:85:5b:2e:01:8d:ca:96:3b:81:4b:bb:11:05:f7:11:25:
ca:1b:c4:c4:2b:c5:a9:2d:b7:32:79:4b:2e:82:e9:db:b1:68:
09:0d:55:08:1b:6c:02:b8:8b:2c:fe:ac:fe:10:55:8e:d8:b0:
a4:ad:30:91:6b:ac:47:ee:44:b8:27:da:88:cd:b4:cf:81:32:
f0:40:de:92:b3:a8:75:dd:bc:b0:9a:67:2c:4e:2e:6d:9e:32:
c9:12:fb:32:6c:44:b1:5d:18:ba:db:6a:fa:48:6e:fa:d0:52:
f8:d9:2c:25:93:77:22:df:72:07:36:40:c5:50:23:64:54:37:
a6:fc:cc:02:65:68:c4:ec:a4:5d:13:d8:9d:f9:63:0f:6b:00:
32:c7:b0:5b:ec:93:df:d8:fc:cb:20:64:0b:0d:48:e5:f3:fe:
f6:1e:2d:73:9b:18:f2:45:a2:51:0b:ce:5e:c6:12:dd:c9:c4:
9f:1b:eb:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq5WCkN+5ApWTa8j5mEu04TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIxMjAwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDQ5ZTA3MTU5ZjUzZTQzNWJkNTFiMTlhMWZhMjBhNzkyZGJlNzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLPu8acqW+PBbAemvAIHKwoEIsIG
lyJT/0HkmVBlfawbgPPYfhBlUskBpUXx36ZLAJAPEF9JeOUX5wssnDh79+5eCK8n
DX2eI76xznqJV9NgZznHdQIGmiG54D9kvxTq74ODnGee+KWeueSSMkVazSJQ63N7
LffT21AOn8eWxNtGMXemAyRwItXpXqoftQASKYvJ0l2dW7kUelkKsOpSTuoEVw4s
LqX/D6sgwR4kdMND6/r09PNLhNI2ik2qPOpD6oS4r3aXeY/R9eiH4fpULEmvT5Oh
PYok/5vTu2oG11MGUFK8C2AUX4vhHaY0sd9NLiQK21Gswa+uMBonvvWgaQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDRJ4HFZ9T5DW9UbGaH6IKeS2+crMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTkVuZ2NWbjFQa05iMVJzWm9mb2dwNUxiNXlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI/SXtSWYLuUvEJ/svSh
t6HxluHxx/NTk/Tt/aV+YpysX64kxdne/mbEKO9AfK/TTKCFfHmPwcAp1j/TSoPX
I8GzG++e/svCNsbEhVsuAY3KljuBS7sRBfcRJcobxMQrxakttzJ5Sy6C6duxaAkN
VQgbbAK4iyz+rP4QVY7YsKStMJFrrEfuRLgn2ojNtM+BMvBA3pKzqHXdvLCaZyxO
Lm2eMskS+zJsRLFdGLrbavpIbvrQUvjZLCWTdyLfcgc2QMVQI2RUN6b8zAJlaMTs
pF0T2J35Yw9rADLHsFvsk9/Y/MsgZAsNSOXz/vYeLXObGPJFolELzl7GEt3JxJ8b
6zM=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:30:08 2025 by rpki-client