Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/R7U3UtHpZVT-Ve65mBR1LsFNrME.roa
File: R7U3UtHpZVT-Ve65mBR1LsFNrME.roa (raw, json)
Hash identifier: 0y2rJxhDsnHSYubl/A9wCz2TiHj1/OMWzKD5thE0yBA=
Subject key identifier: 47:B5:37:52:D1:E9:65:54:FE:55:EE:B9:98:14:75:2E:C1:4D:AC:C1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEEFD6AD288B6B3414C1EFE051EC93078
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/R7U3UtHpZVT-Ve65mBR1LsFNrME.roa
Signing time: Mon 02 Oct 2023 06:04:59 +0000
ROA not before: Mon 02 Oct 2023 06:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:eefc:dcb2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ee:fd:6a:d2:88:b6:b3:41:4c:1e:fe:05:1e:c9:30:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 06:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47b53752d1e96554fe55eeb99814752ec14dacc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:87:62:8e:9f:e4:b2:b3:9e:45:66:77:91:d7:
db:01:7c:68:fa:eb:63:a8:91:d9:6f:4d:ff:5f:5c:
1e:58:7d:33:09:b9:3c:8e:14:65:82:ce:69:cb:e5:
5f:36:ac:66:02:22:c0:b7:56:91:49:b1:26:c8:43:
74:50:6a:68:2e:be:6b:f8:68:6e:43:a5:c9:ea:3d:
78:52:5f:45:d9:e0:24:07:41:a2:69:ed:c1:bd:40:
54:13:d2:21:4c:67:74:41:26:3c:b9:49:af:3a:36:
ff:2c:e7:ec:2f:70:a4:1d:70:1e:79:82:fc:6a:3a:
17:96:a8:f9:b6:e1:28:ed:ad:10:7d:0a:ea:9a:82:
ac:42:18:53:a1:4f:a0:ba:90:59:68:25:7a:9f:07:
39:f9:6d:9f:eb:1c:8e:ad:91:d4:f2:c8:38:85:cc:
2e:49:91:ea:88:1f:67:11:15:5b:78:92:f3:e4:4c:
cc:83:ba:53:7f:60:39:e3:28:d1:9f:ff:9b:a6:6c:
52:a3:a0:80:1e:ce:b2:ac:be:58:42:7c:43:07:dc:
4e:48:95:39:fd:89:04:57:27:8a:92:f2:d1:54:f4:
da:a5:de:83:3d:5d:3a:d7:40:32:d8:77:7a:9a:21:
a6:b7:a0:ba:22:14:c3:14:1e:8b:0b:58:0f:55:26:
c8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B5:37:52:D1:E9:65:54:FE:55:EE:B9:98:14:75:2E:C1:4D:AC:C1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/R7U3UtHpZVT-Ve65mBR1LsFNrME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:80:57:fc:0c:8f:49:6f:65:f4:0a:46:0c:ba:70:a2:99:b5:
74:94:63:95:eb:a2:a1:2f:5c:20:99:2f:bf:5e:20:1d:5b:fd:
f6:f2:01:1f:60:40:bf:d1:93:15:54:1b:19:cd:ab:1f:fd:62:
ed:ee:10:92:d7:d1:6d:c2:98:22:cc:70:52:6b:14:36:dc:4d:
ef:40:ab:fc:07:f6:e2:f0:fd:a6:ba:16:89:9f:3f:54:19:3e:
d7:6c:e7:eb:7d:e8:03:54:95:c9:43:f3:0f:b5:7a:e7:d0:36:
83:a1:f1:5f:d0:95:e3:a0:a6:a3:43:49:24:50:36:2b:61:98:
62:0c:a3:d0:cf:41:fa:57:7d:c1:c9:39:1d:47:95:ff:69:73:
0b:93:21:3b:8e:b3:5c:eb:21:2d:dc:c2:52:42:ef:6e:d9:6a:
e6:ec:81:17:9c:44:28:89:69:e5:69:12:44:34:f1:61:d6:4b:
d0:d2:44:a6:9b:58:4b:2b:12:d9:22:22:e5:80:7c:6d:bb:58:
b3:00:91:77:76:9c:b8:9f:64:98:e4:5e:fc:8d:24:dd:63:7b:
6f:c5:46:7a:38:b1:70:d9:ea:c7:4f:d1:15:3f:9b:d5:7f:a5:
47:44:03:b6:63:40:e8:e2:0d:30:ea:0d:a1:57:14:f7:57:f7:
1b:5b:5c:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYru/WrSiLazQUwe/gUeyTB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMDYwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2I1Mzc1MmQxZTk2NTU0ZmU1NWVlYjk5ODE0NzUyZWMxNGRhY2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhodijp/ksrOeRWZ3kdfbAXxo+utj
qJHZb03/X1weWH0zCbk8jhRlgs5py+VfNqxmAiLAt1aRSbEmyEN0UGpoLr5r+Ghu
Q6XJ6j14Ul9F2eAkB0Giae3BvUBUE9IhTGd0QSY8uUmvOjb/LOfsL3CkHXAeeYL8
ajoXlqj5tuEo7a0QfQrqmoKsQhhToU+gupBZaCV6nwc5+W2f6xyOrZHU8sg4hcwu
SZHqiB9nERVbeJLz5EzMg7pTf2A54yjRn/+bpmxSo6CAHs6yrL5YQnxDB9xOSJU5
/YkEVyeKkvLRVPTapd6DPV0610Ay2Hd6miGmt6C6IhTDFB6LC1gPVSbIQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEe1N1LR6WVU/lXuuZgUdS7BTazBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUjdVM1V0SHBaVlQtVmU2NW1CUjFMc0ZOck1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIiAV/wMj0lvZfQKRgy6
cKKZtXSUY5XroqEvXCCZL79eIB1b/fbyAR9gQL/RkxVUGxnNqx/9Yu3uEJLX0W3C
mCLMcFJrFDbcTe9Aq/wH9uLw/aa6FomfP1QZPtds5+t96ANUlclD8w+1eufQNoOh
8V/QleOgpqNDSSRQNithmGIMo9DPQfpXfcHJOR1Hlf9pcwuTITuOs1zrIS3cwlJC
727ZaubsgRecRCiJaeVpEkQ08WHWS9DSRKabWEsrEtkiIuWAfG27WLMAkXd2nLif
ZJjkXvyNJN1je2/FRno4sXDZ6sdP0RU/m9V/pUdEA7ZjQOjiDTDqDaFXFPdX9xtb
XF0=
-----END CERTIFICATE-----
Generated at Tue Jun 17 17:18:35 2025 by rpki-client