Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RS87bTSS3ek7UQHC5x0mY5zgMl4.roa
File: RS87bTSS3ek7UQHC5x0mY5zgMl4.roa (raw, json)
Hash identifier: VEK035TwKGCjTc/GMSZZjOj9CflSmMQKdguohMRauP4=
Subject key identifier: 45:2F:3B:6D:34:92:DD:E9:3B:51:01:C2:E7:1D:26:63:9C:E0:32:5E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AED7CE4E17EBFE00F95B505197635E6F0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RS87bTSS3ek7UQHC5x0mY5zgMl4.roa
Signing time: Sun 01 Oct 2023 23:04:59 +0000
ROA not before: Sun 01 Oct 2023 23:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:ed7c:370c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ed:7c:e4:e1:7e:bf:e0:0f:95:b5:05:19:76:35:e6:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 23:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=452f3b6d3492dde93b5101c2e71d26639ce0325e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:31:f0:68:ef:d9:c8:1c:82:88:a4:07:cb:e8:
65:4c:31:22:b4:2c:b0:ac:93:49:79:81:62:09:d3:
8d:19:60:35:84:67:56:c2:58:4f:d1:4c:aa:59:6a:
f4:8b:2a:95:61:a7:96:17:ba:49:41:16:f6:21:79:
f3:31:3d:56:49:f0:80:9f:5a:1b:ba:1e:2c:31:fb:
f2:93:0c:23:57:ee:3e:4c:c5:2d:fd:13:1b:c6:33:
59:21:5e:cc:23:b8:a3:9f:b8:72:87:bd:29:4f:5d:
e0:88:67:1e:6e:85:41:ed:13:48:29:d9:38:94:21:
01:a4:6d:dc:f9:b4:0b:38:d5:62:2e:58:5a:83:1c:
f8:26:a2:85:5b:e8:8d:08:d4:f8:cf:e5:e9:61:35:
50:f4:20:a1:fd:8a:a2:27:42:b7:c9:75:18:99:d4:
28:23:c7:89:7f:cc:07:15:0a:ff:40:1e:eb:30:38:
fa:7e:c8:6c:95:be:7f:bf:13:f0:98:b6:1b:3f:8d:
52:16:a6:3a:63:50:0a:4f:5b:02:d8:31:d8:7f:fe:
b3:72:39:a6:a1:d4:43:20:eb:a5:af:ea:a7:fc:3a:
5f:ea:83:71:5f:fe:68:ae:82:79:b1:1c:e7:c3:a5:
04:e5:34:8b:1e:e3:e9:b6:6d:60:33:bc:c2:09:aa:
c5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:2F:3B:6D:34:92:DD:E9:3B:51:01:C2:E7:1D:26:63:9C:E0:32:5E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RS87bTSS3ek7UQHC5x0mY5zgMl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d1:00:c1:e0:43:6d:a9:3a:c2:43:9e:33:38:02:de:b1:16:ad:
56:5d:ff:3f:04:f1:58:a9:75:6f:4e:15:8b:71:f7:1c:91:02:
fc:be:74:43:52:e5:2c:93:09:75:10:29:ad:f2:c9:17:e8:f1:
db:69:76:e0:ec:97:6b:f6:9a:bf:f9:ba:ea:4d:ec:bb:a0:d8:
50:7c:8e:5c:25:3d:e0:f9:5f:0a:c7:3f:fd:b5:9a:c2:5e:7f:
6d:68:5a:24:3f:ef:03:71:b9:84:e8:34:75:2d:22:de:73:70:
ee:b8:b9:8c:53:ba:76:50:07:14:f2:37:0d:81:20:0c:40:9c:
be:eb:5e:9c:73:8e:ad:80:4a:a9:df:d3:77:6b:08:08:1b:25:
c4:c8:24:9c:12:7f:2d:de:81:5f:17:bd:47:45:ac:87:69:bf:
a8:ee:19:1b:d2:e4:ae:c7:c7:5e:10:e0:04:96:09:5a:ab:9f:
bc:43:65:52:79:10:dd:3c:04:2b:2e:75:7e:b6:3c:06:d7:c1:
61:0e:22:47:23:42:5e:43:ba:b4:12:88:0b:ad:7a:f2:5b:03:
72:a4:27:4f:7b:62:a7:46:f5:0e:20:aa:a5:82:ea:31:b8:fc:
4d:f6:ad:2c:1b:a6:d9:1a:1d:f0:96:5a:3e:c6:ce:bd:92:c2:
c0:7b:46:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrtfOThfr/gD5W1BRl2NebwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMjMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTJmM2I2ZDM0OTJkZGU5M2I1MTAxYzJlNzFkMjY2MzljZTAzMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DHwaO/ZyByCiKQHy+hlTDEitCyw
rJNJeYFiCdONGWA1hGdWwlhP0UyqWWr0iyqVYaeWF7pJQRb2IXnzMT1WSfCAn1ob
uh4sMfvykwwjV+4+TMUt/RMbxjNZIV7MI7ijn7hyh70pT13giGceboVB7RNIKdk4
lCEBpG3c+bQLONViLlhagxz4JqKFW+iNCNT4z+XpYTVQ9CCh/YqiJ0K3yXUYmdQo
I8eJf8wHFQr/QB7rMDj6fshslb5/vxPwmLYbP41SFqY6Y1AKT1sC2DHYf/6zcjmm
odRDIOulr+qn/Dpf6oNxX/5oroJ5sRznw6UE5TSLHuPptm1gM7zCCarF0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEUvO200kt3pO1EBwucdJmOc4DJeMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUlM4N2JUU1MzZWs3VVFIQzV4MG1ZNXpnTWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANEAweBDbak6wkOeMzgC
3rEWrVZd/z8E8VipdW9OFYtx9xyRAvy+dENS5SyTCXUQKa3yyRfo8dtpduDsl2v2
mr/5uupN7Lug2FB8jlwlPeD5XwrHP/21msJef21oWiQ/7wNxuYToNHUtIt5zcO64
uYxTunZQBxTyNw2BIAxAnL7rXpxzjq2ASqnf03drCAgbJcTIJJwSfy3egV8XvUdF
rIdpv6juGRvS5K7Hx14Q4ASWCVqrn7xDZVJ5EN08BCsudX62PAbXwWEOIkcjQl5D
urQSiAutevJbA3KkJ097YqdG9Q4gqqWC6jG4/E32rSwbptkaHfCWWj7Gzr2SwsB7
Rss=
-----END CERTIFICATE-----
Generated at Tue Jun 17 12:21:15 2025 by rpki-client