Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RdEj-bPCo85VfMKptj31uNy7zDA.roa
File: RdEj-bPCo85VfMKptj31uNy7zDA.roa (raw, json)
Hash identifier: jwWBM3+RVKBD1bmtDEH6uZxELfD1KoHsFsssfZBsHrI=
Subject key identifier: 45:D1:23:F9:B3:C2:A3:CE:55:7C:C2:A9:B6:3D:F5:B8:DC:BB:CC:30
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0DE43F4E6A567E8995E5931C5919022E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RdEj-bPCo85VfMKptj31uNy7zDA.roa
Signing time: Sun 08 Oct 2023 06:05:44 +0000
ROA not before: Sun 08 Oct 2023 06:05:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:de3:94a9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0d:e4:3f:4e:6a:56:7e:89:95:e5:93:1c:59:19:02:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 06:05:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45d123f9b3c2a3ce557cc2a9b63df5b8dcbbcc30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fe:eb:38:2b:5f:95:41:95:7e:08:52:cc:13:
02:21:17:6f:d0:c4:e6:f5:17:58:12:62:7d:90:f9:
b0:0c:a9:04:2d:52:80:96:1c:5c:31:8d:a5:d2:3a:
f8:b9:34:33:d9:7f:30:4c:34:b7:ab:e2:7a:a9:71:
b3:24:5c:f5:92:d3:a2:55:51:a6:ad:08:da:66:ca:
88:bb:04:40:24:c8:fa:8f:cd:62:eb:f4:18:c5:ef:
7c:83:6a:c1:14:03:45:14:36:4f:77:78:3c:a3:3d:
70:62:62:ea:54:e2:b6:d4:c0:0c:d4:b7:45:6a:69:
53:27:4e:6c:f0:db:b5:a4:7b:00:ef:98:3b:de:02:
03:84:d2:4b:e2:aa:55:63:bf:2f:70:1a:d7:a6:93:
41:af:6f:a1:9e:0a:26:5a:33:c6:52:0d:8b:51:d7:
ac:ff:63:0b:37:53:b9:5d:3f:1f:7c:77:56:75:c4:
70:24:1a:65:c9:92:fc:a8:96:2e:b5:1b:88:96:ac:
17:6b:b5:39:2c:7f:34:89:2e:c4:4b:6f:c0:e6:1b:
fd:30:c9:5c:09:14:08:96:cd:f7:7e:ad:c9:3c:bc:
34:20:ae:9d:6f:18:0b:d5:f5:5f:c3:dd:88:51:af:
d6:5c:50:28:52:97:cf:85:46:d1:74:99:29:ba:d7:
99:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D1:23:F9:B3:C2:A3:CE:55:7C:C2:A9:B6:3D:F5:B8:DC:BB:CC:30
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/RdEj-bPCo85VfMKptj31uNy7zDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:94:4b:0b:02:6d:50:48:65:60:04:43:50:1a:fc:d9:f1:d0:
9b:56:fd:82:7a:82:67:ba:4b:a8:71:48:e8:17:a6:24:31:64:
7f:1e:46:68:8d:cc:b7:1b:a8:a3:28:3e:ee:cb:d3:61:6b:da:
9e:53:d6:41:97:5b:d5:b3:00:6b:45:67:a7:5a:f2:89:c1:57:
bb:60:e3:72:de:16:4e:a3:3a:e7:7d:2d:90:70:99:20:e7:b4:
fc:37:b0:6e:c0:52:8f:82:ba:96:f4:87:e5:60:fd:fa:aa:a3:
a6:a0:43:c4:a2:04:58:de:9e:ff:cd:20:41:6f:6c:eb:9b:f6:
04:a3:33:2c:bb:0c:d9:dd:e5:2b:e0:18:cb:a4:23:e9:aa:e3:
69:0f:38:bc:e3:6a:73:e5:3b:2b:ac:69:21:a7:60:9e:b5:2f:
59:37:a4:64:98:8d:86:7c:25:e7:c7:a5:61:ec:cb:7b:b1:49:
91:8c:db:1a:3f:b9:3d:e8:c2:d6:3c:e2:ab:d2:7d:e2:19:ed:
68:a3:f9:c3:2d:f9:43:9b:54:96:14:d9:fa:6e:d7:2e:fa:12:
c4:96:e8:1a:1b:16:76:f4:f4:3a:23:aa:fa:c2:27:09:b6:f7:
5e:ed:70:9c:d4:dc:ca:22:e5:44:9c:d8:ff:54:2d:c2:17:d4:
bd:1f:c4:97
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsN5D9OalZ+iZXlkxxZGQIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MDYwNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQxMjNmOWIzYzJhM2NlNTU3Y2MyYTliNjNkZjViOGRjYmJjYzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/7rOCtflUGVfghSzBMCIRdv0MTm
9RdYEmJ9kPmwDKkELVKAlhxcMY2l0jr4uTQz2X8wTDS3q+J6qXGzJFz1ktOiVVGm
rQjaZsqIuwRAJMj6j81i6/QYxe98g2rBFANFFDZPd3g8oz1wYmLqVOK21MAM1LdF
amlTJ05s8Nu1pHsA75g73gIDhNJL4qpVY78vcBrXppNBr2+hngomWjPGUg2LUdes
/2MLN1O5XT8ffHdWdcRwJBplyZL8qJYutRuIlqwXa7U5LH80iS7ES2/A5hv9MMlc
CRQIls33fq3JPLw0IK6dbxgL1fVfw92IUa/WXFAoUpfPhUbRdJkputeZewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEXRI/mzwqPOVXzCqbY99bjcu8wwMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUmRFai1iUENvODVWZk1LcHRqMzF1Tnk3ekRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAECUSwsCbVBIZWAEQ1Aa
/Nnx0JtW/YJ6gme6S6hxSOgXpiQxZH8eRmiNzLcbqKMoPu7L02Fr2p5T1kGXW9Wz
AGtFZ6da8onBV7tg43LeFk6jOud9LZBwmSDntPw3sG7AUo+Cupb0h+Vg/fqqo6ag
Q8SiBFjenv/NIEFvbOub9gSjMyy7DNnd5SvgGMukI+mq42kPOLzjanPlOyusaSGn
YJ61L1k3pGSYjYZ8JefHpWHsy3uxSZGM2xo/uT3owtY84qvSfeIZ7Wij+cMt+UOb
VJYU2fpu1y76EsSW6BobFnb09DojqvrCJwm2917tcJzU3Moi5USc2P9ULcIX1L0f
xJc=
-----END CERTIFICATE-----
Generated at Tue Jun 17 20:17:20 2025 by rpki-client