Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S675x5mKL164P_ANoVL-NXT49Ag.roa
File: S675x5mKL164P_ANoVL-NXT49Ag.roa (raw, json)
Hash identifier: jyQIGlSyPm15JevVKhRnFOtbb6AF9PcSgGHDdjOAVAM=
Subject key identifier: 4B:AE:F9:C7:99:8A:2F:5E:B8:3F:F0:0D:A1:52:FE:35:74:F8:F4:08
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADD6505B1A5F7AFC8D0B4DE100672FFB2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S675x5mKL164P_ANoVL-NXT49Ag.roa
Signing time: Thu 28 Sep 2023 20:04:59 +0000
ROA not before: Thu 28 Sep 2023 20:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:dd64:6c76/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dd:65:05:b1:a5:f7:af:c8:d0:b4:de:10:06:72:ff:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 20:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4baef9c7998a2f5eb83ff00da152fe3574f8f408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ef:b6:bf:5e:df:2a:43:b6:34:12:8a:53:9d:
f7:5c:b8:9f:30:f9:bc:bb:5e:94:2b:c9:e7:72:0e:
4c:1d:e4:7d:95:1d:03:30:f1:15:90:68:61:b7:1f:
74:6e:ef:9d:30:35:44:b5:01:1c:40:48:fe:70:cb:
e9:c6:86:8b:36:6d:c0:5e:d2:ca:1f:c3:bf:06:e6:
3a:eb:3e:41:b1:ab:5d:e0:6c:24:e2:14:f2:4f:fb:
85:e8:e3:96:2e:9b:32:05:d2:48:12:ca:9a:5c:2d:
e7:e4:6b:45:a8:7e:63:47:5e:ff:eb:5f:ab:03:09:
d9:5c:67:c3:99:52:b0:7f:59:9b:49:cd:ba:a7:15:
f0:8b:76:38:d6:70:c3:16:06:96:4d:15:85:87:60:
f7:43:55:e0:2a:02:9d:64:7f:97:aa:ca:29:02:20:
71:31:cc:90:4a:d3:ba:fd:b9:74:2b:a2:1e:71:6a:
62:4c:cb:6f:b1:93:a4:a8:7c:77:1b:c3:07:bb:0a:
68:a4:88:86:d4:b8:74:dc:f0:0d:58:7e:bb:2a:85:
d5:3b:50:47:f7:d1:22:dc:46:1c:85:c0:0e:9c:3f:
85:0f:3e:3a:77:3e:82:08:f7:65:fa:2b:61:3b:70:
6b:ed:3f:9c:4b:f1:cd:b3:0e:da:88:47:2f:37:18:
80:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AE:F9:C7:99:8A:2F:5E:B8:3F:F0:0D:A1:52:FE:35:74:F8:F4:08
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/S675x5mKL164P_ANoVL-NXT49Ag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c1:88:e6:3d:1d:c8:c2:33:d3:70:9b:7c:6c:06:b5:e4:c3:b9:
b3:a9:07:b2:eb:cd:5e:0b:2e:d9:21:eb:ea:da:b9:dd:bb:2b:
0b:2d:34:cc:c6:19:5f:4b:95:fa:4f:24:43:4a:8a:05:19:c8:
b9:e9:9d:12:5b:ad:8f:79:76:be:e0:e7:be:68:1b:7d:66:0c:
98:f4:64:7c:5d:ce:0e:47:9b:d9:31:67:0b:63:dd:b6:06:45:
25:0f:34:c1:53:32:5f:ca:47:5c:13:b6:f0:01:63:8e:c0:ae:
7c:a6:e4:18:d6:87:b0:f5:1c:b6:ab:a2:c1:29:be:d4:a2:c0:
a2:a5:35:82:49:44:10:92:aa:9d:ec:e5:bf:51:85:92:cd:5c:
46:c0:bd:03:4f:33:b4:b3:d7:08:f5:c4:aa:88:44:ac:6b:58:
1a:79:81:e8:53:51:fd:f3:a8:fc:46:ff:d1:ba:e8:8a:94:cc:
3d:d4:ee:64:a7:55:cb:3e:9d:49:d8:1a:52:29:05:70:35:bf:
11:e8:66:18:8c:93:f1:19:0b:60:07:87:78:d5:3d:48:e2:fe:
0e:82:3d:53:2f:34:30:97:ee:29:8e:7c:7d:a7:26:9b:91:1b:
68:61:59:19:d0:82:90:c3:9a:19:cd:1e:27:8f:93:30:9c:ea:
55:77:92:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrdZQWxpfevyNC03hAGcv+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MjAwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmFlZjljNzk5OGEyZjVlYjgzZmYwMGRhMTUyZmUzNTc0ZjhmNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne+2v17fKkO2NBKKU533XLifMPm8
u16UK8nncg5MHeR9lR0DMPEVkGhhtx90bu+dMDVEtQEcQEj+cMvpxoaLNm3AXtLK
H8O/BuY66z5Bsatd4Gwk4hTyT/uF6OOWLpsyBdJIEsqaXC3n5GtFqH5jR17/61+r
AwnZXGfDmVKwf1mbSc26pxXwi3Y41nDDFgaWTRWFh2D3Q1XgKgKdZH+XqsopAiBx
McyQStO6/bl0K6IecWpiTMtvsZOkqHx3G8MHuwpopIiG1Lh03PANWH67KoXVO1BH
99Ei3EYchcAOnD+FDz46dz6CCPdl+ithO3Br7T+cS/HNsw7aiEcvNxiA/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEuu+ceZii9euD/wDaFS/jV0+PQIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUzY3NXg1bUtMMTY0UF9BTm9WTC1OWFQ0OUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMGI5j0dyMIz03CbfGwG
teTDubOpB7LrzV4LLtkh6+raud27KwstNMzGGV9LlfpPJENKigUZyLnpnRJbrY95
dr7g575oG31mDJj0ZHxdzg5Hm9kxZwtj3bYGRSUPNMFTMl/KR1wTtvABY47Arnym
5BjWh7D1HLarosEpvtSiwKKlNYJJRBCSqp3s5b9RhZLNXEbAvQNPM7Sz1wj1xKqI
RKxrWBp5gehTUf3zqPxG/9G66IqUzD3U7mSnVcs+nUnYGlIpBXA1vxHoZhiMk/EZ
C2AHh3jVPUji/g6CPVMvNDCX7imOfH2nJpuRG2hhWRnQgpDDmhnNHiePkzCc6lV3
kqU=
-----END CERTIFICATE-----
Generated at Tue Jun 17 20:18:11 2025 by rpki-client