Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SHATjfScIFp5_faWG7uozqa9qnI.roa
File: SHATjfScIFp5_faWG7uozqa9qnI.roa (raw, json)
Hash identifier: SZlE+e5s5ewp3FLr9G5dWaeiSE39TuPOcAPa0BniAJ0=
Subject key identifier: 48:70:13:8D:F4:9C:20:5A:79:FD:F6:96:1B:BB:A8:CE:A6:BD:AA:72
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFAC86F038F9B77A33FC3EA1A248CE974
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SHATjfScIFp5_faWG7uozqa9qnI.roa
Signing time: Thu 23 Nov 2023 06:05:21 +0000
ROA not before: Thu 23 Nov 2023 06:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:fac7:9a1f/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fa:c8:6f:03:8f:9b:77:a3:3f:c3:ea:1a:24:8c:e9:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 06:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4870138df49c205a79fdf6961bbba8cea6bdaa72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bd:94:1f:dc:fb:04:34:5c:a9:77:8e:44:a3:
99:63:85:cb:2f:f4:6e:08:13:af:50:e0:a7:6b:6a:
03:ba:9b:a7:c8:6a:52:cd:cf:85:a1:aa:c5:76:c7:
ec:6e:ec:86:06:f6:2d:03:2b:bb:2d:f5:42:37:2b:
d6:33:b8:68:36:42:ad:42:98:45:77:56:99:27:b0:
a8:1e:95:e1:c4:73:03:54:b6:b6:c5:19:63:cb:e8:
97:99:c7:e0:80:da:ff:22:a1:76:89:59:17:48:c6:
cf:3d:c4:d4:0c:2e:94:7b:f7:45:09:6e:98:73:80:
96:a7:b6:3b:56:b5:b7:a2:4e:ad:a8:5d:4d:f1:21:
b7:b6:4b:d9:b5:b5:c2:16:6c:15:e8:00:73:39:97:
1c:d1:43:8c:a6:6d:0e:8b:38:dd:a2:fc:d9:45:f2:
c0:6f:83:8d:fd:7f:94:e9:12:77:52:d3:54:eb:87:
d3:1c:d0:8e:11:93:f4:73:5d:9f:fb:d3:41:a8:55:
86:57:f3:8c:a3:d2:67:9c:cb:90:43:2c:fe:2f:05:
74:2c:7a:de:25:31:48:2d:21:c0:77:f9:93:8c:8e:
15:39:ff:8c:72:24:f2:d3:62:57:0d:ae:be:6e:c5:
ae:42:00:65:79:da:cf:fe:ed:71:df:cd:95:07:f5:
96:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:70:13:8D:F4:9C:20:5A:79:FD:F6:96:1B:BB:A8:CE:A6:BD:AA:72
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SHATjfScIFp5_faWG7uozqa9qnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:5c:d6:f2:58:f4:ff:69:d6:da:c2:e7:5a:59:34:88:78:70:
73:28:4c:99:c9:ed:03:e9:35:69:86:40:e2:c3:3f:ae:93:61:
9b:70:f1:26:e6:0b:f4:18:31:f6:fa:9c:b4:42:eb:d1:96:db:
ab:0c:df:ba:91:03:cf:7c:86:f1:15:c2:81:e3:57:ae:5b:b5:
08:d2:96:94:4c:62:7f:b2:09:02:82:be:0f:ce:e8:01:3b:98:
fc:70:03:cf:3d:e6:e3:b9:bf:e0:14:80:2d:2e:5b:7d:29:be:
45:83:c5:6b:fb:fa:4b:b8:19:a0:f3:cb:fc:0b:59:d4:b4:c1:
44:d0:56:4b:21:5c:38:ea:9a:a0:0f:89:1b:8d:d7:75:28:e0:
93:be:7a:b5:c6:bb:45:14:2f:a5:8a:9a:dd:8d:b3:e5:74:2e:
e7:e9:b2:7b:6c:5a:86:fa:c4:b9:0e:6e:c0:21:47:7d:2f:c8:
69:5c:68:fb:c4:03:1d:02:3a:d6:cf:fc:7c:5f:f9:0e:c9:d5:
8c:f2:86:5a:6d:35:f7:18:bd:0d:7c:78:3b:22:cf:b3:c7:ae:
e6:bc:17:f5:a5:de:0f:21:f6:ef:22:f4:f1:df:70:35:17:1a:
3b:bc:98:01:31:74:b3:fd:b5:c4:3d:dd:0b:30:95:0f:7a:4d:
0e:d4:d9:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv6yG8Dj5t3oz/D6hokjOl0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMDYwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODcwMTM4ZGY0OWMyMDVhNzlmZGY2OTYxYmJiYThjZWE2YmRhYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL2UH9z7BDRcqXeORKOZY4XLL/Ru
CBOvUOCna2oDupunyGpSzc+FoarFdsfsbuyGBvYtAyu7LfVCNyvWM7hoNkKtQphF
d1aZJ7CoHpXhxHMDVLa2xRljy+iXmcfggNr/IqF2iVkXSMbPPcTUDC6Ue/dFCW6Y
c4CWp7Y7VrW3ok6tqF1N8SG3tkvZtbXCFmwV6ABzOZcc0UOMpm0OizjdovzZRfLA
b4ON/X+U6RJ3UtNU64fTHNCOEZP0c12f+9NBqFWGV/OMo9JnnMuQQyz+LwV0LHre
JTFILSHAd/mTjI4VOf+MciTy02JXDa6+bsWuQgBledrP/u1x382VB/WWhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhwE430nCBaef32lhu7qM6mvapyMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvU0hBVGpmU2NJRnA1X2ZhV0c3dW96cWE5cW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIJc1vJY9P9p1trC51pZ
NIh4cHMoTJnJ7QPpNWmGQOLDP66TYZtw8SbmC/QYMfb6nLRC69GW26sM37qRA898
hvEVwoHjV65btQjSlpRMYn+yCQKCvg/O6AE7mPxwA8895uO5v+AUgC0uW30pvkWD
xWv7+ku4GaDzy/wLWdS0wUTQVkshXDjqmqAPiRuN13Uo4JO+erXGu0UUL6WKmt2N
s+V0LufpsntsWob6xLkObsAhR30vyGlcaPvEAx0COtbP/Hxf+Q7J1YzyhlptNfcY
vQ18eDsiz7PHrua8F/Wl3g8h9u8i9PHfcDUXGju8mAExdLP9tcQ93QswlQ96TQ7U
2bg=
-----END CERTIFICATE-----
Generated at Tue Jun 17 17:46:53 2025 by rpki-client