Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TDj1dGWkxaUnjsVIwzQVJDHO69w.roa
File: TDj1dGWkxaUnjsVIwzQVJDHO69w.roa (raw, json)
Hash identifier: WnIic6L5fIzMU9uRpFG9XWd3Il8xMjmgP2ukcz7ikl4=
Subject key identifier: 4C:38:F5:74:65:A4:C5:A5:27:8E:C5:48:C3:34:15:24:31:CE:EB:DC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AAD542FF5F3505E19C53FFF603D197000
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TDj1dGWkxaUnjsVIwzQVJDHO69w.roa
Signing time: Tue 19 Sep 2023 12:04:50 +0000
ROA not before: Tue 19 Sep 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:ad53:adfc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:54:2f:f5:f3:50:5e:19:c5:3f:ff:60:3d:19:70:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 19 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c38f57465a4c5a5278ec548c334152431ceebdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3b:0e:9a:0c:d1:a9:06:00:1a:1b:3b:cf:b7:
73:e8:bc:fc:39:a5:7e:98:1b:ba:c3:fd:16:ed:1f:
81:cd:47:da:13:07:20:4f:b0:54:e2:e4:6c:ec:94:
69:06:18:cb:07:7b:9e:bc:8b:91:5b:e6:e5:c6:24:
45:14:77:39:01:46:c6:ee:18:bc:80:7e:ee:59:53:
89:05:fe:b8:ae:81:93:df:30:16:ff:b5:ff:48:8f:
4e:b4:ed:c0:b1:1b:78:6e:34:65:bb:38:b6:00:21:
a0:bb:af:29:34:2d:ca:7f:2b:22:1e:39:84:5e:d1:
b4:9b:c3:fe:36:b0:e5:83:cc:96:c7:56:db:36:d2:
ed:a9:65:b0:a8:5b:72:82:1a:ca:11:06:cf:98:14:
47:b0:45:79:df:b8:74:e6:a6:cd:49:07:74:97:d4:
e1:b7:18:5a:32:5f:65:24:09:cf:42:e4:76:bd:23:
37:86:23:60:50:31:9f:c8:32:4e:60:d6:c6:8c:83:
30:84:cb:ea:22:b5:f6:f9:4e:5a:53:bb:a3:c6:95:
88:24:0e:06:8d:ac:82:33:b6:fc:37:ca:51:65:5d:
1b:36:71:b7:98:f9:40:7a:0b:39:b6:77:6f:1b:6d:
eb:0d:51:7c:3a:73:09:4d:f1:14:ef:94:d1:7a:0e:
8d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:38:F5:74:65:A4:C5:A5:27:8E:C5:48:C3:34:15:24:31:CE:EB:DC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TDj1dGWkxaUnjsVIwzQVJDHO69w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b5:a6:1f:c3:f9:17:9b:d9:b7:d6:73:c1:10:e1:5e:4a:e4:1e:
53:2c:c0:3e:ae:cd:7e:ff:0a:cd:84:1b:45:72:f8:88:f9:d6:
47:26:8b:6a:56:b0:04:db:11:17:50:ba:e9:b7:3f:b2:e2:51:
e0:10:26:86:cd:0f:1b:24:87:14:45:31:3d:16:a4:40:b1:fa:
61:7e:a0:6a:1e:fa:5e:ca:0b:9c:07:da:b7:85:ea:49:7a:76:
aa:6b:d9:13:12:9a:6e:e0:c7:49:f9:36:3c:e0:7b:03:c1:9d:
f9:ca:49:c9:01:31:0f:03:41:12:b4:d6:d3:59:15:60:ec:72:
53:67:b3:61:b3:96:f9:29:d2:8c:8b:18:6f:cf:27:84:46:c1:
da:34:cc:1d:cf:44:7c:6d:32:fc:47:45:01:30:59:53:30:e7:
2e:6a:ca:6d:8c:7b:dc:84:b6:e2:af:36:6a:4d:0d:8c:e1:f6:
a7:fa:4e:de:b2:0e:f4:dc:d0:16:2e:6b:71:a7:a6:6d:cb:7e:
6a:d1:c0:00:0b:b0:01:57:a0:2f:d0:7a:9a:7e:2e:e5:28:d4:
c5:6d:1f:c0:d1:5b:3d:bb:79:66:1c:ac:47:c5:8a:c5:cf:5a:
29:da:fd:24:db:c6:a6:5c:6d:35:5f:c0:56:c3:dd:23:00:09:
d1:bc:23:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqtVC/181BeGcU//2A9GXAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTE5MTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzM4ZjU3NDY1YTRjNWE1Mjc4ZWM1NDhjMzM0MTUyNDMxY2VlYmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjsOmgzRqQYAGhs7z7dz6Lz8OaV+
mBu6w/0W7R+BzUfaEwcgT7BU4uRs7JRpBhjLB3uevIuRW+blxiRFFHc5AUbG7hi8
gH7uWVOJBf64roGT3zAW/7X/SI9OtO3AsRt4bjRluzi2ACGgu68pNC3KfysiHjmE
XtG0m8P+NrDlg8yWx1bbNtLtqWWwqFtyghrKEQbPmBRHsEV537h05qbNSQd0l9Th
txhaMl9lJAnPQuR2vSM3hiNgUDGfyDJOYNbGjIMwhMvqIrX2+U5aU7ujxpWIJA4G
jayCM7b8N8pRZV0bNnG3mPlAegs5tndvG23rDVF8OnMJTfEU75TReg6NCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEw49XRlpMWlJ47FSMM0FSQxzuvcMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVERqMWRHV2t4YVVuanNWSXd6UVZKREhPNjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALWmH8P5F5vZt9ZzwRDh
XkrkHlMswD6uzX7/Cs2EG0Vy+Ij51kcmi2pWsATbERdQuum3P7LiUeAQJobNDxsk
hxRFMT0WpECx+mF+oGoe+l7KC5wH2reF6kl6dqpr2RMSmm7gx0n5NjzgewPBnfnK
SckBMQ8DQRK01tNZFWDsclNns2Gzlvkp0oyLGG/PJ4RGwdo0zB3PRHxtMvxHRQEw
WVMw5y5qym2Me9yEtuKvNmpNDYzh9qf6Tt6yDvTc0BYua3Gnpm3LfmrRwAALsAFX
oC/Qepp+LuUo1MVtH8DRWz27eWYcrEfFisXPWina/STbxqZcbTVfwFbD3SMACdG8
I6A=
-----END CERTIFICATE-----
Generated at Mon Jun 16 23:22:05 2025 by rpki-client