Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TYEpdQBFaC3ePG4eEWQzGXrznFw.roa
File: TYEpdQBFaC3ePG4eEWQzGXrznFw.roa (raw, json)
Hash identifier: 9yWZ3Splw2ZXIIry+/uDbEWnLOeDNXMtCsOvPm9s0ug=
Subject key identifier: 4D:81:29:75:00:45:68:2D:DE:3C:6E:1E:11:64:33:19:7A:F3:9C:5C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE99CFC9A85B948703DEEF7201321540F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TYEpdQBFaC3ePG4eEWQzGXrznFw.roa
Signing time: Sun 19 Nov 2023 22:04:21 +0000
ROA not before: Sun 19 Nov 2023 22:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:e99c:e913/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e9:9c:fc:9a:85:b9:48:70:3d:ee:f7:20:13:21:54:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 19 22:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d8129750045682dde3c6e1e116433197af39c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8e:94:a0:f1:50:2e:91:9d:db:83:29:af:c0:
55:e5:f0:aa:1d:7f:c7:c8:43:94:fd:5a:78:c0:17:
74:ec:72:57:77:ec:b9:98:c2:32:30:56:57:6e:14:
f7:32:e7:0f:1a:9e:5e:ce:36:6d:c6:0e:3d:fc:4a:
4f:6b:cc:de:0c:cc:60:74:48:23:7b:bd:72:09:93:
62:f6:6c:e6:ec:a8:87:42:32:a5:61:29:7b:75:a6:
bd:3d:53:97:db:52:ee:83:e8:6e:6f:37:a3:1c:fc:
ac:9e:7d:df:dc:93:23:6f:9a:85:39:98:e0:6b:58:
d0:6b:3f:c5:37:45:e3:b9:ef:2b:fe:c2:b5:ab:f1:
00:97:76:8a:32:a9:ad:4b:53:87:c9:00:2b:74:2d:
e5:5b:8f:f1:98:6e:c3:fc:25:3f:cb:1e:c8:58:e9:
49:73:48:9d:f9:1f:e1:66:ee:61:65:b1:2d:cf:05:
f2:0a:34:26:3f:d2:51:a1:13:c3:7d:f0:7f:01:5d:
40:46:3a:9d:37:c6:89:3d:4b:2b:aa:66:86:a8:39:
0d:3d:f3:47:2e:97:d0:98:46:cc:8d:cd:15:1c:35:
fd:56:6b:e5:81:31:6c:a0:e5:2d:fe:0e:a1:8a:ce:
35:1f:99:26:f5:e1:64:8c:fd:3b:0c:8b:24:f7:d0:
b2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:81:29:75:00:45:68:2D:DE:3C:6E:1E:11:64:33:19:7A:F3:9C:5C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TYEpdQBFaC3ePG4eEWQzGXrznFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b2:ab:16:04:03:94:48:1e:a6:06:f1:69:27:3b:3d:9f:63:c2:
8c:f9:fa:1a:47:33:26:5e:5b:97:48:09:b6:75:48:92:9b:27:
97:15:71:8b:16:5e:79:c3:a2:e1:c9:98:c7:e6:13:95:42:f9:
5c:43:f4:30:c9:6f:14:ac:08:62:82:87:20:a4:e7:45:0a:31:
5e:42:b5:5c:72:39:68:72:e5:69:ae:08:77:3a:0c:81:df:fc:
bf:36:d3:3d:0f:d3:b7:19:14:7a:fb:00:73:c6:04:23:55:30:
1f:81:de:ca:2a:af:11:fd:7e:56:25:e3:14:03:8f:b5:ab:95:
02:d6:07:10:a3:00:21:94:1a:4b:87:27:9c:ad:51:af:9c:98:
e0:39:d7:67:cc:fe:17:d2:eb:f5:b2:e2:a6:33:18:9f:ee:e7:
64:4c:f5:72:70:3f:d2:7f:aa:27:77:ea:8f:02:07:03:1c:ce:
2d:20:ac:7f:b5:1c:f2:00:db:bd:79:6d:22:46:11:e5:96:d3:
7e:db:6a:76:c0:0e:d3:58:fc:e6:00:31:06:7c:f5:67:f1:67:
c6:41:b4:c6:2c:6c:28:44:08:06:e6:6d:02:ff:1f:dc:28:1d:
0f:6f:d6:cd:3a:8a:70:ab:4f:08:f1:a5:8c:7c:89:d2:03:0d:
ae:98:ce:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvpnPyahblIcD3u9yATIVQPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE5MjIwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDgxMjk3NTAwNDU2ODJkZGUzYzZlMWUxMTY0MzMxOTdhZjM5YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi46UoPFQLpGd24Mpr8BV5fCqHX/H
yEOU/Vp4wBd07HJXd+y5mMIyMFZXbhT3MucPGp5ezjZtxg49/EpPa8zeDMxgdEgj
e71yCZNi9mzm7KiHQjKlYSl7daa9PVOX21Lug+hubzejHPysnn3f3JMjb5qFOZjg
a1jQaz/FN0Xjue8r/sK1q/EAl3aKMqmtS1OHyQArdC3lW4/xmG7D/CU/yx7IWOlJ
c0id+R/hZu5hZbEtzwXyCjQmP9JRoRPDffB/AV1ARjqdN8aJPUsrqmaGqDkNPfNH
LpfQmEbMjc0VHDX9VmvlgTFsoOUt/g6his41H5km9eFkjP07DIsk99Cy3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE2BKXUARWgt3jxuHhFkMxl685xcMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVFlFcGRRQkZhQzNlUEc0ZUVXUXpHWHJ6bkZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALKrFgQDlEgepgbxaSc7
PZ9jwoz5+hpHMyZeW5dICbZ1SJKbJ5cVcYsWXnnDouHJmMfmE5VC+VxD9DDJbxSs
CGKChyCk50UKMV5CtVxyOWhy5WmuCHc6DIHf/L820z0P07cZFHr7AHPGBCNVMB+B
3soqrxH9flYl4xQDj7WrlQLWBxCjACGUGkuHJ5ytUa+cmOA512fM/hfS6/Wy4qYz
GJ/u52RM9XJwP9J/qid36o8CBwMczi0grH+1HPIA2715bSJGEeWW037banbADtNY
/OYAMQZ89WfxZ8ZBtMYsbChECAbmbQL/H9woHQ9v1s06inCrTwjxpYx8idIDDa6Y
zpQ=
-----END CERTIFICATE-----
Generated at Tue Jun 17 22:59:22 2025 by rpki-client