Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TfNTchl4inEamRNwo7LeDhttGlA.roa
File: TfNTchl4inEamRNwo7LeDhttGlA.roa (raw, json)
Hash identifier: HPBFNezP1io6eeGOAShsEmDlwoadDDpuqWwLr7lHAHc=
Subject key identifier: 4D:F3:53:72:19:78:8A:71:1A:99:13:70:A3:B2:DE:0E:1B:6D:1A:50
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C390234ABCCEED17BD3153DEC79D4B099
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TfNTchl4inEamRNwo7LeDhttGlA.roa
Signing time: Tue 05 Dec 2023 08:04:54 +0000
ROA not before: Tue 05 Dec 2023 08:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:3901:c948/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:02:34:ab:cc:ee:d1:7b:d3:15:3d:ec:79:d4:b0:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 08:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4df3537219788a711a991370a3b2de0e1b6d1a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:86:73:a5:72:b0:a5:5a:a2:0a:81:ae:1e:08:
ec:eb:70:a1:62:a7:61:f0:0f:7c:d8:eb:de:99:b7:
ba:c8:8d:64:56:96:89:7e:bf:ce:ff:86:70:a5:f9:
c1:7e:91:c8:15:5d:90:1b:50:80:e2:ff:4d:f7:f1:
73:85:f4:6c:a3:7c:7d:bb:7c:6b:8d:ef:a0:7b:98:
d9:32:29:f1:0a:dc:ee:5a:38:23:46:2a:6f:dd:29:
c7:f7:2b:9a:3e:f4:8e:8c:41:27:89:0b:14:f1:12:
cb:13:1d:f0:f2:02:a7:37:e5:31:cd:5a:79:f8:69:
4f:dc:9c:13:9a:04:ff:e2:b4:25:9c:6c:47:de:8e:
e7:e2:d2:1c:0f:98:d5:44:59:c4:b4:99:18:f6:d6:
65:b4:2e:f2:bd:35:4d:28:3e:4f:ef:1e:69:65:22:
33:0b:fb:08:6f:6a:88:84:b5:74:10:0f:21:c3:f4:
d7:d2:42:ea:5d:af:e4:e4:fe:f2:81:62:42:ff:5f:
98:6e:ef:f2:d3:df:51:53:07:48:11:ee:50:d6:ba:
d1:8e:40:df:fe:4b:41:14:ce:43:d7:80:ae:9f:a4:
89:1b:5b:0b:10:30:00:72:ff:cf:c0:eb:38:ff:a2:
d4:95:01:c8:76:bf:76:6e:55:7b:26:4e:bd:8d:2d:
b9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F3:53:72:19:78:8A:71:1A:99:13:70:A3:B2:DE:0E:1B:6D:1A:50
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TfNTchl4inEamRNwo7LeDhttGlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b1:b7:44:b2:0d:55:4c:29:f0:23:5f:83:c6:1e:81:a7:d4:15:
fb:72:6d:ca:7f:37:56:61:5e:8d:02:bf:3c:26:4c:ae:bf:31:
a8:72:01:8a:ff:21:8e:b3:a6:80:d0:32:33:dc:66:9f:46:4a:
8f:00:7e:a7:43:a5:ec:5c:4a:ec:b4:af:b6:9a:4d:46:1f:ee:
7c:31:11:20:0d:51:e8:c7:4d:0b:30:ec:37:e0:a1:d5:23:2f:
e5:e4:7d:1b:ca:4e:44:e8:31:2c:46:72:0d:1a:aa:74:bf:ac:
0d:ee:37:c8:50:fb:e7:90:c1:7c:c5:55:49:ca:16:6d:df:5b:
dc:65:91:d7:94:ac:ec:51:30:c2:3d:4a:ae:a2:bb:dc:0e:5a:
11:f4:f5:c6:d7:23:89:a2:0b:f7:3c:e5:4a:2d:3e:19:43:23:
25:4d:fb:0b:f2:09:30:9b:33:42:0f:f2:a5:1f:4a:13:cf:5c:
4d:0e:42:b3:d3:22:8b:31:e6:f4:ad:ae:38:50:4f:07:39:f3:
80:6a:9b:14:22:23:eb:36:ef:42:4a:ea:09:7c:09:41:3e:80:
7f:d0:c8:14:1c:3e:a2:2a:3e:c6:0f:41:2f:5e:14:67:23:d2:
8f:36:34:70:bb:6a:73:b0:69:e2:80:2f:87:48:2a:29:e9:a8:
18:ab:04:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw5AjSrzO7Re9MVPex51LCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MDgwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGYzNTM3MjE5Nzg4YTcxMWE5OTEzNzBhM2IyZGUwZTFiNmQxYTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioZzpXKwpVqiCoGuHgjs63ChYqdh
8A982Ovembe6yI1kVpaJfr/O/4ZwpfnBfpHIFV2QG1CA4v9N9/FzhfRso3x9u3xr
je+ge5jZMinxCtzuWjgjRipv3SnH9yuaPvSOjEEniQsU8RLLEx3w8gKnN+UxzVp5
+GlP3JwTmgT/4rQlnGxH3o7n4tIcD5jVRFnEtJkY9tZltC7yvTVNKD5P7x5pZSIz
C/sIb2qIhLV0EA8hw/TX0kLqXa/k5P7ygWJC/1+Ybu/y099RUwdIEe5Q1rrRjkDf
/ktBFM5D14Cun6SJG1sLEDAAcv/PwOs4/6LUlQHIdr92blV7Jk69jS25KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE3zU3IZeIpxGpkTcKOy3g4bbRpQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVGZOVGNobDRpbkVhbVJOd283TGVEaHR0R2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALG3RLINVUwp8CNfg8Ye
gafUFftybcp/N1ZhXo0CvzwmTK6/MahyAYr/IY6zpoDQMjPcZp9GSo8AfqdDpexc
Suy0r7aaTUYf7nwxESANUejHTQsw7DfgodUjL+XkfRvKTkToMSxGcg0aqnS/rA3u
N8hQ++eQwXzFVUnKFm3fW9xlkdeUrOxRMMI9Sq6iu9wOWhH09cbXI4miC/c85Uot
PhlDIyVN+wvyCTCbM0IP8qUfShPPXE0OQrPTIosx5vStrjhQTwc584BqmxQiI+s2
70JK6gl8CUE+gH/QyBQcPqIqPsYPQS9eFGcj0o82NHC7anOwaeKAL4dIKinpqBir
BGc=
-----END CERTIFICATE-----
Generated at Tue Jun 17 15:34:27 2025 by rpki-client