Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U6C1hINilU6ob4HrfZjztKQ6WbE.roa
File: U6C1hINilU6ob4HrfZjztKQ6WbE.roa (raw, json)
Hash identifier: gaGqmEJlvJoOJoZIwXYU3vSZsGPNbtzIa8M3+AWJy00=
Subject key identifier: 53:A0:B5:84:83:62:95:4E:A8:6F:81:EB:7D:98:F3:B4:A4:3A:59:B1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B024D052FD5449E1A45D1D5389EF0856B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U6C1hINilU6ob4HrfZjztKQ6WbE.roa
Signing time: Fri 06 Oct 2023 00:04:43 +0000
ROA not before: Fri 06 Oct 2023 00:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:24c:8b02/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:02:4d:05:2f:d5:44:9e:1a:45:d1:d5:38:9e:f0:85:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 00:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53a0b5848362954ea86f81eb7d98f3b4a43a59b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:b3:64:61:ca:7b:78:7f:39:a7:1a:35:84:
43:1a:5c:96:50:ab:77:e9:93:da:37:35:7e:0f:5f:
1c:7a:28:86:ce:72:17:b0:ef:46:de:ba:37:34:85:
53:3b:eb:ee:6c:bd:5a:87:ad:ff:0d:a6:a2:a7:b5:
c3:61:89:1b:f1:4f:67:d5:18:25:22:21:3d:76:7c:
e8:31:ab:50:13:a9:bc:c5:db:e7:cc:9e:b4:95:34:
e8:d8:0a:32:22:40:f4:f3:f6:b3:ba:1f:36:70:12:
1f:8d:db:ff:d7:2a:80:ac:3f:99:af:47:5c:21:b9:
fd:69:7e:16:99:69:fa:c9:09:e7:02:94:6f:c4:8f:
a5:ec:87:92:c6:24:66:84:7b:2e:90:75:0b:0c:c6:
5c:dc:73:d2:79:48:b0:3b:e3:10:f1:ab:3f:d4:b1:
23:89:da:ce:95:70:a2:a8:ef:9b:c8:aa:1c:33:6f:
8b:b8:c0:d1:5b:90:39:66:12:01:e4:5c:15:d9:c7:
24:38:83:68:06:6e:5d:82:7b:aa:83:2e:b5:29:53:
26:60:c1:ec:f4:01:f6:0e:fe:3b:8a:22:8e:90:f0:
5e:1d:e0:42:91:85:9a:64:aa:00:e8:af:f2:f5:16:
f8:ad:3a:85:37:3c:ce:06:d4:ff:7b:3f:a5:1d:f7:
e9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A0:B5:84:83:62:95:4E:A8:6F:81:EB:7D:98:F3:B4:A4:3A:59:B1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U6C1hINilU6ob4HrfZjztKQ6WbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:b9:13:e0:87:ec:35:bd:10:66:bd:69:54:05:68:ec:62:ca:
0e:bb:b5:9b:f4:da:c6:34:4c:48:a4:3b:fc:41:21:7f:08:cf:
7e:a6:30:1c:1e:d8:64:df:85:24:42:1b:2e:70:78:06:17:74:
84:3e:28:c9:3d:b4:ec:fe:1d:7b:fb:f1:7b:81:2e:fa:ef:f5:
39:a3:43:94:0e:ff:b0:20:8e:5c:e6:aa:05:3d:2f:37:47:86:
d1:88:fa:b3:dc:34:86:38:97:75:02:c4:70:d9:da:11:98:68:
ae:29:8a:e4:df:2e:14:96:2c:72:af:d9:55:a2:cd:f7:c3:c9:
b7:bd:74:8d:03:73:2e:89:2b:85:8f:22:02:69:14:8c:ac:d6:
46:bc:c2:34:2f:83:4b:4c:df:ff:00:a3:2b:04:b5:1f:8b:6c:
95:f3:8f:34:a7:94:a9:39:81:91:42:12:52:71:09:51:a1:86:
5e:8c:6e:0f:0d:ca:5f:03:83:71:43:53:68:b3:d9:30:fd:48:
df:ee:fc:81:ce:97:65:3b:5c:8d:f4:9f:57:02:ef:59:68:e5:
b1:21:31:42:98:33:35:db:1a:54:be:64:98:f0:ee:17:46:db:
35:ec:bd:a8:8f:15:13:f8:04:55:4d:5e:cd:3a:4b:6b:9c:df:
d8:df:ef:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsCTQUv1USeGkXR1Tie8IVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MDAwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2EwYjU4NDgzNjI5NTRlYTg2ZjgxZWI3ZDk4ZjNiNGE0M2E1OWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBKzZGHKe3h/OacaNYRDGlyWUKt3
6ZPaNzV+D18ceiiGznIXsO9G3ro3NIVTO+vubL1ah63/Daaip7XDYYkb8U9n1Rgl
IiE9dnzoMatQE6m8xdvnzJ60lTTo2AoyIkD08/azuh82cBIfjdv/1yqArD+Zr0dc
Ibn9aX4WmWn6yQnnApRvxI+l7IeSxiRmhHsukHULDMZc3HPSeUiwO+MQ8as/1LEj
idrOlXCiqO+byKocM2+LuMDRW5A5ZhIB5FwV2cckOINoBm5dgnuqgy61KVMmYMHs
9AH2Dv47iiKOkPBeHeBCkYWaZKoA6K/y9Rb4rTqFNzzOBtT/ez+lHffpTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFOgtYSDYpVOqG+B632Y87SkOlmxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVTZDMWhJTmlsVTZvYjRIcmZaanp0S1E2V2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHm5E+CH7DW9EGa9aVQF
aOxiyg67tZv02sY0TEikO/xBIX8Iz36mMBwe2GTfhSRCGy5weAYXdIQ+KMk9tOz+
HXv78XuBLvrv9TmjQ5QO/7AgjlzmqgU9LzdHhtGI+rPcNIY4l3UCxHDZ2hGYaK4p
iuTfLhSWLHKv2VWizffDybe9dI0Dcy6JK4WPIgJpFIys1ka8wjQvg0tM3/8AoysE
tR+LbJXzjzSnlKk5gZFCElJxCVGhhl6Mbg8Nyl8Dg3FDU2iz2TD9SN/u/IHOl2U7
XI30n1cC71lo5bEhMUKYMzXbGlS+ZJjw7hdG2zXsvaiPFRP4BFVNXs06S2uc39jf
71E=
-----END CERTIFICATE-----
Generated at Thu Jun 19 03:46:44 2025 by rpki-client