Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U9q5iECACqEIexMAaWbyCJaJh5I.roa
File: U9q5iECACqEIexMAaWbyCJaJh5I.roa (raw, json)
Hash identifier: zJnNSApjzHKsyRf28QvsIlbTahPWk/k8P8PMTY204Go=
Subject key identifier: 53:DA:B9:88:40:80:0A:A1:08:7B:13:00:69:66:F2:08:96:89:87:92
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6F54520E77D0679FFC8C8AAE5768B55E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U9q5iECACqEIexMAaWbyCJaJh5I.roa
Signing time: Fri 15 Dec 2023 21:14:06 +0000
ROA not before: Fri 15 Dec 2023 21:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6f:54:52:0e:77:d0:67:9f:fc:8c:8a:ae:57:68:b5:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 15 21:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53dab98840800aa1087b13006966f20896898792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:99:fb:c2:08:df:22:ef:1d:77:01:9a:5d:65:
de:bd:02:90:61:96:ee:91:9a:32:d5:65:86:18:1d:
f6:29:49:9c:29:77:67:f0:96:9f:af:77:99:10:99:
b8:53:bb:df:23:82:38:9d:3c:7e:cd:fe:62:64:bf:
33:07:c3:74:51:a7:b4:21:11:03:d5:ae:c0:50:18:
c6:ea:03:f9:35:a3:8e:bc:3b:b5:29:f7:01:1d:f7:
32:49:d2:6f:3d:00:34:9c:59:be:b5:ff:26:a3:71:
03:37:c7:ca:9d:d6:e0:89:de:4a:ce:13:0b:c3:9a:
48:21:84:d1:01:f3:9c:fa:25:d0:48:a7:19:40:9f:
5b:49:8e:b0:d0:cc:e1:76:ca:e3:81:15:31:6b:cb:
a3:59:8e:10:f0:a3:d0:22:68:97:f2:c0:54:af:53:
bf:f3:49:be:76:87:0c:16:5c:81:d4:52:fa:02:3f:
a7:2a:4b:6f:04:ca:b6:34:37:76:e8:a5:52:ed:7b:
4b:1f:93:cc:96:f4:1c:b3:44:04:ef:b7:bb:ed:17:
99:50:e1:de:3f:5b:0e:94:96:04:26:b1:79:79:dd:
ce:1d:c2:df:b7:da:b7:94:55:91:fb:fc:7f:eb:2f:
90:25:54:c5:a5:2d:65:91:5b:8c:ce:96:9b:02:3d:
16:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DA:B9:88:40:80:0A:A1:08:7B:13:00:69:66:F2:08:96:89:87:92
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/U9q5iECACqEIexMAaWbyCJaJh5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:9b:00:1e:ac:54:40:4c:f4:e2:52:c9:5d:d2:a9:e5:6d:66:
65:25:11:34:18:eb:38:41:df:dd:d0:8d:6c:7e:7e:8b:3a:88:
27:0f:3c:a6:0f:5a:33:55:f0:2c:28:c5:7b:a1:ba:ab:64:41:
ff:d0:fb:93:7b:0c:f4:bc:dd:47:94:30:28:bd:f9:88:e2:04:
24:26:36:00:29:e7:0e:d2:c5:c5:23:7f:9a:8c:51:e2:ef:68:
8b:ce:b5:06:bf:5f:b7:a0:3c:f2:84:af:9a:fe:3c:63:82:91:
d6:96:78:62:73:7c:6c:26:f1:a3:59:f6:1f:f3:fc:9a:37:70:
b9:f7:79:eb:e1:d2:62:95:e5:00:a4:94:0b:de:9f:eb:19:0d:
7a:26:a6:9f:49:b8:32:a6:51:aa:79:0a:0c:f4:e9:b1:c3:61:
b5:13:c0:58:f3:62:4a:1c:89:a8:11:9e:8a:1f:3c:09:a1:f0:
1f:f4:a4:0f:f3:c7:73:fe:60:11:ef:6d:77:91:4f:55:b1:ab:
f6:39:ce:14:f3:94:84:20:6b:ec:1a:ce:0d:ce:05:3d:ef:20:
4e:a6:25:b7:13:17:9f:09:95:64:ac:75:77:12:b5:a1:ac:0e:
22:e5:07:3d:4d:2a:3d:10:60:1c:c5:ef:c0:c8:05:4e:2e:4f:
d9:c4:75:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxvVFIOd9Bnn/yMiq5XaLVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE1MjExNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2RhYjk4ODQwODAwYWExMDg3YjEzMDA2OTY2ZjIwODk2ODk4NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJn7wgjfIu8ddwGaXWXevQKQYZbu
kZoy1WWGGB32KUmcKXdn8Jafr3eZEJm4U7vfI4I4nTx+zf5iZL8zB8N0Uae0IRED
1a7AUBjG6gP5NaOOvDu1KfcBHfcySdJvPQA0nFm+tf8mo3EDN8fKndbgid5KzhML
w5pIIYTRAfOc+iXQSKcZQJ9bSY6w0MzhdsrjgRUxa8ujWY4Q8KPQImiX8sBUr1O/
80m+docMFlyB1FL6Aj+nKktvBMq2NDd26KVS7XtLH5PMlvQcs0QE77e77ReZUOHe
P1sOlJYEJrF5ed3OHcLft9q3lFWR+/x/6y+QJVTFpS1lkVuMzpabAj0WUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFPauYhAgAqhCHsTAGlm8giWiYeSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVTlxNWlFQ0FDcUVJZXhNQWFXYnlDSmFKaDVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAASbAB6sVEBM9OJSyV3S
qeVtZmUlETQY6zhB393QjWx+fos6iCcPPKYPWjNV8CwoxXuhuqtkQf/Q+5N7DPS8
3UeUMCi9+YjiBCQmNgAp5w7SxcUjf5qMUeLvaIvOtQa/X7egPPKEr5r+PGOCkdaW
eGJzfGwm8aNZ9h/z/Jo3cLn3eevh0mKV5QCklAven+sZDXompp9JuDKmUap5Cgz0
6bHDYbUTwFjzYkociagRnoofPAmh8B/0pA/zx3P+YBHvbXeRT1Wxq/Y5zhTzlIQg
a+wazg3OBT3vIE6mJbcTF58JlWSsdXcStaGsDiLlBz1NKj0QYBzF78DIBU4uT9nE
dQo=
-----END CERTIFICATE-----
Generated at Wed Jun 18 08:09:49 2025 by rpki-client