Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VWcJpoP8sN7XI8zJu3MrD-X-pfU.roa
File: VWcJpoP8sN7XI8zJu3MrD-X-pfU.roa (raw, json)
Hash identifier: a1iwrQ4xGLs/t24XI2PhcZjBwqjgYhxjwzn6KR5SPPw=
Subject key identifier: 55:67:09:A6:83:FC:B0:DE:D7:23:CC:C9:BB:73:2B:0F:E5:FE:A5:F5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC17F909571FE0EC35F5A4A7385C71888
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VWcJpoP8sN7XI8zJu3MrD-X-pfU.roa
Signing time: Sat 23 Sep 2023 10:04:37 +0000
ROA not before: Sat 23 Sep 2023 10:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:c17f:3d9a/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c1:7f:90:95:71:fe:0e:c3:5f:5a:4a:73:85:c7:18:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 10:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=556709a683fcb0ded723ccc9bb732b0fe5fea5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:5e:23:3a:a9:56:1a:ae:40:0d:68:e9:2b:55:
db:c4:51:44:ca:0b:8b:a8:42:fb:74:ba:1f:c1:db:
5c:52:76:ce:2c:61:70:53:d2:cf:b3:0e:0b:a6:e6:
49:7f:0e:b1:ac:9b:67:f5:34:6b:c5:df:c7:5d:0b:
dc:ed:61:b9:63:b8:53:f1:7c:a4:09:d7:e6:ff:46:
9b:41:c7:b3:58:45:d6:b1:30:a1:5a:82:aa:52:4e:
64:21:f3:6e:d0:96:ab:d3:ad:fe:fd:99:b7:6d:61:
51:18:e4:c4:83:69:f7:b8:1c:96:e3:77:b7:de:d3:
52:35:7f:72:3b:a6:73:ce:dc:11:af:db:04:15:7e:
5c:e4:ca:f6:0e:fe:52:ac:0f:59:85:73:d6:55:9b:
25:35:ad:37:6c:bb:5b:ae:2e:49:3a:fa:cb:07:a9:
17:f1:cf:1b:a1:6b:7e:35:8e:21:f4:70:f8:20:6f:
89:32:72:c3:05:c9:7c:2c:a6:1d:e8:69:4f:b4:67:
e3:7f:e3:f1:d0:fc:84:28:93:5d:02:67:c7:0c:a7:
11:d6:f3:57:72:7b:12:64:34:2d:05:e6:9c:f8:e3:
a3:6e:d9:2f:85:6b:85:a5:b2:d7:71:ef:65:2b:4f:
5f:53:25:64:de:77:d7:b1:66:95:a4:13:1e:a1:53:
0c:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:67:09:A6:83:FC:B0:DE:D7:23:CC:C9:BB:73:2B:0F:E5:FE:A5:F5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VWcJpoP8sN7XI8zJu3MrD-X-pfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b8:fd:1c:54:94:bd:03:7a:2c:ea:5e:f8:83:65:77:a1:13:64:
49:3b:7c:d4:8e:2d:08:ca:c8:22:c2:6d:fc:1f:41:17:fb:f3:
c0:22:df:f0:ce:49:e7:6f:ea:87:36:42:b2:c4:e3:cb:e8:99:
b9:dc:cb:d6:4d:d4:c1:3a:34:a5:b3:1e:9f:0c:30:f9:91:c8:
d5:78:15:3a:42:d5:a4:2d:9f:5c:5f:b6:85:6d:a0:78:eb:f4:
86:98:74:b2:89:9c:1e:88:04:79:41:31:0e:4b:6d:d9:8a:48:
48:6d:d5:f5:5e:24:f4:b3:7b:53:a2:bf:65:1b:c8:a7:3d:e1:
a3:53:75:f6:8a:4c:45:42:02:a1:64:3c:a7:7e:67:b0:ad:73:
a5:97:6a:a7:af:0b:f2:b3:93:39:98:48:5d:1d:46:21:6e:31:
be:46:a2:9f:2c:47:5f:ed:3b:3f:89:4b:bd:be:e3:5b:ee:78:
fe:82:1a:e0:04:66:49:d8:0f:89:08:e5:fa:24:61:a0:55:06:
61:ee:94:3e:c4:28:af:54:06:96:e0:63:75:b3:97:ea:b6:0e:
9a:b6:f9:10:76:5e:ea:38:dd:b0:a6:04:0d:6b:7d:16:84:c3:
16:f7:4a:31:76:6c:8a:68:9d:ea:98:24:01:0f:5a:b1:4d:ab:
88:3e:c2:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrBf5CVcf4Ow19aSnOFxxiIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMTAwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY3MDlhNjgzZmNiMGRlZDcyM2NjYzliYjczMmIwZmU1ZmVhNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV4jOqlWGq5ADWjpK1XbxFFEyguL
qEL7dLofwdtcUnbOLGFwU9LPsw4LpuZJfw6xrJtn9TRrxd/HXQvc7WG5Y7hT8Xyk
Cdfm/0abQcezWEXWsTChWoKqUk5kIfNu0Jar063+/Zm3bWFRGOTEg2n3uByW43e3
3tNSNX9yO6ZzztwRr9sEFX5c5Mr2Dv5SrA9ZhXPWVZslNa03bLtbri5JOvrLB6kX
8c8boWt+NY4h9HD4IG+JMnLDBcl8LKYd6GlPtGfjf+Px0PyEKJNdAmfHDKcR1vNX
cnsSZDQtBeac+OOjbtkvhWuFpbLXce9lK09fUyVk3nfXsWaVpBMeoVMM0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFVnCaaD/LDe1yPMybtzKw/l/qX1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVldjSnBvUDhzTjdYSTh6SnUzTXJELVgtcGZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALj9HFSUvQN6LOpe+INl
d6ETZEk7fNSOLQjKyCLCbfwfQRf788Ai3/DOSedv6oc2QrLE48vombncy9ZN1ME6
NKWzHp8MMPmRyNV4FTpC1aQtn1xftoVtoHjr9IaYdLKJnB6IBHlBMQ5LbdmKSEht
1fVeJPSze1Oiv2UbyKc94aNTdfaKTEVCAqFkPKd+Z7Ctc6WXaqevC/KzkzmYSF0d
RiFuMb5Gop8sR1/tOz+JS72+41vueP6CGuAEZknYD4kI5fokYaBVBmHulD7EKK9U
BpbgY3Wzl+q2Dpq2+RB2Xuo43bCmBA1rfRaEwxb3SjF2bIponeqYJAEPWrFNq4g+
whE=
-----END CERTIFICATE-----
Generated at Wed Jun 18 06:00:50 2025 by rpki-client