Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VznZHbiBxgARIqNnpJkL5elXxEE.roa
File: VznZHbiBxgARIqNnpJkL5elXxEE.roa (raw, json)
Hash identifier: jBlqlJ98i7I3RPOBznGmk1sXrIOTNEn+T4YbWZyCPEI=
Subject key identifier: 57:39:D9:1D:B8:81:C6:00:11:22:A3:67:A4:99:0B:E5:E9:57:C4:41
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD0F451838609045A4D3C520F08755306
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VznZHbiBxgARIqNnpJkL5elXxEE.roa
Signing time: Tue 26 Sep 2023 10:06:27 +0000
ROA not before: Tue 26 Sep 2023 10:06:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:d0f3:6b91/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d0:f4:51:83:86:09:04:5a:4d:3c:52:0f:08:75:53:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 10:06:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5739d91db881c6001122a367a4990be5e957c441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:91:2c:ea:48:82:80:f5:1a:71:56:65:13:cb:
b4:cc:7f:d5:60:10:f6:1c:11:85:bd:5a:09:88:d3:
81:9e:cf:e0:c0:7e:bc:49:d7:8d:7f:a3:4d:f2:ee:
42:21:71:9b:36:27:55:ad:1a:1c:4f:7d:50:88:0e:
45:7a:b3:dc:82:3f:be:b1:35:65:06:81:53:bd:52:
8a:ae:1e:53:cf:48:14:e7:c3:bd:5b:40:bd:65:b6:
41:ba:ad:eb:a2:58:0a:10:73:30:11:37:78:78:53:
2a:92:2e:a2:90:a6:5a:9a:0b:8d:98:b2:33:2b:5a:
b2:13:ec:e9:a3:16:64:97:d3:73:6e:31:68:50:7c:
45:c6:c3:a0:9f:66:25:42:1e:b1:1c:4e:c5:cb:6c:
10:92:94:c2:dc:8c:44:2c:7d:07:85:6e:85:57:ba:
b9:9f:7c:d5:0a:08:6d:8b:27:97:f3:cb:32:56:98:
1a:b4:f2:f6:32:e3:da:91:fc:c2:af:83:3f:74:fa:
1e:fd:46:ad:81:4c:6c:8a:44:f8:1b:c7:ac:ad:30:
95:9c:b1:fb:03:e2:02:7f:b1:e4:de:df:36:6a:81:
56:07:bc:af:90:63:be:1d:cd:21:0f:b9:ba:e8:f2:
45:ab:7a:93:2c:ef:59:37:64:ac:69:1c:82:63:78:
da:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:39:D9:1D:B8:81:C6:00:11:22:A3:67:A4:99:0B:E5:E9:57:C4:41
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VznZHbiBxgARIqNnpJkL5elXxEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:13:1c:bc:91:df:f4:6f:79:17:16:f6:34:c0:da:6e:ee:dc:
94:42:79:d1:64:7c:84:0b:27:3c:8b:31:93:b5:57:e1:a5:79:
ba:02:fc:f3:9f:67:77:dd:db:3b:f4:4e:ac:41:d2:ac:c7:75:
06:49:12:8d:8c:d4:69:99:ec:2a:09:fb:a9:1c:f1:28:d0:18:
c3:d0:97:29:8b:96:c3:1f:c2:69:8f:35:56:2e:6e:48:a5:f2:
aa:34:25:c3:c9:98:25:30:e8:2e:c8:17:ca:e2:9f:91:54:84:
52:f7:f9:6a:a2:7c:6f:fa:28:75:85:88:e2:76:9c:ea:1f:0f:
77:cc:3f:d1:8d:98:d5:40:77:e5:47:14:a9:27:14:2f:da:bc:
5b:dd:6b:65:d0:6e:2e:df:ff:a3:a8:b2:98:62:6f:d8:b1:64:
14:56:29:ad:f1:91:1a:eb:01:d2:07:89:4b:55:e4:85:ef:87:
83:3e:32:8b:9b:1a:5b:44:6d:c3:9c:5f:b9:a8:b6:dd:33:ff:
02:7a:44:b7:70:cc:bc:e8:4f:69:4a:b8:67:cf:f3:32:d2:91:
23:16:78:65:27:05:4b:fe:a9:d8:d3:a7:51:29:32:21:97:e2:
70:e1:34:18:99:a3:28:77:21:c5:f2:99:a7:04:e4:18:eb:85:
4e:92:73:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrQ9FGDhgkEWk08Ug8IdVMGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MTAwNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM5ZDkxZGI4ODFjNjAwMTEyMmEzNjdhNDk5MGJlNWU5NTdjNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZEs6kiCgPUacVZlE8u0zH/VYBD2
HBGFvVoJiNOBns/gwH68SdeNf6NN8u5CIXGbNidVrRocT31QiA5FerPcgj++sTVl
BoFTvVKKrh5Tz0gU58O9W0C9ZbZBuq3rolgKEHMwETd4eFMqki6ikKZamguNmLIz
K1qyE+zpoxZkl9NzbjFoUHxFxsOgn2YlQh6xHE7Fy2wQkpTC3IxELH0HhW6FV7q5
n3zVCghtiyeX88syVpgatPL2MuPakfzCr4M/dPoe/UatgUxsikT4G8esrTCVnLH7
A+ICf7Hk3t82aoFWB7yvkGO+Hc0hD7m66PJFq3qTLO9ZN2SsaRyCY3jajwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFc52R24gcYAESKjZ6SZC+XpV8RBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVnpuWkhiaUJ4Z0FSSXFObnBKa0w1ZWxYeEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHwTHLyR3/RveRcW9jTA
2m7u3JRCedFkfIQLJzyLMZO1V+GleboC/POfZ3fd2zv0TqxB0qzHdQZJEo2M1GmZ
7CoJ+6kc8SjQGMPQlymLlsMfwmmPNVYubkil8qo0JcPJmCUw6C7IF8rin5FUhFL3
+WqifG/6KHWFiOJ2nOofD3fMP9GNmNVAd+VHFKknFC/avFvda2XQbi7f/6Oosphi
b9ixZBRWKa3xkRrrAdIHiUtV5IXvh4M+MoubGltEbcOcX7mott0z/wJ6RLdwzLzo
T2lKuGfP8zLSkSMWeGUnBUv+qdjTp1EpMiGX4nDhNBiZoyh3IcXymacE5BjrhU6S
c7k=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:56:46 2025 by rpki-client