Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WZ9ClbMMefH1e3MSrtth2Y6N3Gg.roa
File: WZ9ClbMMefH1e3MSrtth2Y6N3Gg.roa (raw, json)
Hash identifier: UQmjZAhZNeAhdroSaPT6m1yHnrIRvbHMsoP+BRn7tJc=
Subject key identifier: 59:9F:42:95:B3:0C:79:F1:F5:7B:73:12:AE:DB:61:D9:8E:8D:DC:68
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACC3A255165E9057C20EB02FFC76D35CA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WZ9ClbMMefH1e3MSrtth2Y6N3Gg.roa
Signing time: Mon 25 Sep 2023 12:04:37 +0000
ROA not before: Mon 25 Sep 2023 12:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:cc39:df8e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:3a:25:51:65:e9:05:7c:20:eb:02:ff:c7:6d:35:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 12:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=599f4295b30c79f1f57b7312aedb61d98e8ddc68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:66:cc:81:3b:3f:1a:ea:a9:e7:bc:d6:24:5a:
90:07:8c:1a:6f:31:d8:d9:61:f5:f4:cc:87:20:d5:
9a:87:f1:ca:d5:23:57:86:59:55:26:e1:31:4c:94:
ba:4a:c6:9d:87:81:92:9b:0c:7e:4b:6c:97:c2:a3:
83:70:a7:b1:de:47:2e:61:e0:d8:60:69:fb:e5:86:
db:c9:29:3b:9d:94:6a:c1:35:30:aa:be:4d:9d:76:
67:39:36:8e:7a:e0:fb:d4:c4:57:48:30:51:b6:d0:
96:41:ef:b7:da:21:40:38:72:78:a3:32:4f:8d:ba:
38:3f:06:cc:0a:4a:b7:f1:eb:6f:d6:85:7c:2c:22:
84:39:c5:ae:49:df:8b:e5:c3:0a:8e:6f:d4:8f:f5:
a4:f7:22:7c:5c:9d:f3:f4:f0:ee:26:88:f2:fa:9b:
33:ed:f2:0d:81:57:0d:ff:4c:04:7f:2e:f0:40:f9:
df:56:6f:7e:35:88:dd:46:a6:d0:04:8f:9a:81:27:
a0:cb:8e:a3:40:df:31:1f:66:e2:13:31:8c:08:c5:
2e:11:4c:2a:34:33:59:30:99:96:15:96:2e:05:58:
fd:9e:9d:f2:cb:ad:27:eb:a9:76:d4:72:47:96:db:
4a:8b:cf:59:4a:31:5e:35:31:47:de:ef:be:f7:fe:
91:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:9F:42:95:B3:0C:79:F1:F5:7B:73:12:AE:DB:61:D9:8E:8D:DC:68
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WZ9ClbMMefH1e3MSrtth2Y6N3Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:33:93:1a:55:9f:d5:b5:be:06:cf:cf:14:46:04:bd:5f:fb:
1e:c7:a9:54:fe:45:f4:a2:e9:37:1a:12:fa:ce:b6:f2:c2:98:
a5:7c:1c:e2:2a:46:f7:e8:73:08:e9:57:8f:35:e7:5c:05:3b:
e2:71:b3:87:ed:0e:cd:da:e1:03:44:7c:54:61:34:ac:bf:62:
3b:36:ff:bf:52:66:4e:9b:78:28:cc:94:1a:d3:ba:30:cb:23:
2b:67:14:56:08:bd:5d:38:eb:e3:17:ad:f7:34:0b:82:5b:ca:
b8:c1:69:1c:f8:ec:73:a0:92:4d:18:10:66:cf:06:ec:50:2e:
ae:1b:d0:45:4a:b9:97:bf:31:75:26:3c:46:1e:ec:61:ee:d5:
6f:f8:b8:6b:af:ce:ea:2a:c8:38:38:cb:14:96:e5:bc:63:79:
72:67:dd:ba:2e:57:8e:00:b7:ec:da:12:f8:7b:93:70:a6:a5:
01:f0:41:67:3f:ec:dd:47:45:9d:4a:35:07:39:e5:a6:19:2e:
af:0a:61:90:a4:6a:c5:e3:2a:2d:36:19:32:b1:eb:e8:71:ae:
24:07:8c:b9:38:73:73:c8:66:45:16:e7:f3:2e:57:e3:bf:8e:
bb:fa:65:61:30:be:77:04:f1:24:05:13:c0:db:d3:54:20:74:
a6:d5:bd:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrMOiVRZekFfCDrAv/HbTXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MTIwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTlmNDI5NWIzMGM3OWYxZjU3YjczMTJhZWRiNjFkOThlOGRkYzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGbMgTs/Guqp57zWJFqQB4wabzHY
2WH19MyHINWah/HK1SNXhllVJuExTJS6Ssadh4GSmwx+S2yXwqODcKex3kcuYeDY
YGn75YbbySk7nZRqwTUwqr5NnXZnOTaOeuD71MRXSDBRttCWQe+32iFAOHJ4ozJP
jbo4PwbMCkq38etv1oV8LCKEOcWuSd+L5cMKjm/Uj/Wk9yJ8XJ3z9PDuJojy+psz
7fINgVcN/0wEfy7wQPnfVm9+NYjdRqbQBI+agSegy46jQN8xH2biEzGMCMUuEUwq
NDNZMJmWFZYuBVj9np3yy60n66l21HJHlttKi89ZSjFeNTFH3u++9/6R1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFmfQpWzDHnx9XtzEq7bYdmOjdxoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV1o5Q2xiTU1lZkgxZTNNU3J0dGgyWTZOM0dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGEzkxpVn9W1vgbPzxRG
BL1f+x7HqVT+RfSi6TcaEvrOtvLCmKV8HOIqRvfocwjpV48151wFO+Jxs4ftDs3a
4QNEfFRhNKy/Yjs2/79SZk6beCjMlBrTujDLIytnFFYIvV046+MXrfc0C4JbyrjB
aRz47HOgkk0YEGbPBuxQLq4b0EVKuZe/MXUmPEYe7GHu1W/4uGuvzuoqyDg4yxSW
5bxjeXJn3bouV44At+zaEvh7k3CmpQHwQWc/7N1HRZ1KNQc55aYZLq8KYZCkasXj
Ki02GTKx6+hxriQHjLk4c3PIZkUW5/MuV+O/jrv6ZWEwvncE8SQFE8Db01QgdKbV
vSo=
-----END CERTIFICATE-----
Generated at Tue Jun 17 05:18:29 2025 by rpki-client