Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Wc9aPduIG1WVfosHDOV4bl780T8.roa
File: Wc9aPduIG1WVfosHDOV4bl780T8.roa (raw, json)
Hash identifier: Y5D6RIBp2ErJFrht6QJCqm+ZVVjSI6SkTAfZd4C8g/Y=
Subject key identifier: 59:CF:5A:3D:DB:88:1B:55:95:7E:8B:07:0C:E5:78:6E:5E:FC:D1:3F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEB579403F79008805C1964F01D563561
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Wc9aPduIG1WVfosHDOV4bl780T8.roa
Signing time: Sun 01 Oct 2023 13:04:59 +0000
ROA not before: Sun 01 Oct 2023 13:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:eb56:e5f6/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:eb:57:94:03:f7:90:08:80:5c:19:64:f0:1d:56:35:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 13:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59cf5a3ddb881b55957e8b070ce5786e5efcd13f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:08:a2:8a:c5:5b:4f:22:b4:8e:00:df:70:26:
35:c5:7e:4d:25:c7:3a:d6:d5:ea:b6:32:06:4c:cd:
23:45:db:29:a6:d0:16:ec:5c:04:c9:08:7a:e3:a4:
d4:65:56:4f:05:9a:6e:79:27:14:95:d9:49:b6:eb:
17:b6:8b:55:bd:a2:bc:b1:9d:89:c1:07:19:41:9e:
d7:97:76:f5:1e:6c:8d:ba:08:23:58:89:c3:2e:89:
7f:55:94:34:0c:d2:bf:bb:87:8d:c9:f0:5e:fa:76:
97:26:c7:c1:48:a6:10:39:7c:d3:59:bb:00:a5:ca:
d1:cd:80:7b:24:54:1a:a3:98:71:07:e0:5b:1a:9b:
da:da:b6:7c:09:8a:8a:b6:47:42:86:c9:27:5d:5e:
19:6d:74:b1:b9:6c:7c:b9:59:45:09:90:0b:ef:22:
29:53:1b:89:c3:b8:60:67:a3:8f:a3:36:e4:f4:56:
af:c9:61:d5:8b:83:b6:95:c5:16:53:15:8d:80:66:
f1:07:13:6f:a2:e7:05:f7:0f:e2:4b:12:13:e8:01:
63:2c:f7:3d:c2:1b:3e:69:13:e8:4d:87:7c:e8:a7:
2a:7c:f9:2d:a0:87:80:9c:ea:92:fe:d9:11:93:d3:
c8:e6:96:ab:82:4d:f3:d3:87:91:da:d4:77:72:e3:
3a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CF:5A:3D:DB:88:1B:55:95:7E:8B:07:0C:E5:78:6E:5E:FC:D1:3F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Wc9aPduIG1WVfosHDOV4bl780T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:73:8e:a9:a5:de:47:88:ef:f4:3d:a8:2f:f6:07:4f:e9:ba:
de:c3:6e:11:91:c1:a9:08:2a:8c:79:c0:c5:d8:e8:72:b2:46:
93:97:f1:f8:00:07:11:38:18:f9:ce:98:5a:98:ea:44:b9:44:
e8:ee:f0:ee:3a:18:81:ec:9a:51:a6:40:b7:68:eb:6d:81:6a:
af:7e:42:3c:ad:b7:ad:a4:72:5b:6f:54:c0:8c:50:bd:41:38:
e0:b3:e2:ed:c4:4b:1c:e2:a5:2f:59:21:f7:a9:37:9a:ce:58:
90:07:f1:8d:33:77:c0:13:67:bd:c9:5b:eb:b2:4b:07:48:3f:
79:5f:48:91:d9:1d:ca:24:51:73:4c:4e:de:48:53:79:93:60:
e8:b5:ae:2d:d1:cd:08:f8:96:86:66:e9:14:54:05:da:54:03:
48:0a:88:e1:5f:0e:54:24:3f:08:2e:9d:2d:8d:8d:8b:f5:02:
7a:c3:d6:ff:7f:e4:93:f2:42:99:b0:fd:3d:7b:0c:42:36:67:
b2:9d:a3:07:bc:db:dc:7a:82:d6:cf:d3:fb:6f:dc:cc:36:0c:
ad:60:a0:8a:2d:43:6b:3e:f1:f4:62:3c:b4:be:34:74:96:a7:
d0:9a:9d:8b:f1:dd:71:a0:b5:b4:df:bc:c8:e2:3f:81:93:b3:
18:04:aa:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrrV5QD95AIgFwZZPAdVjVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMTMwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWNmNWEzZGRiODgxYjU1OTU3ZThiMDcwY2U1Nzg2ZTVlZmNkMTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQiiisVbTyK0jgDfcCY1xX5NJcc6
1tXqtjIGTM0jRdspptAW7FwEyQh646TUZVZPBZpueScUldlJtusXtotVvaK8sZ2J
wQcZQZ7Xl3b1HmyNuggjWInDLol/VZQ0DNK/u4eNyfBe+naXJsfBSKYQOXzTWbsA
pcrRzYB7JFQao5hxB+BbGpva2rZ8CYqKtkdChsknXV4ZbXSxuWx8uVlFCZAL7yIp
UxuJw7hgZ6OPozbk9FavyWHVi4O2lcUWUxWNgGbxBxNvoucF9w/iSxIT6AFjLPc9
whs+aRPoTYd86KcqfPktoIeAnOqS/tkRk9PI5pargk3z04eR2tR3cuM6nQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFnPWj3biBtVlX6LBwzleG5e/NE/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV2M5YVBkdUlHMVdWZm9zSERPVjRibDc4MFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABZzjqml3keI7/Q9qC/2
B0/put7DbhGRwakIKox5wMXY6HKyRpOX8fgABxE4GPnOmFqY6kS5ROju8O46GIHs
mlGmQLdo622Baq9+Qjytt62kcltvVMCMUL1BOOCz4u3ESxzipS9ZIfepN5rOWJAH
8Y0zd8ATZ73JW+uySwdIP3lfSJHZHcokUXNMTt5IU3mTYOi1ri3RzQj4loZm6RRU
BdpUA0gKiOFfDlQkPwgunS2NjYv1AnrD1v9/5JPyQpmw/T17DEI2Z7Kdowe829x6
gtbP0/tv3Mw2DK1goIotQ2s+8fRiPLS+NHSWp9CanYvx3XGgtbTfvMjiP4GTsxgE
qr4=
-----END CERTIFICATE-----
Generated at Tue Jun 17 07:07:59 2025 by rpki-client