Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WqEgzpqWlzO85caeTZNyn2HgIRQ.roa
File: WqEgzpqWlzO85caeTZNyn2HgIRQ.roa (raw, json)
Hash identifier: zQ1SWr6qBs7q4nvfbDVMN+yxjXk0BMFEgB1dm2mbKng=
Subject key identifier: 5A:A1:20:CE:9A:96:97:33:BC:E5:C6:9E:4D:93:72:9F:61:E0:21:14
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6A9396204ECDDF70FF12929A23F6C540
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WqEgzpqWlzO85caeTZNyn2HgIRQ.roa
Signing time: Thu 14 Dec 2023 23:05:06 +0000
ROA not before: Thu 14 Dec 2023 23:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:6a92:d59a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6a:93:96:20:4e:cd:df:70:ff:12:92:9a:23:f6:c5:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 23:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5aa120ce9a969733bce5c69e4d93729f61e02114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:32:32:64:53:ff:46:67:22:21:3f:52:3e:f7:
a9:5c:36:bf:5e:80:f7:3b:1a:35:8f:bc:52:3f:64:
1d:6b:d0:dd:cd:4d:86:e7:fe:9f:f4:2e:72:95:6c:
07:44:b9:a3:11:bb:7a:24:30:88:50:25:0a:64:f9:
ee:7e:9d:0b:6e:93:05:67:0b:12:99:1d:3b:74:bb:
ec:f9:24:f4:fd:cc:13:a8:06:f3:64:f3:a2:ec:94:
38:e7:68:69:ce:8e:52:7c:9d:64:bf:86:fd:c8:bc:
4d:b3:63:e1:3c:29:f0:3f:31:4a:c2:2c:2d:e5:2a:
84:4a:c5:5c:5b:3b:c4:ae:bf:65:53:5b:e4:07:02:
28:35:ad:8b:3f:96:b8:a5:bb:1c:1c:78:5d:6f:60:
06:a9:c2:a7:65:07:6d:be:63:92:b1:8a:99:bd:bc:
ad:38:9c:6e:f7:28:14:c3:72:77:ce:16:f1:f9:fe:
93:47:d1:2a:88:60:3c:17:45:1d:78:06:ce:79:a3:
67:c8:45:06:33:e6:09:9f:b6:ec:df:1e:50:29:28:
b0:eb:f1:67:71:04:f4:27:c4:cd:1c:47:9e:60:3f:
8d:d9:95:45:35:57:71:71:b0:96:ea:18:d0:c4:ce:
23:f0:90:1c:a9:bd:2a:af:09:cf:4c:58:dd:7c:60:
d6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A1:20:CE:9A:96:97:33:BC:E5:C6:9E:4D:93:72:9F:61:E0:21:14
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WqEgzpqWlzO85caeTZNyn2HgIRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:08:0c:78:34:34:a4:f3:99:97:6c:5f:a4:d4:d5:ed:49:9f:
91:2f:6e:00:10:ec:07:e4:46:44:9b:58:e7:5f:38:08:eb:ec:
44:6d:aa:41:55:dc:11:06:aa:85:b5:d6:4a:0a:84:28:99:6f:
3a:86:4f:dc:57:72:a2:4e:b6:7f:e9:cb:97:66:51:46:62:76:
bb:47:cd:e2:32:ba:2b:8a:ef:42:13:8a:f2:37:b3:aa:75:63:
95:65:39:ac:62:e4:bf:aa:a3:4a:58:72:bc:5c:93:66:17:25:
db:c4:f9:8a:1f:97:14:6a:b8:20:29:a7:ae:4f:03:7a:f1:6c:
ba:17:91:62:e5:b3:f7:dc:0e:c2:3c:c7:6a:35:bd:82:18:b1:
08:a3:d9:f2:cc:ad:cb:00:d7:19:21:65:ce:ec:d9:6e:f8:35:
5f:cd:d1:b4:ba:16:da:7b:77:35:78:d3:04:cc:b0:81:23:ac:
23:dc:6c:8a:8c:1b:71:a5:4c:37:7d:9c:b9:ea:cf:c3:61:3e:
1e:e9:b2:92:87:b2:83:87:c1:61:4d:62:8a:14:ec:18:31:33:
a4:d6:33:d8:93:ea:3b:9a:6a:2a:24:c3:6b:d2:46:fa:90:77:
46:81:72:6b:e8:49:79:dc:2b:f9:92:8a:9a:3d:78:de:ae:c7:
ce:7b:f4:2e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxqk5YgTs3fcP8Skpoj9sVAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MjMwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWExMjBjZTlhOTY5NzMzYmNlNWM2OWU0ZDkzNzI5ZjYxZTAyMTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDIyZFP/RmciIT9SPvepXDa/XoD3
Oxo1j7xSP2Qda9DdzU2G5/6f9C5ylWwHRLmjEbt6JDCIUCUKZPnufp0LbpMFZwsS
mR07dLvs+ST0/cwTqAbzZPOi7JQ452hpzo5SfJ1kv4b9yLxNs2PhPCnwPzFKwiwt
5SqESsVcWzvErr9lU1vkBwIoNa2LP5a4pbscHHhdb2AGqcKnZQdtvmOSsYqZvbyt
OJxu9ygUw3J3zhbx+f6TR9EqiGA8F0UdeAbOeaNnyEUGM+YJn7bs3x5QKSiw6/Fn
cQT0J8TNHEeeYD+N2ZVFNVdxcbCW6hjQxM4j8JAcqb0qrwnPTFjdfGDWgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFqhIM6alpczvOXGnk2Tcp9h4CEUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV3FFZ3pwcVdsek84NWNhZVRaTnluMkhnSVJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKcIDHg0NKTzmZdsX6TU
1e1Jn5EvbgAQ7AfkRkSbWOdfOAjr7ERtqkFV3BEGqoW11koKhCiZbzqGT9xXcqJO
tn/py5dmUUZidrtHzeIyuiuK70ITivI3s6p1Y5VlOaxi5L+qo0pYcrxck2YXJdvE
+YoflxRquCApp65PA3rxbLoXkWLls/fcDsI8x2o1vYIYsQij2fLMrcsA1xkhZc7s
2W74NV/N0bS6Ftp7dzV40wTMsIEjrCPcbIqMG3GlTDd9nLnqz8NhPh7pspKHsoOH
wWFNYooU7BgxM6TWM9iT6juaaiokw2vSRvqQd0aBcmvoSXncK/mSipo9eN6ux857
9C4=
-----END CERTIFICATE-----
Generated at Wed Jun 18 13:19:29 2025 by rpki-client