Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b-VF5qar6YOeFdUq465ZIJTd5PI.roa
File: b-VF5qar6YOeFdUq465ZIJTd5PI.roa (raw, json)
Hash identifier: LZTqC0YizbigvHjSqFps/xG/qsBXeC76fE6kpKM7XN0=
Subject key identifier: 6F:E5:45:E6:A6:AB:E9:83:9E:15:D5:2A:E3:AE:59:20:94:DD:E4:F2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0517215137D07B0CDB0AA1DE543A4305
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b-VF5qar6YOeFdUq465ZIJTd5PI.roa
Signing time: Fri 06 Oct 2023 13:04:43 +0000
ROA not before: Fri 06 Oct 2023 13:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:516:a8d0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:05:17:21:51:37:d0:7b:0c:db:0a:a1:de:54:3a:43:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 13:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fe545e6a6abe9839e15d52ae3ae592094dde4f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4a:47:a1:26:06:88:f3:ca:48:d3:36:c2:df:
39:de:fc:35:b2:8e:58:13:d0:1b:13:8f:d5:0c:8f:
d2:6d:99:50:2d:4c:8c:d3:24:0b:1c:b5:63:80:3f:
73:b6:80:40:fd:af:20:3e:84:08:9b:22:07:d2:85:
70:e4:24:35:6f:79:c9:99:6f:df:7a:ce:f5:ef:af:
ac:40:9b:81:32:d8:dd:af:4c:21:1e:f6:8d:91:3f:
90:5b:e8:7d:3c:36:06:17:62:93:9b:7c:20:af:e4:
00:8a:b9:9b:c2:f7:f9:1e:c6:c6:c9:f0:a4:1d:1d:
96:45:a3:a3:f2:8d:30:36:ee:4b:31:ff:8d:ad:ca:
b0:f1:85:05:f1:a8:42:64:17:d7:7b:7b:9f:b4:21:
05:78:38:45:35:7c:59:44:42:c4:6d:67:e5:39:de:
6c:44:24:88:f2:35:5e:51:3b:3b:97:d7:7a:9d:01:
56:22:d1:7f:61:fa:c4:d8:40:1f:db:19:89:8a:5d:
98:16:db:5d:c7:03:8a:a5:c1:a6:e5:54:dd:20:46:
72:37:93:d3:c9:73:e0:7d:88:20:0c:93:61:25:ad:
40:f2:36:3a:2e:ff:e4:57:d9:ae:45:84:f9:fc:3b:
77:92:df:14:15:e6:8d:d4:6a:a7:65:e6:96:e6:e6:
c9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E5:45:E6:A6:AB:E9:83:9E:15:D5:2A:E3:AE:59:20:94:DD:E4:F2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b-VF5qar6YOeFdUq465ZIJTd5PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:65:af:8d:86:99:37:73:79:b7:60:c9:82:78:06:26:86:cc:
d1:4a:6d:76:67:2a:7c:42:c8:cd:97:34:82:40:f1:f1:20:8d:
33:5e:dc:60:2f:ef:45:21:b0:03:8d:99:5b:70:33:47:06:a1:
ea:30:ad:f2:38:9e:47:7f:bc:52:b4:5e:83:ea:83:4e:af:b5:
de:d3:ad:ec:48:67:7f:5f:8f:67:b5:15:3d:b9:c9:96:dd:81:
24:68:58:00:88:e1:17:4e:86:50:22:e1:d6:cc:1c:4a:82:a6:
ed:4a:63:0a:5a:70:61:3e:d0:46:87:6d:9d:e0:3d:0b:b3:55:
44:ff:6e:ee:20:96:a8:65:05:56:91:5d:cf:30:1c:8a:dc:0f:
94:6e:64:7c:7a:a9:e1:09:51:67:1e:a1:07:12:ff:c4:ee:95:
ae:67:bd:f1:f6:52:4d:4b:7f:02:33:5b:5c:49:56:72:85:01:
f4:42:65:f2:c3:83:91:c1:18:36:0b:d3:41:28:df:5d:18:21:
16:8a:00:75:09:3b:5d:2b:2f:3e:0c:00:3c:c3:2e:a1:0d:8e:
4b:a7:e2:47:91:ac:f9:8c:07:3b:ea:5a:67:bf:83:c3:f4:29:
21:f3:02:b0:47:c9:e4:e7:b7:36:95:f6:ab:97:a4:6d:3b:3e:
01:4e:95:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsFFyFRN9B7DNsKod5UOkMFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MTMwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmU1NDVlNmE2YWJlOTgzOWUxNWQ1MmFlM2FlNTkyMDk0ZGRlNGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0pHoSYGiPPKSNM2wt853vw1so5Y
E9AbE4/VDI/SbZlQLUyM0yQLHLVjgD9ztoBA/a8gPoQImyIH0oVw5CQ1b3nJmW/f
es7176+sQJuBMtjdr0whHvaNkT+QW+h9PDYGF2KTm3wgr+QAirmbwvf5HsbGyfCk
HR2WRaOj8o0wNu5LMf+Nrcqw8YUF8ahCZBfXe3uftCEFeDhFNXxZRELEbWflOd5s
RCSI8jVeUTs7l9d6nQFWItF/YfrE2EAf2xmJil2YFttdxwOKpcGm5VTdIEZyN5PT
yXPgfYggDJNhJa1A8jY6Lv/kV9muRYT5/Dt3kt8UFeaN1GqnZeaW5ubJBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG/lReamq+mDnhXVKuOuWSCU3eTyMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYi1WRjVxYXI2WU9lRmRVcTQ2NVpJSlRkNVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABxlr42GmTdzebdgyYJ4
BiaGzNFKbXZnKnxCyM2XNIJA8fEgjTNe3GAv70UhsAONmVtwM0cGoeowrfI4nkd/
vFK0XoPqg06vtd7TrexIZ39fj2e1FT25yZbdgSRoWACI4RdOhlAi4dbMHEqCpu1K
YwpacGE+0EaHbZ3gPQuzVUT/bu4glqhlBVaRXc8wHIrcD5RuZHx6qeEJUWceoQcS
/8Tula5nvfH2Uk1LfwIzW1xJVnKFAfRCZfLDg5HBGDYL00Eo310YIRaKAHUJO10r
Lz4MADzDLqENjkun4keRrPmMBzvqWme/g8P0KSHzArBHyeTntzaV9quXpG07PgFO
lc8=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:56:14 2025 by rpki-client