Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b4PMxwn471Tx-OEEDoplmp69iVw.roa
File: b4PMxwn471Tx-OEEDoplmp69iVw.roa (raw, json)
Hash identifier: nYLjBm0GY9+DcZvkM1G2BxlWjPqQ4IEReHlgV24gssE=
Subject key identifier: 6F:83:CC:C7:09:F8:EF:54:F1:F8:E1:04:0E:8A:65:9A:9E:BD:89:5C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD1CC1F0E18C79DE5C1BAE0680B23006A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b4PMxwn471Tx-OEEDoplmp69iVw.roa
Signing time: Wed 15 Nov 2023 07:04:57 +0000
ROA not before: Wed 15 Nov 2023 07:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18b:d1cb:8af4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:cc:1f:0e:18:c7:9d:e5:c1:ba:e0:68:0b:23:00:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 15 07:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f83ccc709f8ef54f1f8e1040e8a659a9ebd895c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:b6:6b:74:6a:9b:cf:43:a8:d2:22:a8:2d:18:
3a:73:a3:18:67:5c:a8:f7:a6:b3:e3:4d:35:b1:e3:
5c:08:aa:38:c5:a4:ea:1a:08:f0:dd:c2:90:1d:90:
d9:73:2f:29:43:94:2d:e6:61:70:18:0e:7b:85:69:
6b:10:6b:81:ad:9b:57:5e:4e:3c:41:a1:f1:71:73:
2b:6b:d5:ff:fc:3c:02:d4:07:ab:7b:e8:8e:1b:e2:
4f:31:08:86:fa:0a:cb:49:5e:00:0f:16:40:6a:65:
20:63:5f:3c:f4:bc:d7:48:a2:0b:be:52:89:25:e0:
d4:ba:95:da:e4:bb:83:3f:70:02:f4:ef:14:dd:49:
ab:2d:5c:65:87:4c:f1:7d:83:4f:51:4b:9e:81:82:
fd:4f:d1:58:c0:31:68:c5:bf:76:58:3b:47:a3:36:
08:0c:f2:56:a1:23:eb:7d:64:ce:af:bd:3e:01:a6:
0d:f0:3d:29:5e:3a:d7:58:c8:ef:c8:cf:bc:c6:57:
8a:a3:63:b7:67:a4:f6:89:33:18:f8:21:37:6b:69:
52:e7:78:bd:f1:6c:9b:b9:b0:a9:3a:57:9c:16:d7:
6c:99:b1:e0:21:af:36:e9:ff:4d:9e:f2:15:bb:c5:
87:e5:9d:fe:bd:97:17:ea:4a:2b:6f:32:d9:8a:be:
c4:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:83:CC:C7:09:F8:EF:54:F1:F8:E1:04:0E:8A:65:9A:9E:BD:89:5C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/b4PMxwn471Tx-OEEDoplmp69iVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7a:85:5b:d5:88:9d:ba:fe:cc:8c:56:b7:cd:83:d4:1c:05:a7:
02:7e:3b:76:ff:9f:08:00:dc:75:dc:59:63:a4:01:45:02:d9:
04:c1:94:d2:dc:4b:bc:26:f9:4a:08:32:1f:46:f7:28:b7:d3:
28:59:a3:ce:45:29:08:36:31:a2:51:03:bc:4f:26:a8:60:53:
79:5f:26:7a:ae:94:b4:3b:56:74:94:97:c0:d2:25:7b:88:69:
26:6f:b8:0b:48:9e:8d:ab:57:a1:f7:8b:32:3e:86:65:5b:a1:
2e:a4:99:bf:e7:b1:ad:e1:00:b5:63:45:38:bb:72:40:87:62:
36:39:10:1a:76:c0:b8:d4:d4:74:30:66:b0:6f:a2:b1:a0:1b:
30:39:86:db:ef:57:96:ea:c5:06:3a:57:be:5f:c3:ce:f3:b3:
32:68:f4:b6:a6:81:95:8d:a2:fb:a0:19:2f:b2:f5:f3:52:e4:
a5:f7:e3:31:13:75:23:c0:ad:05:91:04:d3:d0:a5:54:d4:d2:
5e:08:f6:0e:0e:25:c9:b1:ec:46:19:df:df:0c:75:04:91:1b:
3c:fe:01:b1:c0:ca:99:9e:aa:28:10:9b:f8:9f:05:5b:81:b5:
a0:ba:4f:96:a4:79:c2:47:b7:3b:be:43:3a:dc:a6:aa:0c:fa:
b2:78:6a:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvRzB8OGMed5cG64GgLIwBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE1MDcwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjgzY2NjNzA5ZjhlZjU0ZjFmOGUxMDQwZThhNjU5YTllYmQ4OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6rZrdGqbz0Oo0iKoLRg6c6MYZ1yo
96az4001seNcCKo4xaTqGgjw3cKQHZDZcy8pQ5Qt5mFwGA57hWlrEGuBrZtXXk48
QaHxcXMra9X//DwC1Aere+iOG+JPMQiG+grLSV4ADxZAamUgY1889LzXSKILvlKJ
JeDUupXa5LuDP3AC9O8U3UmrLVxlh0zxfYNPUUuegYL9T9FYwDFoxb92WDtHozYI
DPJWoSPrfWTOr70+AaYN8D0pXjrXWMjvyM+8xleKo2O3Z6T2iTMY+CE3a2lS53i9
8WybubCpOlecFtdsmbHgIa826f9NnvIVu8WH5Z3+vZcX6korbzLZir7EwQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG+DzMcJ+O9U8fjhBA6KZZqevYlcMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYjRQTXh3bjQ3MVR4LU9FRURvcGxtcDY5aVZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHqFW9WInbr+zIxWt82D
1BwFpwJ+O3b/nwgA3HXcWWOkAUUC2QTBlNLcS7wm+UoIMh9G9yi30yhZo85FKQg2
MaJRA7xPJqhgU3lfJnqulLQ7VnSUl8DSJXuIaSZvuAtIno2rV6H3izI+hmVboS6k
mb/nsa3hALVjRTi7ckCHYjY5EBp2wLjU1HQwZrBvorGgGzA5htvvV5bqxQY6V75f
w87zszJo9LamgZWNovugGS+y9fNS5KX34zETdSPArQWRBNPQpVTU0l4I9g4OJcmx
7EYZ398MdQSRGzz+AbHAypmeqigQm/ifBVuBtaC6T5akecJHtzu+QzrcpqoM+rJ4
aiE=
-----END CERTIFICATE-----
Generated at Tue Jun 17 23:45:43 2025 by rpki-client