Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cFROpmQLQgREFDBT2Cgveo37UCg.roa
File: cFROpmQLQgREFDBT2Cgveo37UCg.roa (raw, json)
Hash identifier: 1kYlCSVjKkO9pmSpwkf/btRId7+wYVaCU5WJllHFVd8=
Subject key identifier: 70:54:4E:A6:64:0B:42:04:44:14:30:53:D8:28:2F:7A:8D:FB:50:28
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C16E47AB2073201B0F6A81351D43EFE75
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cFROpmQLQgREFDBT2Cgveo37UCg.roa
Signing time: Tue 28 Nov 2023 17:05:21 +0000
ROA not before: Tue 28 Nov 2023 17:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:16e3:96ea/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:e4:7a:b2:07:32:01:b0:f6:a8:13:51:d4:3e:fe:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 17:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70544ea6640b420444143053d8282f7a8dfb5028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:51:00:49:12:df:24:5b:31:d3:6c:ee:2f:2c:
a2:53:03:8c:c1:bf:e2:56:1b:7f:c1:b6:db:9a:a7:
8b:be:11:60:55:5d:92:02:73:e4:6d:2e:8b:7b:53:
6c:2e:a4:30:34:26:bf:dd:19:3c:29:71:07:50:d2:
a7:43:34:a8:0e:70:c6:4c:71:36:3e:d2:45:e9:59:
08:5e:cf:24:06:5a:46:8a:bd:f8:bf:31:47:d2:49:
6d:a8:8e:8c:87:57:f6:56:a4:f1:62:be:37:0f:79:
06:ea:ea:cd:c2:70:84:99:db:ad:bb:d8:a4:35:54:
ee:c8:05:27:c7:da:a4:ee:6f:df:62:28:33:45:0e:
9e:22:89:aa:01:af:46:48:70:2c:69:5d:8d:19:50:
82:c7:70:74:2d:87:0a:18:8b:0b:57:1e:d4:a1:8b:
3f:82:dc:90:61:18:5d:d5:41:38:8a:62:36:b7:53:
31:35:ca:28:28:6d:91:67:31:f5:14:5c:8a:dd:f5:
0a:53:e7:25:72:e6:c3:72:86:cc:a6:9b:01:7e:5b:
58:54:47:71:47:8f:ca:d8:11:43:8c:d5:13:db:da:
4e:80:ea:f5:1a:cb:c2:84:b4:b6:d0:7c:1f:38:cc:
7b:fd:2d:ca:ba:43:8e:93:9e:99:32:13:fb:b1:41:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:54:4E:A6:64:0B:42:04:44:14:30:53:D8:28:2F:7A:8D:FB:50:28
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cFROpmQLQgREFDBT2Cgveo37UCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
87:89:d5:cb:8f:2a:48:36:88:bc:31:56:bc:12:8b:2a:d1:7c:
63:27:29:9c:22:07:c0:95:5c:44:3d:b7:f8:a8:e6:ca:81:94:
71:5f:bd:14:54:c8:d3:47:c8:5a:01:bf:d2:6f:30:ec:7e:7c:
5d:60:5a:df:87:2b:4d:3b:e5:19:33:fa:a3:cc:59:44:24:4e:
a4:c6:22:1f:52:54:6d:7b:ae:e4:5c:17:9c:76:a3:d7:05:63:
f8:6a:c7:7e:8f:5f:20:8b:1d:7e:c3:01:d1:72:c1:f1:6c:40:
50:8c:14:3a:01:6d:ee:c8:7b:a6:59:e8:6e:7e:06:1e:41:4c:
81:b2:60:8b:2d:ac:16:25:64:0f:48:f1:6a:35:84:aa:42:c4:
32:35:bf:a1:aa:bb:64:98:c2:d2:d0:3a:e4:71:42:64:32:ce:
47:88:fc:02:f2:a6:ce:8b:85:ae:d4:b8:5c:80:6e:b2:8e:ea:
a3:27:db:0e:37:df:2b:18:61:77:aa:db:8b:dc:75:98:6d:73:
77:cd:89:dc:83:41:cc:8b:35:b6:01:71:ce:89:79:a7:2e:0e:
8d:0f:a1:e0:a1:6e:e1:82:7b:aa:4b:28:af:86:a6:0c:8d:3d:
43:29:d2:d3:bb:a6:0a:bf:28:05:7e:dd:46:85:1e:f6:bf:87:
70:66:62:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwW5HqyBzIBsPaoE1HUPv51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MTcwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU0NGVhNjY0MGI0MjA0NDQxNDMwNTNkODI4MmY3YThkZmI1MDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVEASRLfJFsx02zuLyyiUwOMwb/i
Vht/wbbbmqeLvhFgVV2SAnPkbS6Le1NsLqQwNCa/3Rk8KXEHUNKnQzSoDnDGTHE2
PtJF6VkIXs8kBlpGir34vzFH0kltqI6Mh1f2VqTxYr43D3kG6urNwnCEmdutu9ik
NVTuyAUnx9qk7m/fYigzRQ6eIomqAa9GSHAsaV2NGVCCx3B0LYcKGIsLVx7UoYs/
gtyQYRhd1UE4imI2t1MxNcooKG2RZzH1FFyK3fUKU+clcubDcobMppsBfltYVEdx
R4/K2BFDjNUT29pOgOr1GsvChLS20HwfOMx7/S3KukOOk56ZMhP7sUHzEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHBUTqZkC0IERBQwU9goL3qN+1AoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY0ZST3BtUUxRZ1JFRkRCVDJDZ3ZlbzM3VUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIeJ1cuPKkg2iLwxVrwS
iyrRfGMnKZwiB8CVXEQ9t/io5sqBlHFfvRRUyNNHyFoBv9JvMOx+fF1gWt+HK007
5Rkz+qPMWUQkTqTGIh9SVG17ruRcF5x2o9cFY/hqx36PXyCLHX7DAdFywfFsQFCM
FDoBbe7Ie6ZZ6G5+Bh5BTIGyYIstrBYlZA9I8Wo1hKpCxDI1v6Gqu2SYwtLQOuRx
QmQyzkeI/ALyps6Lha7UuFyAbrKO6qMn2w433ysYYXeq24vcdZhtc3fNidyDQcyL
NbYBcc6JeacuDo0PoeChbuGCe6pLKK+GpgyNPUMp0tO7pgq/KAV+3UaFHva/h3Bm
YtY=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:27:38 2025 by rpki-client