Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dW3xqlrRCs6NRnmycscHA_M7rSo.roa
File: dW3xqlrRCs6NRnmycscHA_M7rSo.roa (raw, json)
Hash identifier: ApUiZG49OyLnVfm+F6L5Wtza/WubpNFpy0seeeajjos=
Subject key identifier: 75:6D:F1:AA:5A:D1:0A:CE:8D:46:79:B2:72:C7:07:03:F3:3B:AD:2A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2EEEFCAB17FAD863A66757E5CE768A68
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dW3xqlrRCs6NRnmycscHA_M7rSo.roa
Signing time: Sat 14 Oct 2023 16:04:56 +0000
ROA not before: Sat 14 Oct 2023 16:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:2eee:5e52/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2e:ee:fc:ab:17:fa:d8:63:a6:67:57:e5:ce:76:8a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 16:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=756df1aa5ad10ace8d4679b272c70703f33bad2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:df:20:c4:bb:17:44:7e:47:76:22:58:0f:ba:
15:c9:a9:b1:41:5e:11:36:62:22:2e:c0:d3:75:09:
f0:87:81:02:02:f6:39:c0:d2:07:18:a8:0d:d1:dd:
b2:ef:22:ed:a1:35:1d:cc:26:b4:31:87:31:a3:fc:
66:7d:8d:bb:88:7b:49:52:36:2e:d7:ec:b9:6e:15:
5f:3d:14:b0:a7:f1:17:87:a3:7c:e5:72:4c:c1:c2:
f9:d5:79:d0:8d:30:89:85:bf:0e:43:24:05:d6:4c:
67:31:c8:4c:7a:ab:b1:d2:09:fa:18:dc:49:62:e5:
79:0a:3e:f7:3e:13:91:aa:93:81:02:0f:57:53:b7:
79:30:d4:d9:7d:61:e8:34:63:4f:59:86:6d:b2:63:
90:44:13:96:bc:6e:9a:1d:14:64:08:f8:d3:05:b4:
05:72:2e:29:6a:ef:dd:22:83:2a:25:24:9a:bd:5f:
b9:e5:cf:72:53:b9:90:4d:1a:9f:bc:cc:6c:66:2b:
f7:af:bd:1d:0c:78:5f:49:45:a0:ae:99:8f:65:b3:
08:1f:0d:61:25:d2:1e:29:98:63:e5:82:37:a2:c5:
76:79:a7:81:49:26:fc:9c:49:c6:86:86:cb:b9:5f:
cb:1c:33:8c:58:b0:96:8d:ef:c2:6a:7f:94:ed:f4:
5c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6D:F1:AA:5A:D1:0A:CE:8D:46:79:B2:72:C7:07:03:F3:3B:AD:2A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dW3xqlrRCs6NRnmycscHA_M7rSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:94:8b:b3:ad:3f:c2:ec:9e:04:3c:9d:23:4b:19:50:d5:be:
de:71:b1:08:67:e0:93:03:98:10:06:83:94:37:1e:ee:cf:79:
49:c8:26:bd:d9:d3:41:b1:8a:19:58:f7:8e:e5:09:3b:94:72:
4c:f2:ba:fa:67:22:88:74:ad:d1:58:29:73:52:8e:6c:a2:25:
2d:39:1b:69:aa:57:a7:d8:ce:62:4c:4f:65:bf:9e:51:8c:81:
29:a3:61:c6:d3:d4:de:ec:e8:23:f1:b3:38:72:c5:aa:8c:ee:
48:25:c9:e9:d4:68:c3:d1:90:38:2c:d3:22:ef:a9:c6:49:d2:
f1:a0:8f:76:94:68:41:05:db:79:91:aa:15:da:38:3c:89:83:
60:6a:83:f9:31:9e:71:ad:4c:40:a0:ee:ae:fb:b5:8d:07:03:
15:12:2c:b5:db:55:00:ca:dc:0a:a4:d6:b6:21:0e:35:f8:ac:
e2:66:7f:96:38:86:d4:e1:38:6e:94:95:b1:55:eb:9c:d6:bd:
14:9f:7b:28:f9:3e:3c:bf:0e:2e:46:63:1f:6e:27:15:aa:cf:
15:3a:f6:2c:78:be:70:7d:e5:f3:be:59:0d:ec:ba:16:a4:31:
7c:1b:c5:d4:01:ae:b9:1d:3f:f3:ba:8a:e4:9a:45:08:5f:5e:
eb:1d:9a:2b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsu7vyrF/rYY6ZnV+XOdopoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MTYwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZkZjFhYTVhZDEwYWNlOGQ0Njc5YjI3MmM3MDcwM2YzM2JhZDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN8gxLsXRH5HdiJYD7oVyamxQV4R
NmIiLsDTdQnwh4ECAvY5wNIHGKgN0d2y7yLtoTUdzCa0MYcxo/xmfY27iHtJUjYu
1+y5bhVfPRSwp/EXh6N85XJMwcL51XnQjTCJhb8OQyQF1kxnMchMequx0gn6GNxJ
YuV5Cj73PhORqpOBAg9XU7d5MNTZfWHoNGNPWYZtsmOQRBOWvG6aHRRkCPjTBbQF
ci4pau/dIoMqJSSavV+55c9yU7mQTRqfvMxsZiv3r70dDHhfSUWgrpmPZbMIHw1h
JdIeKZhj5YI3osV2eaeBSSb8nEnGhobLuV/LHDOMWLCWje/Can+U7fRcIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHVt8apa0QrOjUZ5snLHBwPzO60qMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZFczeHFsclJDczZOUm5teWNzY0hBX003clNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFOUi7OtP8LsngQ8nSNL
GVDVvt5xsQhn4JMDmBAGg5Q3Hu7PeUnIJr3Z00GxihlY947lCTuUckzyuvpnIoh0
rdFYKXNSjmyiJS05G2mqV6fYzmJMT2W/nlGMgSmjYcbT1N7s6CPxszhyxaqM7kgl
yenUaMPRkDgs0yLvqcZJ0vGgj3aUaEEF23mRqhXaODyJg2Bqg/kxnnGtTECg7q77
tY0HAxUSLLXbVQDK3Aqk1rYhDjX4rOJmf5Y4htThOG6UlbFV65zWvRSfeyj5Pjy/
Di5GYx9uJxWqzxU69ix4vnB95fO+WQ3suhakMXwbxdQBrrkdP/O6iuSaRQhfXusd
mis=
-----END CERTIFICATE-----
Generated at Tue Jun 17 22:59:11 2025 by rpki-client