Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ery8W9Sd3DHbr9UDmuZoNS413tk.roa
File: ery8W9Sd3DHbr9UDmuZoNS413tk.roa (raw, json)
Hash identifier: V5GsFUuafbLms3LPhtyFF2+ADl3HuzVnNELU/NzdogE=
Subject key identifier: 7A:BC:BC:5B:D4:9D:DC:31:DB:AF:D5:03:9A:E6:68:35:2E:35:DE:D9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4F5B08C23ECE494ADDB065BA7CCA223D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ery8W9Sd3DHbr9UDmuZoNS413tk.roa
Signing time: Fri 20 Oct 2023 23:10:47 +0000
ROA not before: Fri 20 Oct 2023 23:10:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:4f55:346c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4f:5b:08:c2:3e:ce:49:4a:dd:b0:65:ba:7c:ca:22:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 20 23:10:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7abcbc5bd49ddc31dbafd5039ae668352e35ded9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3e:dd:27:10:b4:81:e5:f0:a0:ff:48:86:60:
34:55:8e:27:79:99:d7:7e:c9:16:a7:5d:e3:4e:ad:
98:5a:02:38:f3:bd:5c:a6:8d:3b:a6:66:b5:73:32:
9c:e5:40:4f:09:00:7b:82:5a:39:2f:64:6c:20:fa:
95:16:50:82:f6:63:d5:e7:60:a1:48:18:cc:99:62:
81:66:52:b6:92:b0:a1:7b:cd:ee:d7:cd:13:15:46:
07:2e:37:b3:be:24:43:e7:a7:ad:0a:e3:17:ef:80:
05:6e:d4:ac:24:d8:e9:62:41:57:69:4f:01:d9:51:
b3:36:d3:0a:5f:5f:18:a1:45:42:88:44:de:df:6a:
f4:4e:b2:05:39:a4:05:95:7c:ed:c9:0a:d0:3b:6b:
b4:48:5d:6c:dc:e9:6f:87:94:46:62:85:b8:11:95:
ca:2d:2b:28:8e:92:ee:e2:25:06:47:01:61:ae:59:
ad:7b:3f:f7:3c:c9:1a:bb:9a:69:c0:f4:57:e9:fb:
3f:00:2c:1b:61:b0:46:d9:ec:da:66:5d:27:0e:76:
1a:32:66:6d:e6:64:9f:c2:80:9d:d5:88:79:43:23:
3a:9f:aa:9c:a8:7d:71:ae:9b:20:bb:63:25:f9:2a:
de:aa:95:eb:9b:0a:6c:53:ba:66:00:68:ac:5e:4b:
6a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BC:BC:5B:D4:9D:DC:31:DB:AF:D5:03:9A:E6:68:35:2E:35:DE:D9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ery8W9Sd3DHbr9UDmuZoNS413tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:5f:e1:b3:73:bd:83:26:54:55:ee:c0:b4:a1:ca:25:67:77:
1e:16:08:84:63:39:ce:1d:cc:f5:01:14:2a:e5:7b:a6:8c:ee:
aa:c9:44:27:49:62:aa:8b:a6:02:23:a3:59:21:8d:1c:30:1a:
be:cc:a6:8a:ee:49:1d:5a:9b:f4:eb:d5:29:44:a9:a6:aa:42:
67:d3:2f:d7:40:4a:65:1f:d6:79:96:db:b0:78:6b:e7:8b:fc:
d9:a7:65:5d:6c:ae:ab:f8:76:3a:60:42:a7:b8:bb:5c:7e:c3:
9f:26:22:e0:e4:49:10:ad:cc:c0:7b:f2:f1:64:d2:54:94:b7:
8c:ff:e6:5a:e2:16:6b:69:43:38:a1:24:94:80:28:ec:0f:76:
52:61:95:c2:2a:bb:25:90:9c:0f:6f:fd:19:40:ae:aa:ad:d9:
cf:92:87:ee:fa:6f:5e:e0:5e:13:7a:b4:12:86:de:4b:ce:4e:
93:6c:39:1a:25:4f:f0:f0:3f:a6:68:a5:6a:d4:e6:0d:22:aa:
56:87:be:89:5f:68:07:e4:a4:95:ca:51:f1:3a:0e:e1:7d:a8:
7b:87:4f:73:f1:3e:cd:3e:2e:04:ef:d0:4f:1a:1a:98:8a:f3:
74:bd:4b:bd:51:fa:27:d9:c3:3e:3f:2d:83:fb:4f:c6:31:57:
09:2e:0b:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtPWwjCPs5JSt2wZbp8yiI9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIwMjMxMDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJjYmM1YmQ0OWRkYzMxZGJhZmQ1MDM5YWU2NjgzNTJlMzVkZWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD7dJxC0geXwoP9IhmA0VY4neZnX
fskWp13jTq2YWgI4871cpo07pma1czKc5UBPCQB7glo5L2RsIPqVFlCC9mPV52Ch
SBjMmWKBZlK2krChe83u180TFUYHLjezviRD56etCuMX74AFbtSsJNjpYkFXaU8B
2VGzNtMKX18YoUVCiETe32r0TrIFOaQFlXztyQrQO2u0SF1s3Olvh5RGYoW4EZXK
LSsojpLu4iUGRwFhrlmtez/3PMkau5ppwPRX6fs/ACwbYbBG2ezaZl0nDnYaMmZt
5mSfwoCd1Yh5QyM6n6qcqH1xrpsgu2Ml+SreqpXrmwpsU7pmAGisXktqVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHq8vFvUndwx26/VA5rmaDUuNd7ZMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZXJ5OFc5U2QzREhicjlVRG11Wm9OUzQxM3RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFlf4bNzvYMmVFXuwLSh
yiVndx4WCIRjOc4dzPUBFCrle6aM7qrJRCdJYqqLpgIjo1khjRwwGr7MporuSR1a
m/Tr1SlEqaaqQmfTL9dASmUf1nmW27B4a+eL/NmnZV1srqv4djpgQqe4u1x+w58m
IuDkSRCtzMB78vFk0lSUt4z/5lriFmtpQzihJJSAKOwPdlJhlcIquyWQnA9v/RlA
rqqt2c+Sh+76b17gXhN6tBKG3kvOTpNsORolT/DwP6ZopWrU5g0iqlaHvolfaAfk
pJXKUfE6DuF9qHuHT3PxPs0+LgTv0E8aGpiK83S9S71R+ifZwz4/LYP7T8YxVwku
C4g=
-----END CERTIFICATE-----
Generated at Tue Jun 17 11:11:23 2025 by rpki-client