Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/inhLt3FcgAN8nY0gFcFl75QYgQ0.roa
File: inhLt3FcgAN8nY0gFcFl75QYgQ0.roa (raw, json)
Hash identifier: mCUnXEU1X/hQ8tQgkvRZq32iSNEtr60t+k/7UuDU3+Y=
Subject key identifier: 8A:78:4B:B7:71:5C:80:03:7C:9D:8D:20:15:C1:65:EF:94:18:81:0D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF3ECB8693B7BDF35AD0E97F0E2C0B13F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/inhLt3FcgAN8nY0gFcFl75QYgQ0.roa
Signing time: Tue 03 Oct 2023 05:04:51 +0000
ROA not before: Tue 03 Oct 2023 05:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:f3ec:828b/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f3:ec:b8:69:3b:7b:df:35:ad:0e:97:f0:e2:c0:b1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 05:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a784bb7715c80037c9d8d2015c165ef9418810d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9e:c4:68:93:82:8f:6f:cb:59:9d:48:1d:42:
de:9e:a7:f9:a3:26:37:e7:6f:25:ad:b3:c4:22:9d:
11:48:4d:57:e4:cb:86:5c:50:f1:da:32:00:07:81:
f1:f4:b0:17:81:14:ca:26:67:a9:ea:34:4d:f8:92:
c1:1a:e7:56:4c:2c:cf:82:5d:cf:1a:8c:f8:2f:5d:
61:95:e4:dd:c5:b3:09:6e:9c:09:e2:d6:c0:f8:29:
87:31:9b:7f:ab:6c:73:04:ad:87:27:fd:53:dd:80:
a9:2a:a6:46:cb:02:73:a1:97:d3:2a:16:9c:6c:72:
13:f8:6a:a0:71:79:37:d2:3f:36:82:85:8e:9a:95:
8f:e4:48:28:c9:14:02:8e:54:6f:3b:38:a2:20:8f:
30:85:38:61:b1:2b:3e:f3:0e:b8:c3:58:c9:4d:56:
2a:60:40:99:77:5e:76:fc:5d:20:a7:79:a9:a4:4d:
c0:e1:7a:6d:5e:db:cb:84:f1:12:5b:95:a7:d8:f0:
3b:c7:7b:a5:ec:3b:9c:60:5a:5d:db:3e:4e:74:52:
22:17:b1:0c:82:09:39:2e:7e:0b:6c:f0:6e:74:db:
0e:d2:53:4f:83:d3:90:41:e6:8e:b6:01:7b:27:f5:
d6:6d:4c:90:3d:21:71:ad:76:ce:62:ba:c9:df:68:
cc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:78:4B:B7:71:5C:80:03:7C:9D:8D:20:15:C1:65:EF:94:18:81:0D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/inhLt3FcgAN8nY0gFcFl75QYgQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:74:bd:1a:bc:c6:68:16:c2:64:a5:ab:04:dd:f0:45:20:9b:
a6:e0:7a:b1:74:99:0b:35:3f:e3:fc:ee:ef:14:d9:29:41:16:
86:2c:79:73:ce:3e:bd:2c:ac:95:c3:57:60:64:dd:1b:c6:15:
e8:76:9a:7d:41:9c:22:60:1f:be:1e:e1:10:47:14:41:ce:ee:
ec:07:0c:1d:31:4a:70:37:6c:a7:e4:69:39:46:76:1a:08:84:
83:e8:fc:51:89:00:bb:45:41:7b:d9:61:74:ce:71:e5:c7:2e:
c4:e9:98:06:2a:0d:b8:df:91:a2:e0:56:d6:6b:c4:f8:dc:9a:
f8:82:43:a0:15:6b:6e:74:d8:e4:81:f8:bd:77:77:0d:45:89:
bb:bb:48:30:c6:bd:f3:3d:56:77:9c:6a:e2:a3:16:80:ba:5e:
02:ee:9e:8a:15:52:da:77:1f:b3:cd:c8:59:9e:8c:a7:c4:49:
42:c0:bf:dc:44:2e:46:e1:26:f7:e9:d5:c5:3e:d0:03:26:22:
90:75:9a:56:ce:2a:7e:30:2a:61:96:e0:9d:49:43:10:12:45:
5f:b7:38:af:40:96:df:4d:a8:69:d0:60:f7:c8:cc:03:20:ac:
54:e6:8a:c5:c2:bd:4d:f6:d6:73:ab:de:44:f8:56:61:cb:37:
aa:be:1d:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrz7LhpO3vfNa0Ol/DiwLE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMDUwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTc4NGJiNzcxNWM4MDAzN2M5ZDhkMjAxNWMxNjVlZjk0MTg4MTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Z7EaJOCj2/LWZ1IHULenqf5oyY3
528lrbPEIp0RSE1X5MuGXFDx2jIAB4Hx9LAXgRTKJmep6jRN+JLBGudWTCzPgl3P
Goz4L11hleTdxbMJbpwJ4tbA+CmHMZt/q2xzBK2HJ/1T3YCpKqZGywJzoZfTKhac
bHIT+GqgcXk30j82goWOmpWP5EgoyRQCjlRvOziiII8whThhsSs+8w64w1jJTVYq
YECZd152/F0gp3mppE3A4XptXtvLhPESW5Wn2PA7x3ul7DucYFpd2z5OdFIiF7EM
ggk5Ln4LbPBudNsO0lNPg9OQQeaOtgF7J/XWbUyQPSFxrXbOYrrJ32jMEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIp4S7dxXIADfJ2NIBXBZe+UGIENMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvaW5oTHQzRmNnQU44blkwZ0ZjRmw3NVFZZ1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ50vRq8xmgWwmSlqwTd
8EUgm6bgerF0mQs1P+P87u8U2SlBFoYseXPOPr0srJXDV2Bk3RvGFeh2mn1BnCJg
H74e4RBHFEHO7uwHDB0xSnA3bKfkaTlGdhoIhIPo/FGJALtFQXvZYXTOceXHLsTp
mAYqDbjfkaLgVtZrxPjcmviCQ6AVa2502OSB+L13dw1Fibu7SDDGvfM9VnecauKj
FoC6XgLunooVUtp3H7PNyFmejKfESULAv9xELkbhJvfp1cU+0AMmIpB1mlbOKn4w
KmGW4J1JQxASRV+3OK9Alt9NqGnQYPfIzAMgrFTmisXCvU321nOr3kT4VmHLN6q+
HWw=
-----END CERTIFICATE-----
Generated at Wed Jun 18 19:55:26 2025 by rpki-client