Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kuZCD_vy1Yjg2O4UoM_qa5r_f34.roa
File: kuZCD_vy1Yjg2O4UoM_qa5r_f34.roa (raw, json)
Hash identifier: SNL69mIH7/3MWsPDoRFvegNC/WVcuX9pihjkn4nw6EU=
Subject key identifier: 92:E6:42:0F:FB:F2:D5:88:E0:D8:EE:14:A0:CF:EA:6B:9A:FF:7F:7E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE81F9ABBE6F898D48A93B223D7D27695
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kuZCD_vy1Yjg2O4UoM_qa5r_f34.roa
Signing time: Sat 30 Sep 2023 22:04:59 +0000
ROA not before: Sat 30 Sep 2023 22:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:e81e:e811/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e8:1f:9a:bb:e6:f8:98:d4:8a:93:b2:23:d7:d2:76:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 22:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92e6420ffbf2d588e0d8ee14a0cfea6b9aff7f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:63:17:a6:b7:13:03:ea:ec:d6:77:4b:92:38:
a4:89:75:35:c2:ec:f6:19:61:42:3d:e0:db:30:ac:
4a:1a:95:8b:60:bb:69:80:66:5f:76:55:d4:bb:59:
0f:0c:cf:2e:1c:5b:3e:e7:4f:c3:a4:13:1c:cb:50:
30:ff:73:ba:e6:df:41:f7:50:db:25:05:94:73:37:
d5:f2:da:2e:f0:87:52:99:91:00:90:ae:09:f9:8c:
2f:1a:d7:fa:ed:9c:fd:ee:86:e1:db:db:08:41:84:
0d:14:d7:63:0e:d3:51:e5:0d:39:30:de:01:e6:eb:
07:32:3e:54:9c:b2:f4:97:ae:11:b2:b9:f7:ac:1d:
45:7f:a2:68:dd:26:3f:6e:0d:74:c6:29:a8:9f:d2:
f8:4b:e8:dc:bc:77:37:e8:99:26:cd:8d:5d:f1:a0:
9c:e2:e7:52:4b:74:a4:cb:f9:c4:3a:42:38:13:8b:
43:b6:d1:0f:ff:a4:d4:76:c6:d1:06:e7:90:57:d9:
09:98:18:67:fa:b1:84:47:02:58:ae:9e:11:fb:7d:
37:c5:b1:d5:9f:c9:58:ba:7c:7a:3e:04:37:5b:bb:
d0:a5:ff:a7:d0:55:9f:5e:49:ee:7f:67:b8:da:69:
53:f7:1c:27:9b:78:de:5f:11:ef:14:62:88:55:6f:
03:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:E6:42:0F:FB:F2:D5:88:E0:D8:EE:14:A0:CF:EA:6B:9A:FF:7F:7E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kuZCD_vy1Yjg2O4UoM_qa5r_f34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8f:61:9f:ad:30:46:df:40:a8:bc:a3:d3:db:f8:69:c7:d4:26:
c3:4f:83:e2:a7:2d:ef:9e:a5:b7:18:18:52:a0:c4:4c:af:3b:
b4:fc:16:35:f5:21:f4:0b:3f:2a:26:ce:46:b0:53:23:ef:47:
d8:c2:99:01:6f:82:b4:80:aa:16:19:4d:48:4d:54:4f:f3:0b:
99:fc:f9:57:66:e0:52:64:ee:83:94:8d:33:db:8c:93:35:50:
9d:9b:e5:5c:bc:59:c2:95:a9:2f:24:61:72:0e:8d:e8:f0:42:
f2:0b:e7:6b:b5:df:40:a0:b0:08:4c:85:2c:47:d5:28:b7:d2:
88:4b:ba:5d:9c:7b:9b:29:b6:54:8e:1f:f9:3f:ca:ff:c2:05:
d4:50:3f:b4:6e:bf:c8:4c:de:09:36:d0:e8:d1:04:52:63:6b:
35:00:6d:c0:05:ae:2c:a9:76:db:d7:8e:85:d4:e7:7e:61:58:
90:e3:ec:ce:47:0d:d0:06:f6:60:65:f1:73:80:b0:20:30:22:
85:c0:32:c8:33:ad:b8:56:6f:25:b6:7e:e2:93:04:7e:a0:0f:
78:b9:cb:63:6e:8a:c4:e9:b3:40:cc:41:e1:2c:ac:6a:f7:34:
a9:a1:35:d0:ff:24:82:af:5d:e2:6c:f5:47:60:68:ef:45:91:
3e:69:7f:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYroH5q75viY1IqTsiPX0naVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMjIwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmU2NDIwZmZiZjJkNTg4ZTBkOGVlMTRhMGNmZWE2YjlhZmY3ZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGMXprcTA+rs1ndLkjikiXU1wuz2
GWFCPeDbMKxKGpWLYLtpgGZfdlXUu1kPDM8uHFs+50/DpBMcy1Aw/3O65t9B91Db
JQWUczfV8tou8IdSmZEAkK4J+YwvGtf67Zz97obh29sIQYQNFNdjDtNR5Q05MN4B
5usHMj5UnLL0l64Rsrn3rB1Ff6Jo3SY/bg10ximon9L4S+jcvHc36JkmzY1d8aCc
4udSS3Sky/nEOkI4E4tDttEP/6TUdsbRBueQV9kJmBhn+rGERwJYrp4R+303xbHV
n8lYunx6PgQ3W7vQpf+n0FWfXknuf2e42mlT9xwnm3jeXxHvFGKIVW8DsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJLmQg/78tWI4NjuFKDP6mua/39+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva3VaQ0RfdnkxWWpnMk80VW9NX3FhNXJfZjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI9hn60wRt9AqLyj09v4
acfUJsNPg+KnLe+epbcYGFKgxEyvO7T8FjX1IfQLPyomzkawUyPvR9jCmQFvgrSA
qhYZTUhNVE/zC5n8+Vdm4FJk7oOUjTPbjJM1UJ2b5Vy8WcKVqS8kYXIOjejwQvIL
52u130CgsAhMhSxH1Si30ohLul2ce5sptlSOH/k/yv/CBdRQP7Ruv8hM3gk20OjR
BFJjazUAbcAFriypdtvXjoXU535hWJDj7M5HDdAG9mBl8XOAsCAwIoXAMsgzrbhW
byW2fuKTBH6gD3i5y2NuisTps0DMQeEsrGr3NKmhNdD/JIKvXeJs9UdgaO9FkT5p
f7o=
-----END CERTIFICATE-----
Generated at Mon Jun 16 22:09:20 2025 by rpki-client