Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lAyysUn4TNFfF8O4NqkcwTix12E.roa
File: lAyysUn4TNFfF8O4NqkcwTix12E.roa (raw, json)
Hash identifier: bZUBrMaZOENAqRAOq5sil8rI7MPNpfwhNSaqt9V4ikU=
Subject key identifier: 94:0C:B2:B1:49:F8:4C:D1:5F:17:C3:B8:36:A9:1C:C1:38:B1:D7:61
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBAD8440B04CB78A942461892A49F1417
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lAyysUn4TNFfF8O4NqkcwTix12E.roa
Signing time: Fri 10 Nov 2023 20:06:57 +0000
ROA not before: Fri 10 Nov 2023 20:06:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:bad7:d05d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ba:d8:44:0b:04:cb:78:a9:42:46:18:92:a4:9f:14:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 20:06:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=940cb2b149f84cd15f17c3b836a91cc138b1d761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0b:3d:05:7a:4d:33:d9:d6:42:3b:42:ca:71:
7a:4f:36:e8:a5:ab:a1:cf:08:18:7c:a3:c7:a1:f8:
c0:26:96:bb:66:be:ba:05:aa:ce:e7:42:22:06:09:
28:f9:32:fa:11:dd:d8:3b:24:e3:bd:17:3c:d8:ce:
f7:0f:5b:ab:4b:29:b3:dc:36:96:79:9d:58:67:3b:
ab:69:c1:11:e5:8a:63:9b:7e:5a:5a:e8:bd:18:7a:
45:47:c1:3e:8c:f1:71:e4:95:34:f0:c3:e7:5d:24:
96:ea:68:59:b1:c0:26:47:cb:0f:ca:76:b6:bf:0f:
ef:9c:d6:85:d3:7f:ae:30:7a:ae:ab:23:22:bb:d0:
f2:4c:24:fd:e1:fe:66:8a:41:ad:e8:32:55:05:fb:
71:71:fd:83:b2:d1:b4:3b:b1:9f:11:88:da:d4:dc:
e4:00:41:26:63:6f:5e:96:7a:a5:a1:c0:00:94:c5:
52:6f:e8:b2:09:e3:81:ea:ef:bf:1b:d7:d3:c6:4b:
c3:bb:76:3d:9c:15:2f:f8:1d:9f:ff:73:9b:a9:8c:
b7:af:98:72:09:14:52:67:be:da:02:19:85:e8:18:
bc:80:5a:24:51:19:79:6d:6d:89:54:cc:1a:d3:fe:
69:13:31:a2:1b:4f:71:2b:e0:1d:cd:88:ec:f9:a2:
e2:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0C:B2:B1:49:F8:4C:D1:5F:17:C3:B8:36:A9:1C:C1:38:B1:D7:61
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lAyysUn4TNFfF8O4NqkcwTix12E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ce:88:d3:0a:ce:e9:de:2f:f2:95:2b:6b:55:72:1e:9e:2b:93:
a9:7c:f3:b5:18:71:e9:69:b3:73:50:f3:88:ad:c4:0c:62:6a:
fd:1a:f1:a1:1a:e0:44:20:76:9b:fe:24:e2:c7:11:bd:06:eb:
fa:31:58:7c:7c:89:02:4b:2e:4f:24:1d:d3:36:48:b5:ed:56:
ae:b1:2f:cf:67:a2:a7:15:eb:53:18:b7:2b:cf:fb:0c:08:e3:
32:07:72:a8:f4:52:8e:dd:77:ea:3f:12:49:b2:f1:db:13:dd:
f6:67:39:91:da:55:f1:6c:10:ca:7d:09:9b:08:32:0a:43:de:
f8:0c:e8:2b:4f:01:92:28:94:85:b3:40:12:46:91:f0:26:13:
35:b6:af:f6:da:ef:91:7e:e4:99:62:11:7c:44:2c:11:e2:7a:
26:8a:f9:96:e1:c3:ac:fe:51:9b:85:17:20:92:b2:d1:89:6a:
eb:1f:2a:ba:8c:66:6e:66:ce:6e:e9:e1:70:77:30:d7:21:eb:
9f:83:cd:e6:81:e6:12:71:5f:28:f6:9d:72:69:ca:26:3f:ab:
b3:41:e1:97:ec:d4:69:c3:16:e8:f0:d9:a7:5a:26:b9:f3:f5:
6a:a7:81:d5:d8:a8:25:18:e3:f8:f4:7e:c8:36:e7:59:88:9e:
fc:79:94:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu62EQLBMt4qUJGGJKknxQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMjAwNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDBjYjJiMTQ5Zjg0Y2QxNWYxN2MzYjgzNmE5MWNjMTM4YjFkNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggs9BXpNM9nWQjtCynF6Tzbopauh
zwgYfKPHofjAJpa7Zr66BarO50IiBgko+TL6Ed3YOyTjvRc82M73D1urSymz3DaW
eZ1YZzuracER5Ypjm35aWui9GHpFR8E+jPFx5JU08MPnXSSW6mhZscAmR8sPyna2
vw/vnNaF03+uMHquqyMiu9DyTCT94f5mikGt6DJVBftxcf2DstG0O7GfEYja1Nzk
AEEmY29elnqlocAAlMVSb+iyCeOB6u+/G9fTxkvDu3Y9nBUv+B2f/3ObqYy3r5hy
CRRSZ77aAhmF6Bi8gFokURl5bW2JVMwa0/5pEzGiG09xK+AdzYjs+aLi7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJQMsrFJ+EzRXxfDuDapHME4sddhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbEF5eXNVbjRUTkZmRjhPNE5xa2N3VGl4MTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM6I0wrO6d4v8pUra1Vy
Hp4rk6l887UYcelps3NQ84itxAxiav0a8aEa4EQgdpv+JOLHEb0G6/oxWHx8iQJL
Lk8kHdM2SLXtVq6xL89noqcV61MYtyvP+wwI4zIHcqj0Uo7dd+o/Ekmy8dsT3fZn
OZHaVfFsEMp9CZsIMgpD3vgM6CtPAZIolIWzQBJGkfAmEzW2r/ba75F+5JliEXxE
LBHieiaK+Zbhw6z+UZuFFyCSstGJausfKrqMZm5mzm7p4XB3MNch65+DzeaB5hJx
Xyj2nXJpyiY/q7NB4Zfs1GnDFujw2adaJrnz9WqngdXYqCUY4/j0fsg251mInvx5
lMQ=
-----END CERTIFICATE-----
Generated at Wed Jun 18 15:12:02 2025 by rpki-client