Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lt71DmcoxbNTsNmG54BzftChw6o.roa
File: lt71DmcoxbNTsNmG54BzftChw6o.roa (raw, json)
Hash identifier: xL6xTxgVLp6/A63OI4NLvz1zevkhSzPbIVtHapRWn2k=
Subject key identifier: 96:DE:F5:0E:67:28:C5:B3:53:B0:D9:86:E7:80:73:7E:D0:A1:C3:AA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1C78B39A861CD414CBB7E65911BBFAFC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lt71DmcoxbNTsNmG54BzftChw6o.roa
Signing time: Wed 29 Nov 2023 19:05:21 +0000
ROA not before: Wed 29 Nov 2023 19:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:1c77:d12f/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1c:78:b3:9a:86:1c:d4:14:cb:b7:e6:59:11:bb:fa:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 29 19:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96def50e6728c5b353b0d986e780737ed0a1c3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e2:e5:17:9c:65:7c:f0:f6:16:66:e5:12:92:
4d:da:55:bc:59:26:c5:d2:28:86:75:0c:08:75:e3:
f3:07:5a:53:aa:5e:65:e2:d0:00:8a:de:89:74:0a:
6c:90:46:4f:21:b8:c4:07:23:f2:fa:d9:87:80:51:
f3:25:ee:b7:8e:57:a0:4c:98:14:85:71:6c:28:44:
8f:54:5c:6e:35:55:48:fe:db:3b:38:dc:d8:f9:04:
22:e9:42:d9:1c:77:69:99:df:0a:e8:30:5a:c1:91:
84:c9:82:8b:b0:14:9b:1e:4f:fd:0e:f7:6c:f2:7a:
33:8c:ec:37:60:5b:1e:3b:a4:0d:b6:81:ba:2d:22:
66:af:50:4a:36:f7:cb:b8:24:d4:fd:17:df:79:cf:
d0:07:33:9f:34:34:b9:90:54:ab:64:ad:41:e5:00:
fa:1e:d6:06:4d:54:72:5f:b6:a9:c9:c4:f6:99:82:
f2:f7:fd:05:5f:9a:36:ec:91:11:9c:16:6a:f9:b2:
10:34:f6:18:16:d8:c3:ce:8c:cd:21:c0:49:1f:31:
be:76:ce:5e:96:9f:91:2f:8a:41:c4:9a:c1:42:e9:
67:e1:ec:c3:ca:ac:a3:1f:5b:58:84:4a:1a:e6:98:
99:e3:f9:2b:d4:04:31:e4:2c:a0:95:79:62:5e:a4:
2d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DE:F5:0E:67:28:C5:B3:53:B0:D9:86:E7:80:73:7E:D0:A1:C3:AA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lt71DmcoxbNTsNmG54BzftChw6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:6c:3d:67:cd:26:5c:15:fd:96:30:cb:a5:78:25:19:b5:a4:
fb:45:16:11:5f:d9:27:02:db:a5:ee:f6:72:b6:2d:de:c2:66:
6e:61:26:17:c5:e8:3c:b3:74:a3:9a:cd:8b:71:c8:b9:4d:5e:
d8:ca:bd:e3:f3:57:4c:81:c6:39:0e:9d:f2:d7:fe:e9:8f:cb:
3b:e4:8b:19:fa:7a:7c:10:7f:b9:5a:a8:78:63:7f:9d:1f:74:
02:5d:e3:b1:fd:c3:bb:7a:4d:91:da:d3:61:23:da:c1:a0:92:
d1:0d:eb:b4:35:51:64:03:a7:cc:19:93:7f:0d:47:4e:42:bc:
b9:25:aa:c7:dd:a5:63:73:bd:91:c0:fb:3b:f5:c0:22:04:5f:
02:4b:50:31:fc:64:a4:7d:61:c2:b4:3a:44:d8:24:1f:f7:11:
0d:d8:d1:c5:d1:ae:3b:55:1b:30:d2:bd:aa:be:95:50:c0:c5:
a0:b8:94:5b:9e:69:2f:ef:77:99:97:6a:3a:1a:90:ca:71:f0:
cf:24:d2:77:4b:4a:01:ab:0b:b7:71:40:77:38:a6:f5:3c:67:
bb:af:0d:c3:7c:62:10:8c:d1:84:60:cf:69:30:8b:a5:3b:f2:
a8:f0:a8:dc:57:3c:17:2f:24:6a:a5:5a:0a:6d:36:a7:7d:d6:
93:ae:88:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwceLOahhzUFMu35lkRu/r8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI5MTkwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRlZjUwZTY3MjhjNWIzNTNiMGQ5ODZlNzgwNzM3ZWQwYTFjM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuLlF5xlfPD2FmblEpJN2lW8WSbF
0iiGdQwIdePzB1pTql5l4tAAit6JdApskEZPIbjEByPy+tmHgFHzJe63jlegTJgU
hXFsKESPVFxuNVVI/ts7ONzY+QQi6ULZHHdpmd8K6DBawZGEyYKLsBSbHk/9Dvds
8nozjOw3YFseO6QNtoG6LSJmr1BKNvfLuCTU/Rffec/QBzOfNDS5kFSrZK1B5QD6
HtYGTVRyX7apycT2mYLy9/0FX5o27JERnBZq+bIQNPYYFtjDzozNIcBJHzG+ds5e
lp+RL4pBxJrBQuln4ezDyqyjH1tYhEoa5piZ4/kr1AQx5CyglXliXqQtDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJbe9Q5nKMWzU7DZhueAc37QocOqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbHQ3MURtY294Yk5Uc05tRzU0QnpmdENodzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB5sPWfNJlwV/ZYwy6V4
JRm1pPtFFhFf2ScC26Xu9nK2Ld7CZm5hJhfF6DyzdKOazYtxyLlNXtjKvePzV0yB
xjkOnfLX/umPyzvkixn6enwQf7laqHhjf50fdAJd47H9w7t6TZHa02Ej2sGgktEN
67Q1UWQDp8wZk38NR05CvLklqsfdpWNzvZHA+zv1wCIEXwJLUDH8ZKR9YcK0OkTY
JB/3EQ3Y0cXRrjtVGzDSvaq+lVDAxaC4lFueaS/vd5mXajoakMpx8M8k0ndLSgGr
C7dxQHc4pvU8Z7uvDcN8YhCM0YRgz2kwi6U78qjwqNxXPBcvJGqlWgptNqd91pOu
iKQ=
-----END CERTIFICATE-----
Generated at Tue Jun 17 16:55:07 2025 by rpki-client