Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mC8hQAB3kbkdgWzVGPvuwF4w6pE.roa
File: mC8hQAB3kbkdgWzVGPvuwF4w6pE.roa (raw, json)
Hash identifier: t6AiylL7aho1lTBUD2PjdDw3B67NlRr5u6x6f8osg9g=
Subject key identifier: 98:2F:21:40:00:77:91:B9:1D:81:6C:D5:18:FB:EE:C0:5E:30:EA:91
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACF3B30E13456CA7A66BCFDD0952200FE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mC8hQAB3kbkdgWzVGPvuwF4w6pE.roa
Signing time: Tue 26 Sep 2023 02:04:37 +0000
ROA not before: Tue 26 Sep 2023 02:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:cf3a:e3b8/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cf:3b:30:e1:34:56:ca:7a:66:bc:fd:d0:95:22:00:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 02:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=982f2140007791b91d816cd518fbeec05e30ea91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:11:79:78:04:48:84:e0:f9:1d:e9:44:bc:3c:
71:55:35:37:09:f7:85:63:fe:c3:e5:84:8b:52:b6:
96:8d:97:95:ef:4c:52:90:1f:50:00:48:ab:c0:01:
b5:83:b5:ba:62:66:ce:62:90:4e:52:89:b9:c9:e5:
7d:cd:a9:0e:68:34:5f:e3:ac:66:3c:f6:ca:20:07:
b0:9c:33:e6:73:89:1c:26:e1:8b:c3:ce:31:23:2d:
ff:a0:8e:70:06:bb:a0:43:3d:cc:3a:af:bb:18:79:
69:aa:e0:98:8b:d2:9a:fc:06:2d:74:4b:c1:a1:bb:
15:3a:06:68:83:f3:12:b5:28:58:42:55:6b:ee:3e:
94:92:91:f6:b5:94:ff:93:2f:25:76:91:d6:29:8b:
e4:d5:39:93:1f:60:5a:7e:58:61:66:05:10:1c:b1:
ca:ec:dc:b6:b5:15:cf:67:2a:c0:af:18:e3:1b:90:
be:9d:0d:7f:f0:75:5b:51:ed:a7:87:a5:96:65:d9:
61:7f:39:c4:6e:29:3b:6e:b3:f4:61:1c:f8:83:5f:
02:6e:3c:ba:9f:75:43:ac:ba:cb:80:a3:b6:50:7f:
d7:56:cc:12:10:8d:94:a2:5b:fc:b9:82:73:b0:1c:
16:71:95:e3:f0:60:f2:64:c8:55:2e:48:97:ff:38:
31:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:2F:21:40:00:77:91:B9:1D:81:6C:D5:18:FB:EE:C0:5E:30:EA:91
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mC8hQAB3kbkdgWzVGPvuwF4w6pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0b:5e:11:bb:a6:60:5a:a4:52:bf:29:e1:7e:37:fd:c1:40:1a:
75:57:8c:20:02:9d:0c:29:b6:61:03:5f:aa:06:0d:16:26:d3:
4d:47:84:b8:3c:6f:6b:e6:23:88:f6:5f:fd:d2:d0:e2:47:7c:
04:ba:8c:6d:23:53:be:9d:5e:9f:d9:65:c3:5a:56:f2:6b:7a:
86:c6:a7:e6:ad:2d:10:ea:34:0e:c7:2c:f4:18:e7:23:d9:21:
6f:95:f9:42:e8:9c:76:ef:2c:11:f3:75:9e:b7:13:c7:b5:f5:
96:bf:b4:0f:58:42:2a:43:01:fb:af:58:a5:c4:6d:95:9f:2e:
4a:aa:ea:25:49:11:67:18:6e:82:20:cf:d9:2c:33:84:ad:60:
dc:7c:99:b5:77:a3:59:92:32:e1:2c:ff:13:fa:13:ce:5a:f0:
20:b9:d6:5e:e4:b9:60:42:1d:e4:97:81:f7:93:a7:a9:da:14:
5b:02:9d:11:aa:8d:be:db:01:87:6b:2c:36:c1:97:18:b4:eb:
fb:21:3f:56:1e:07:49:8a:f7:f4:d6:83:79:ec:a7:41:7a:9f:
5e:f8:12:63:d5:3e:f6:81:7e:5d:1c:0a:6e:c3:22:6d:2f:09:
e7:33:04:1a:fe:43:4e:0a:7a:66:7f:bb:98:ca:22:a2:67:70:
ff:c5:ce:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrPOzDhNFbKema8/dCVIgD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MDIwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODJmMjE0MDAwNzc5MWI5MWQ4MTZjZDUxOGZiZWVjMDVlMzBlYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRF5eARIhOD5HelEvDxxVTU3CfeF
Y/7D5YSLUraWjZeV70xSkB9QAEirwAG1g7W6YmbOYpBOUom5yeV9zakOaDRf46xm
PPbKIAewnDPmc4kcJuGLw84xIy3/oI5wBrugQz3MOq+7GHlpquCYi9Ka/AYtdEvB
obsVOgZog/MStShYQlVr7j6UkpH2tZT/ky8ldpHWKYvk1TmTH2BaflhhZgUQHLHK
7Ny2tRXPZyrArxjjG5C+nQ1/8HVbUe2nh6WWZdlhfznEbik7brP0YRz4g18Cbjy6
n3VDrLrLgKO2UH/XVswSEI2Uolv8uYJzsBwWcZXj8GDyZMhVLkiX/zgxJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJgvIUAAd5G5HYFs1Rj77sBeMOqRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbUM4aFFBQjNrYmtkZ1d6VkdQdnV3RjR3NnBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAteEbumYFqkUr8p4X43
/cFAGnVXjCACnQwptmEDX6oGDRYm001HhLg8b2vmI4j2X/3S0OJHfAS6jG0jU76d
Xp/ZZcNaVvJreobGp+atLRDqNA7HLPQY5yPZIW+V+ULonHbvLBHzdZ63E8e19Za/
tA9YQipDAfuvWKXEbZWfLkqq6iVJEWcYboIgz9ksM4StYNx8mbV3o1mSMuEs/xP6
E85a8CC51l7kuWBCHeSXgfeTp6naFFsCnRGqjb7bAYdrLDbBlxi06/shP1YeB0mK
9/TWg3nsp0F6n174EmPVPvaBfl0cCm7DIm0vCeczBBr+Q04KemZ/u5jKIqJncP/F
zss=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:26:28 2025 by rpki-client