Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n0MLt0mD2rWPCurozxfSpeF8AJ8.roa
File: n0MLt0mD2rWPCurozxfSpeF8AJ8.roa (raw, json)
Hash identifier: p8QTVJ6GP/WEqrbmcNGWW8GUecyLAip+Y14gWjMngAg=
Subject key identifier: 9F:43:0B:B7:49:83:DA:B5:8F:0A:EA:E8:CF:17:D2:A5:E1:7C:00:9F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5554F7180401BE228CAEC1D252A459E3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n0MLt0mD2rWPCurozxfSpeF8AJ8.roa
Signing time: Sun 10 Dec 2023 20:04:40 +0000
ROA not before: Sun 10 Dec 2023 20:04:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:5554:82ff/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:55:54:f7:18:04:01:be:22:8c:ae:c1:d2:52:a4:59:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 20:04:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f430bb74983dab58f0aeae8cf17d2a5e17c009f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:51:25:80:d6:3c:b2:b8:3d:bd:68:49:a1:90:
ac:04:50:fc:55:9f:af:d8:51:d7:0e:9c:bb:96:7e:
4d:e2:61:e1:41:15:4e:11:9c:4b:95:78:8a:33:f0:
ae:eb:32:25:7c:8b:a6:3d:b0:9e:3f:3e:f8:8d:c2:
fe:b8:5f:83:9a:78:8e:7c:b0:01:60:a2:f5:89:df:
43:b5:43:88:37:5c:68:25:42:e8:73:5a:21:24:c7:
1b:a3:39:44:ee:d9:79:8a:e9:54:a0:dc:95:6a:45:
09:92:83:4f:1e:56:cd:52:15:64:c6:de:de:c2:9c:
83:c7:20:86:ea:f9:bf:50:a9:4d:19:52:12:5a:55:
87:43:09:22:78:b8:b7:45:97:1b:58:15:95:7c:2d:
0d:4c:08:83:b5:e1:41:20:a1:b9:55:22:ab:b0:6f:
9e:21:fa:bb:4d:a8:a8:17:ba:ce:f2:6c:d0:1e:ef:
24:11:35:ef:f4:07:ca:aa:ba:67:82:4d:2e:e7:f6:
cb:b2:c9:ee:ef:7c:56:19:ad:db:fb:0c:ed:64:08:
b6:34:8d:03:c9:61:6b:88:f8:e0:79:fa:e9:c5:0e:
7e:24:af:5f:eb:c4:88:a1:5e:83:f9:39:96:28:63:
9b:ff:52:18:52:9f:85:10:89:f3:90:cc:c9:97:5b:
f5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:43:0B:B7:49:83:DA:B5:8F:0A:EA:E8:CF:17:D2:A5:E1:7C:00:9F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n0MLt0mD2rWPCurozxfSpeF8AJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d1:c6:dd:7f:fd:65:7f:21:72:b2:33:9f:9e:e2:f4:47:2c:6e:
bc:40:27:2b:76:21:57:c1:b0:88:9b:38:bf:67:d4:6d:b4:43:
66:23:a2:af:e8:e2:b4:75:e2:21:cc:9e:8d:09:f9:65:fe:0c:
3e:40:19:c4:17:a9:ff:a9:6b:a9:dc:90:b5:1e:e2:56:51:a9:
e5:ff:92:61:b5:95:0a:c4:8b:7d:89:d1:4d:5a:75:9e:d9:df:
5b:62:50:e9:38:24:52:59:a3:43:26:0e:2a:0a:3f:94:4e:93:
4d:9c:57:7b:a7:5a:70:e5:68:3e:86:ae:dd:43:6a:c5:e7:94:
20:e5:ba:d5:c1:03:cc:d1:e7:2e:21:98:5a:a2:7b:17:2e:c8:
0d:bc:b7:15:cb:cb:ce:96:6f:61:9c:63:ae:1c:c9:a1:94:39:
6c:1f:91:70:c6:4d:87:43:7e:36:18:a2:f9:39:65:17:ee:58:
71:74:db:f9:a7:d0:2f:96:c4:fc:ab:2e:be:d6:9f:bb:e7:27:
5c:54:e6:33:39:93:58:de:cf:0c:23:57:73:65:25:5e:2c:6d:
cf:f9:1a:47:ed:5a:b4:42:83:bc:eb:d0:81:51:a7:b3:5a:07:
99:30:17:60:c1:ed:44:b8:a7:94:ef:f9:98:8a:1f:cb:ed:99:
4b:d2:96:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxVVPcYBAG+IoyuwdJSpFnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMjAwNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQzMGJiNzQ5ODNkYWI1OGYwYWVhZThjZjE3ZDJhNWUxN2MwMDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lElgNY8srg9vWhJoZCsBFD8VZ+v
2FHXDpy7ln5N4mHhQRVOEZxLlXiKM/Cu6zIlfIumPbCePz74jcL+uF+DmniOfLAB
YKL1id9DtUOIN1xoJULoc1ohJMcbozlE7tl5iulUoNyVakUJkoNPHlbNUhVkxt7e
wpyDxyCG6vm/UKlNGVISWlWHQwkieLi3RZcbWBWVfC0NTAiDteFBIKG5VSKrsG+e
Ifq7TaioF7rO8mzQHu8kETXv9AfKqrpngk0u5/bLssnu73xWGa3b+wztZAi2NI0D
yWFriPjgefrpxQ5+JK9f68SIoV6D+TmWKGOb/1IYUp+FEInzkMzJl1v1PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ9DC7dJg9q1jwrq6M8X0qXhfACfMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbjBNTHQwbUQycldQQ3Vyb3p4ZlNwZUY4QUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANHG3X/9ZX8hcrIzn57i
9EcsbrxAJyt2IVfBsIibOL9n1G20Q2Yjoq/o4rR14iHMno0J+WX+DD5AGcQXqf+p
a6nckLUe4lZRqeX/kmG1lQrEi32J0U1adZ7Z31tiUOk4JFJZo0MmDioKP5ROk02c
V3unWnDlaD6Grt1DasXnlCDlutXBA8zR5y4hmFqiexcuyA28txXLy86Wb2GcY64c
yaGUOWwfkXDGTYdDfjYYovk5ZRfuWHF02/mn0C+WxPyrLr7Wn7vnJ1xU5jM5k1je
zwwjV3NlJV4sbc/5GkftWrRCg7zr0IFRp7NaB5kwF2DB7US4p5Tv+ZiKH8vtmUvS
lms=
-----END CERTIFICATE-----
Generated at Thu Jun 19 23:42:30 2025 by rpki-client