Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pCr9tHirKztpFTgwC46aIBx8lKg.roa
File: pCr9tHirKztpFTgwC46aIBx8lKg.roa (raw, json)
Hash identifier: Lon6jRiZeyvFRiMcIoPLufIFMAtwjHtrhw20W04ebKg=
Subject key identifier: A4:2A:FD:B4:78:AB:2B:3B:69:15:38:30:0B:8E:9A:20:1C:7C:94:A8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB0C31730DA962FDED8585FAF4EB64D9D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pCr9tHirKztpFTgwC46aIBx8lKg.roa
Signing time: Wed 20 Sep 2023 04:04:50 +0000
ROA not before: Wed 20 Sep 2023 04:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:b0c2:e4df/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b0:c3:17:30:da:96:2f:de:d8:58:5f:af:4e:b6:4d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 04:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a42afdb478ab2b3b691538300b8e9a201c7c94a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f6:04:0b:5e:d6:ac:14:a5:75:5a:7e:b0:14:
61:b7:e7:76:19:f5:e5:9a:87:eb:a7:e2:6e:63:5f:
2e:3d:25:2b:8c:a9:5e:5c:24:ce:a5:3a:af:e5:0d:
e9:10:c9:f9:eb:e4:30:d2:a0:d4:3e:34:f7:13:54:
dc:ed:da:ba:1c:02:e1:83:f8:d9:62:70:ba:36:48:
a1:be:d1:7c:17:2b:9e:b2:e6:9f:bc:91:bf:11:87:
eb:09:e5:31:f6:60:12:0e:3b:34:8b:6e:b6:bd:99:
53:16:f6:04:2b:95:39:96:90:96:c7:bd:0b:48:ba:
09:27:87:1c:27:0a:f6:79:d3:61:fd:04:4b:63:c5:
d4:48:4f:1d:48:af:7a:9a:61:67:96:9f:82:e3:e3:
eb:8f:51:c0:0b:82:ed:b7:ce:2c:e5:73:89:e4:21:
23:d8:94:7c:34:fc:b1:ba:75:4e:3d:00:24:9e:9e:
03:bd:0f:cb:41:3c:a0:d4:78:e3:a6:4d:37:91:d9:
02:cb:89:17:af:03:87:3b:7d:51:95:6a:f8:25:63:
1c:bf:e4:24:0e:10:e3:ad:0c:f1:e5:d2:08:a4:b7:
58:60:06:0f:ab:0a:a8:70:a4:db:5f:08:74:fb:c2:
84:f4:89:b2:48:4b:6c:60:70:72:9f:81:9e:ba:1d:
38:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:2A:FD:B4:78:AB:2B:3B:69:15:38:30:0B:8E:9A:20:1C:7C:94:A8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pCr9tHirKztpFTgwC46aIBx8lKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:42:68:28:95:82:90:4d:45:db:41:d0:b8:a1:e7:0a:b0:8c:
73:ed:74:aa:32:41:7f:dd:a9:cc:b4:25:6b:29:23:4f:82:71:
b8:c8:c1:1b:e3:b0:93:bc:1a:a8:db:a7:a1:cc:2f:71:c2:be:
46:1c:ae:9b:13:6b:41:bc:bb:59:56:ee:b3:3b:12:a7:bc:87:
0a:41:26:12:b8:e4:d2:b4:b7:7b:67:9e:49:75:b1:2d:cf:a4:
ac:22:10:5e:77:12:d1:82:87:40:1a:39:e8:6e:5b:cf:85:54:
7a:4c:64:19:2a:b0:85:a9:37:94:e4:32:d8:ff:b5:2a:63:8f:
b8:b1:78:0d:ec:96:15:06:63:80:e4:9c:4e:c4:6a:b7:e6:0c:
8c:f3:d0:82:d9:5a:fd:ca:fa:e2:76:10:cd:d2:8b:01:63:0f:
cd:3a:08:1b:34:1c:af:bb:8f:08:18:84:9f:c8:86:0e:a7:fb:
6c:8b:61:a7:6e:cf:1a:fa:48:bc:7f:35:d6:d0:3a:fa:f3:b4:
2b:2f:c8:69:ea:d8:72:b5:b5:80:9a:33:d4:32:44:92:8c:25:
e6:61:ca:6b:86:7d:2b:08:a1:76:fb:e9:04:d9:aa:4c:72:18:
1a:93:ae:a9:c0:3c:de:63:86:97:a8:1e:21:33:e8:13:f6:88:
80:42:c4:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqwwxcw2pYv3thYX69Otk2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMDQwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDJhZmRiNDc4YWIyYjNiNjkxNTM4MzAwYjhlOWEyMDFjN2M5NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/YEC17WrBSldVp+sBRht+d2GfXl
mofrp+JuY18uPSUrjKleXCTOpTqv5Q3pEMn56+Qw0qDUPjT3E1Tc7dq6HALhg/jZ
YnC6NkihvtF8FyuesuafvJG/EYfrCeUx9mASDjs0i262vZlTFvYEK5U5lpCWx70L
SLoJJ4ccJwr2edNh/QRLY8XUSE8dSK96mmFnlp+C4+Prj1HAC4Ltt84s5XOJ5CEj
2JR8NPyxunVOPQAknp4DvQ/LQTyg1Hjjpk03kdkCy4kXrwOHO31RlWr4JWMcv+Qk
DhDjrQzx5dIIpLdYYAYPqwqocKTbXwh0+8KE9ImySEtsYHByn4Geuh04GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKQq/bR4qys7aRU4MAuOmiAcfJSoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcENyOXRIaXJLenRwRlRnd0M0NmFJQng4bEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFlCaCiVgpBNRdtB0Lih
5wqwjHPtdKoyQX/dqcy0JWspI0+CcbjIwRvjsJO8Gqjbp6HML3HCvkYcrpsTa0G8
u1lW7rM7Eqe8hwpBJhK45NK0t3tnnkl1sS3PpKwiEF53EtGCh0AaOehuW8+FVHpM
ZBkqsIWpN5TkMtj/tSpjj7ixeA3slhUGY4DknE7EarfmDIzz0ILZWv3K+uJ2EM3S
iwFjD806CBs0HK+7jwgYhJ/Ihg6n+2yLYaduzxr6SLx/NdbQOvrztCsvyGnq2HK1
tYCaM9QyRJKMJeZhymuGfSsIoXb76QTZqkxyGBqTrqnAPN5jhpeoHiEz6BP2iIBC
xHo=
-----END CERTIFICATE-----
Generated at Wed Jun 18 04:27:56 2025 by rpki-client