Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pVrRxKrVO6rZjj8SddNsdQI-haA.roa
File: pVrRxKrVO6rZjj8SddNsdQI-haA.roa (raw, json)
Hash identifier: z17ba3nhk4rzKbnOGt34AuYbzRvH/r+lL4/tAQDOxOc=
Subject key identifier: A5:5A:D1:C4:AA:D5:3B:AA:D9:8E:3F:12:75:D3:6C:75:02:3E:85:A0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0283F305D26BC33D3F0B6BF08B43E4CA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pVrRxKrVO6rZjj8SddNsdQI-haA.roa
Signing time: Fri 06 Oct 2023 01:04:43 +0000
ROA not before: Fri 06 Oct 2023 01:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:283:6acf/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:02:83:f3:05:d2:6b:c3:3d:3f:0b:6b:f0:8b:43:e4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 01:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a55ad1c4aad53baad98e3f1275d36c75023e85a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d8:cf:e5:bd:99:a3:1c:ce:9c:88:45:34:57:
21:9b:f4:8a:70:8b:c8:22:c9:13:85:c0:1e:8f:f5:
59:ec:8d:b8:c1:cf:11:46:2b:46:e0:74:37:2e:36:
c8:35:74:36:41:29:8a:5f:11:ef:05:77:d7:f3:72:
a5:0d:c4:84:c1:69:e5:57:ef:4a:b4:1f:fc:6b:0d:
55:05:d2:6a:8e:9d:a1:02:c1:bf:b9:e2:71:d1:82:
80:4d:e8:f2:f5:33:16:28:35:94:c9:1e:80:79:22:
01:2f:ce:7b:d2:75:d8:ed:e4:ed:4f:12:a5:89:3b:
9b:6f:8f:bd:59:36:6e:55:cb:76:0e:d1:28:43:55:
80:72:82:c6:e4:27:ef:b2:f1:59:27:24:bf:14:fe:
ca:64:05:cb:8a:4b:12:8b:34:01:c4:7c:46:75:79:
1a:fa:42:82:4b:43:64:f0:a9:af:91:eb:e8:2d:84:
18:dc:59:d0:6b:96:e5:73:af:95:bb:7b:8d:91:0a:
d7:d3:bf:df:02:2a:23:ed:96:31:f8:f9:37:84:fc:
5a:eb:32:20:3f:cb:7c:95:b9:50:e3:e7:29:67:27:
c2:38:7b:de:81:5c:79:88:c7:9a:7a:26:4c:b3:4e:
c9:37:23:75:75:5a:e3:84:ad:93:9f:9c:d6:2f:68:
02:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:5A:D1:C4:AA:D5:3B:AA:D9:8E:3F:12:75:D3:6C:75:02:3E:85:A0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pVrRxKrVO6rZjj8SddNsdQI-haA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:6e:0c:78:f9:b3:f6:0e:7e:76:67:6f:73:eb:79:6b:ec:a4:
9d:43:04:ae:13:8b:5c:1f:af:cf:ba:ca:ab:5d:0a:01:82:cc:
07:63:4c:bc:b0:4a:ac:db:83:e3:b5:26:1b:64:f8:55:01:c0:
32:94:f8:a8:df:1c:fc:ba:41:41:5b:1c:e7:e3:ca:1b:fc:a0:
33:9d:26:41:b1:d9:c9:34:0e:66:1e:a6:d5:2c:69:97:7b:17:
85:1f:de:7f:14:0c:77:8c:88:08:1f:c9:80:e7:e5:51:3d:23:
6a:d5:21:f9:3e:16:3a:41:4e:77:f5:58:52:bc:ef:2a:22:1d:
56:81:b2:78:9f:c9:28:8f:20:71:4e:44:4b:9f:3c:8c:f2:23:
b6:00:4d:d3:82:d1:49:f5:43:78:3c:1f:6b:7b:1e:95:47:06:
1e:47:ac:58:82:f4:ae:fc:c2:a6:31:4b:7a:0d:6c:af:60:7f:
d3:6a:b0:41:ae:6d:f4:51:cc:87:37:aa:74:fc:23:67:41:68:
fc:03:d0:fd:02:8d:ac:c5:7c:b2:43:1f:15:1c:b9:ef:e6:36:
e9:63:27:c9:53:b1:9f:dc:c3:bf:20:9f:82:41:19:02:2a:9d:
04:df:06:74:68:0c:77:62:ee:af:51:f7:38:e8:6f:bc:4f:ab:
04:24:5f:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsCg/MF0mvDPT8La/CLQ+TKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MDEwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTVhZDFjNGFhZDUzYmFhZDk4ZTNmMTI3NWQzNmM3NTAyM2U4NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstjP5b2ZoxzOnIhFNFchm/SKcIvI
IskThcAej/VZ7I24wc8RRitG4HQ3LjbINXQ2QSmKXxHvBXfX83KlDcSEwWnlV+9K
tB/8aw1VBdJqjp2hAsG/ueJx0YKATejy9TMWKDWUyR6AeSIBL8570nXY7eTtTxKl
iTubb4+9WTZuVct2DtEoQ1WAcoLG5CfvsvFZJyS/FP7KZAXLiksSizQBxHxGdXka
+kKCS0Nk8KmvkevoLYQY3FnQa5blc6+Vu3uNkQrX07/fAioj7ZYx+Pk3hPxa6zIg
P8t8lblQ4+cpZyfCOHvegVx5iMeaeiZMs07JNyN1dVrjhK2Tn5zWL2gC3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKVa0cSq1Tuq2Y4/EnXTbHUCPoWgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcFZyUnhLclZPNnJaamo4U2RkTnNkUUktaGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABpuDHj5s/YOfnZnb3Pr
eWvspJ1DBK4Ti1wfr8+6yqtdCgGCzAdjTLywSqzbg+O1Jhtk+FUBwDKU+KjfHPy6
QUFbHOfjyhv8oDOdJkGx2ck0DmYeptUsaZd7F4Uf3n8UDHeMiAgfyYDn5VE9I2rV
Ifk+FjpBTnf1WFK87yoiHVaBsnifySiPIHFOREufPIzyI7YATdOC0Un1Q3g8H2t7
HpVHBh5HrFiC9K78wqYxS3oNbK9gf9NqsEGubfRRzIc3qnT8I2dBaPwD0P0CjazF
fLJDHxUcue/mNuljJ8lTsZ/cw78gn4JBGQIqnQTfBnRoDHdi7q9R9zjob7xPqwQk
XwE=
-----END CERTIFICATE-----
Generated at Fri Jun 20 01:21:49 2025 by rpki-client