Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pb33KON4ibU6C9T4AsfeSd8VN2c.roa
File: pb33KON4ibU6C9T4AsfeSd8VN2c.roa (raw, json)
Hash identifier: IWcQg6+LVXNXoktwgIHseCIO67lLgyZmmsDC96ma33Q=
Subject key identifier: A5:BD:F7:28:E3:78:89:B5:3A:0B:D4:F8:02:C7:DE:49:DF:15:37:67
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC9DBA71E185921D28F7A694B2E570C01
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pb33KON4ibU6C9T4AsfeSd8VN2c.roa
Signing time: Mon 13 Nov 2023 18:04:57 +0000
ROA not before: Mon 13 Nov 2023 18:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:c9db:495e/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:db:a7:1e:18:59:21:d2:8f:7a:69:4b:2e:57:0c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 18:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5bdf728e37889b53a0bd4f802c7de49df153767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:dc:0f:3f:b2:4e:e3:75:c4:4e:aa:fd:27:15:
af:a8:a0:83:bf:8d:77:99:e0:1b:92:73:72:6a:88:
a8:ca:51:8d:ea:29:29:3e:9d:5b:65:28:3b:e3:e9:
3d:28:64:45:9b:3a:0f:4c:ce:e6:52:d2:01:38:97:
ef:c5:2c:16:ef:a3:d3:e6:47:c5:03:be:e0:63:90:
63:49:4c:b0:7b:89:79:eb:0f:13:7d:0e:62:cf:05:
35:51:3f:e6:c1:90:d8:de:13:c2:17:34:0d:08:01:
87:64:1c:05:bf:c9:fb:25:5a:2f:3a:08:30:6c:87:
61:66:48:e5:c0:20:5f:42:21:1d:10:9f:8c:5d:52:
ad:9f:16:7e:b9:81:43:1d:1e:d6:86:83:b7:93:5a:
2e:82:4d:2e:11:81:8b:f0:d1:42:78:aa:6f:1b:20:
20:5c:dd:83:e6:4d:45:4d:c1:13:2d:85:d5:ae:e0:
79:1a:b5:6f:9f:d3:1c:bb:4d:be:23:0e:5f:b1:0e:
32:75:c9:72:84:84:31:4b:35:d7:4d:5f:cf:c0:e1:
f0:96:fc:a7:86:ab:63:f1:0d:67:3f:d7:c1:c4:c2:
07:3f:40:94:d3:cd:37:cd:94:0b:51:86:3d:32:09:
81:0a:0c:ec:04:6e:9c:fb:eb:47:07:5a:fd:5b:46:
59:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:BD:F7:28:E3:78:89:B5:3A:0B:D4:F8:02:C7:DE:49:DF:15:37:67
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pb33KON4ibU6C9T4AsfeSd8VN2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:49:e5:b2:f0:1b:b3:17:fb:e5:5f:0f:15:3f:7e:0a:b3:a0:
df:de:00:4c:62:13:af:ef:e6:db:7a:a4:1a:e0:67:86:63:10:
70:49:db:bc:a6:0c:40:b4:9d:0c:1b:4d:05:ba:35:9c:dc:93:
5b:1d:12:de:fa:70:ca:2b:92:d9:ef:b7:60:8e:7c:14:48:a6:
73:90:57:dc:94:e1:ca:a6:dd:1d:2e:e1:bc:f9:c1:41:1f:ae:
74:71:31:80:71:55:d0:40:b0:d0:14:98:cc:37:7d:b2:be:d5:
5d:cf:8e:ad:7a:15:69:4d:e3:e4:73:05:96:8d:de:19:18:fa:
a2:07:d1:76:f1:f1:95:82:0e:ea:97:49:30:aa:c2:22:a6:27:
5b:56:b9:15:a1:41:04:6e:a6:54:41:2e:25:28:f8:40:6c:83:
d5:1a:1b:8e:ec:2e:25:dc:a8:58:25:2b:b8:39:ca:5b:4f:b3:
8c:e0:8c:83:37:28:91:9f:8f:29:84:4a:13:f1:1b:e7:8e:15:
66:c4:5a:3e:24:77:50:00:6c:07:34:5f:e0:31:33:06:fe:df:
0b:a6:23:ca:58:c3:d1:0d:eb:db:21:c0:bf:fe:93:c0:e3:37:
ca:6b:66:10:43:da:0f:c8:4b:cd:4e:04:b2:33:a5:6e:17:f5:
6b:72:16:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvJ26ceGFkh0o96aUsuVwwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMTgwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWJkZjcyOGUzNzg4OWI1M2EwYmQ0ZjgwMmM3ZGU0OWRmMTUzNzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dwPP7JO43XETqr9JxWvqKCDv413
meAbknNyaoioylGN6ikpPp1bZSg74+k9KGRFmzoPTM7mUtIBOJfvxSwW76PT5kfF
A77gY5BjSUywe4l56w8TfQ5izwU1UT/mwZDY3hPCFzQNCAGHZBwFv8n7JVovOggw
bIdhZkjlwCBfQiEdEJ+MXVKtnxZ+uYFDHR7WhoO3k1ougk0uEYGL8NFCeKpvGyAg
XN2D5k1FTcETLYXVruB5GrVvn9Mcu02+Iw5fsQ4ydclyhIQxSzXXTV/PwOHwlvyn
hqtj8Q1nP9fBxMIHP0CU0803zZQLUYY9MgmBCgzsBG6c++tHB1r9W0ZZfQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKW99yjjeIm1OgvU+ALH3knfFTdnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcGIzM0tPTjRpYlU2QzlUNEFzZmVTZDhWTjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEBJ5bLwG7MX++VfDxU/
fgqzoN/eAExiE6/v5tt6pBrgZ4ZjEHBJ27ymDEC0nQwbTQW6NZzck1sdEt76cMor
ktnvt2COfBRIpnOQV9yU4cqm3R0u4bz5wUEfrnRxMYBxVdBAsNAUmMw3fbK+1V3P
jq16FWlN4+RzBZaN3hkY+qIH0Xbx8ZWCDuqXSTCqwiKmJ1tWuRWhQQRuplRBLiUo
+EBsg9UaG47sLiXcqFglK7g5yltPs4zgjIM3KJGfjymEShPxG+eOFWbEWj4kd1AA
bAc0X+AxMwb+3wumI8pYw9EN69shwL/+k8DjN8prZhBD2g/IS81OBLIzpW4X9Wty
FsU=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:29:28 2025 by rpki-client