Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rp9LZQOfNaJJWNaC2-_fs8N15OI.roa
File: rp9LZQOfNaJJWNaC2-_fs8N15OI.roa (raw, json)
Hash identifier: EgVJ26RJEOn/9lndEsmx+p5QnFWmA2Gu+/3jo9MCThs=
Subject key identifier: AE:9F:4B:65:03:9F:35:A2:49:58:D6:82:DB:EF:DF:B3:C3:75:E4:E2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B64D0412B51A640211B6BA59387DB677F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rp9LZQOfNaJJWNaC2-_fs8N15OI.roa
Signing time: Wed 25 Oct 2023 03:10:51 +0000
ROA not before: Wed 25 Oct 2023 03:10:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:64ca:754a/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:64:d0:41:2b:51:a6:40:21:1b:6b:a5:93:87:db:67:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 25 03:10:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae9f4b65039f35a24958d682dbefdfb3c375e4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c2:f6:78:29:83:69:6f:19:06:e0:8a:09:8d:
fd:e7:d5:c4:c2:a6:e1:da:0d:19:76:40:cc:21:84:
29:64:3b:51:aa:f5:e9:65:a4:98:30:25:74:0b:59:
bb:b1:ab:c8:9d:be:6f:8d:1a:78:f6:14:88:c2:bc:
1a:43:b4:ca:7d:dc:48:f9:9f:ec:a7:9b:cf:01:c5:
73:c4:d9:50:06:89:00:cd:d1:c9:ba:b4:74:c0:b2:
70:9d:63:8e:03:24:38:e5:d5:c9:5a:66:b6:a1:9a:
73:66:be:31:f9:e4:8a:de:b0:b6:a1:d4:22:fb:81:
b4:28:98:7d:eb:6a:0b:59:20:5b:6a:15:5f:5e:ce:
4f:aa:4f:81:d3:ac:b5:0a:2b:47:b8:c9:ba:32:b0:
4f:34:ef:d1:93:1b:62:60:ad:53:6e:dd:4e:84:f0:
c3:02:69:a7:3e:ad:01:0e:fd:42:fb:ef:5f:3f:68:
e0:e8:82:0c:8b:24:40:9b:7c:21:28:91:7b:84:e8:
4e:3e:d2:35:15:f4:30:ea:84:81:1c:19:fb:95:a5:
22:2b:fb:34:ad:81:89:50:af:2b:24:b2:fa:63:ad:
5e:1d:3c:0f:15:eb:88:7d:29:02:7b:cf:de:c4:af:
e6:68:ec:c6:72:e8:fa:55:bf:5a:e3:62:44:dc:2f:
5e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9F:4B:65:03:9F:35:A2:49:58:D6:82:DB:EF:DF:B3:C3:75:E4:E2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rp9LZQOfNaJJWNaC2-_fs8N15OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:b2:8b:02:37:b6:8f:e9:a6:bb:49:66:0a:d4:b2:8d:2c:3d:
c6:46:ee:87:34:7b:af:b9:53:f4:1b:f0:33:ac:56:fa:fd:e0:
05:33:53:95:05:fa:f3:3f:cb:bf:68:e9:41:c6:9d:3d:ee:40:
26:b2:c2:61:54:fe:a8:3b:29:bd:a6:0c:23:48:40:49:b0:04:
e9:6e:62:c4:91:34:26:a3:90:68:c8:75:dd:f6:9b:97:de:5c:
b1:7a:71:b1:ae:ab:76:6a:2e:74:e4:11:a3:f0:cc:f1:c1:dd:
1d:10:8b:fa:2a:9b:6e:1d:f0:c8:d6:31:16:55:75:4a:fc:f8:
e7:5d:c5:0c:4f:c2:36:07:08:33:2d:4e:b1:2b:74:ab:2f:fa:
8e:f4:35:31:e6:a3:05:2a:66:9a:7f:79:71:c7:51:96:55:ab:
48:b0:1f:bf:b8:59:1f:22:6d:8d:73:46:d6:01:3e:97:95:25:
c4:cd:01:cb:eb:a5:df:b6:cd:d5:20:c0:ba:99:42:d0:ad:bd:
40:07:91:fd:a0:40:27:fa:14:13:75:6f:b9:3e:92:29:e1:91:
eb:7a:a0:cb:15:13:c4:fa:38:bb:ff:21:1d:e7:fe:02:c0:64:
95:49:87:a4:5c:19:14:29:80:7d:fc:f8:44:73:de:a1:ba:ad:
a1:87:ea:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtk0EErUaZAIRtrpZOH22d/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI1MDMxMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTlmNGI2NTAzOWYzNWEyNDk1OGQ2ODJkYmVmZGZiM2MzNzVlNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucL2eCmDaW8ZBuCKCY3959XEwqbh
2g0ZdkDMIYQpZDtRqvXpZaSYMCV0C1m7savInb5vjRp49hSIwrwaQ7TKfdxI+Z/s
p5vPAcVzxNlQBokAzdHJurR0wLJwnWOOAyQ45dXJWma2oZpzZr4x+eSK3rC2odQi
+4G0KJh962oLWSBbahVfXs5Pqk+B06y1CitHuMm6MrBPNO/RkxtiYK1Tbt1OhPDD
AmmnPq0BDv1C++9fP2jg6IIMiyRAm3whKJF7hOhOPtI1FfQw6oSBHBn7laUiK/s0
rYGJUK8rJLL6Y61eHTwPFeuIfSkCe8/exK/maOzGcuj6Vb9a42JE3C9e4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK6fS2UDnzWiSVjWgtvv37PDdeTiMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcnA5TFpRT2ZOYUpKV05hQzItX2ZzOE4xNU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKuyiwI3to/pprtJZgrU
so0sPcZG7oc0e6+5U/Qb8DOsVvr94AUzU5UF+vM/y79o6UHGnT3uQCaywmFU/qg7
Kb2mDCNIQEmwBOluYsSRNCajkGjIdd32m5feXLF6cbGuq3ZqLnTkEaPwzPHB3R0Q
i/oqm24d8MjWMRZVdUr8+OddxQxPwjYHCDMtTrErdKsv+o70NTHmowUqZpp/eXHH
UZZVq0iwH7+4WR8ibY1zRtYBPpeVJcTNAcvrpd+2zdUgwLqZQtCtvUAHkf2gQCf6
FBN1b7k+kinhket6oMsVE8T6OLv/IR3n/gLAZJVJh6RcGRQpgH38+ERz3qG6raGH
6ho=
-----END CERTIFICATE-----
Generated at Thu Jun 19 22:35:44 2025 by rpki-client