Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sQTlNgfzd8uPDTBgpN8Kqul-oiQ.roa
File: sQTlNgfzd8uPDTBgpN8Kqul-oiQ.roa (raw, json)
Hash identifier: Sp2uWBo/+KT1wk9C0uU/99+uQANC4eemDzGxEqgSOmU=
Subject key identifier: B1:04:E5:36:07:F3:77:CB:8F:0D:30:60:A4:DF:0A:AA:E9:7E:A2:24
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABDA2CBC9000677D088EEC454284F9DCA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sQTlNgfzd8uPDTBgpN8Kqul-oiQ.roa
Signing time: Fri 22 Sep 2023 16:04:37 +0000
ROA not before: Fri 22 Sep 2023 16:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:bda2:72f3/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:a2:cb:c9:00:06:77:d0:88:ee:c4:54:28:4f:9d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 16:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b104e53607f377cb8f0d3060a4df0aaae97ea224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:04:47:5f:d1:c7:bc:b7:6c:de:4d:c6:f3:a0:
ee:41:b5:dd:84:ea:9c:14:e4:93:74:e6:a8:d0:d0:
5f:8b:88:56:89:ed:ad:81:a3:8a:dc:b7:63:04:ff:
5d:9d:fc:fe:a5:07:54:91:ce:24:7c:6c:06:76:9b:
79:79:c4:b3:97:cc:fa:30:dc:e7:5b:c3:5e:bd:f7:
ca:5d:b6:37:3e:2e:ea:a6:15:60:8e:6f:02:2a:1f:
87:35:c2:2c:6e:f0:ee:cb:2d:8a:e1:2b:1f:12:99:
50:66:8d:59:71:56:bb:30:4a:24:ea:f7:48:8a:f9:
73:19:4d:d6:6f:bf:9d:9f:85:91:e1:b1:71:12:2c:
b5:cf:71:c8:f8:31:4f:6a:ea:cd:03:ce:c9:a0:b2:
59:7c:7c:ac:84:f5:b3:89:a8:e7:3e:71:6e:07:e7:
a6:c9:8b:a6:4c:64:ce:12:8b:bb:31:91:d7:2d:6d:
11:22:de:44:6d:f7:38:e6:5a:76:4b:07:11:4d:5a:
b0:46:13:2b:16:0d:f1:58:c0:2a:3a:f0:30:46:4a:
33:c6:c9:51:f5:60:fd:e3:da:94:35:6c:a6:ad:2f:
84:5a:c0:7a:4c:df:93:ca:5d:a4:e1:1f:3f:9d:64:
b0:d1:59:58:90:ab:1c:fc:c9:68:78:46:c8:5c:9b:
96:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:04:E5:36:07:F3:77:CB:8F:0D:30:60:A4:DF:0A:AA:E9:7E:A2:24
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sQTlNgfzd8uPDTBgpN8Kqul-oiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d0:98:28:47:fb:bc:a4:4b:0d:aa:97:fa:7d:f6:96:f6:21:51:
35:82:af:be:7e:c4:eb:34:c6:90:99:68:1f:f9:24:c6:83:a6:
dc:6d:e6:ac:2d:9a:a7:2e:ea:bd:63:8c:42:b8:59:c3:66:78:
d9:21:9d:35:19:bb:dd:29:b2:02:30:e7:15:5b:e2:19:7d:0c:
77:47:fc:d7:84:b4:e5:77:94:5e:de:77:b3:2e:2a:07:07:25:
fa:14:ca:c5:c1:9e:03:6a:73:e2:5b:83:63:4e:28:70:6b:ba:
79:fc:1e:bd:a4:8e:01:ad:bd:44:86:69:4d:6d:a0:2e:04:d8:
18:a4:c0:47:4c:41:8e:d9:71:93:f0:c9:e1:d2:ff:fc:f1:9b:
70:b9:2a:c4:63:1b:ca:90:5f:eb:cb:26:42:97:15:da:87:6b:
cb:71:d4:87:c8:90:78:63:d1:22:09:a0:d2:93:ab:22:c5:d6:
54:05:fc:d3:e3:68:74:a2:52:60:ed:5f:be:06:8f:8e:51:97:
3e:f6:8b:20:5f:ac:0e:c8:86:82:81:39:c7:18:f2:39:dd:c4:
16:e7:87:ad:34:ea:16:12:f5:13:3d:da:c1:fb:f4:d2:24:fa:
5f:69:8a:77:61:85:81:c0:3f:3d:c8:b4:78:f4:0f:f9:19:41:
42:fd:30:82
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq9osvJAAZ30IjuxFQoT53KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMTYwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA0ZTUzNjA3ZjM3N2NiOGYwZDMwNjBhNGRmMGFhYWU5N2VhMjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQRHX9HHvLds3k3G86DuQbXdhOqc
FOSTdOao0NBfi4hWie2tgaOK3LdjBP9dnfz+pQdUkc4kfGwGdpt5ecSzl8z6MNzn
W8NevffKXbY3Pi7qphVgjm8CKh+HNcIsbvDuyy2K4SsfEplQZo1ZcVa7MEok6vdI
ivlzGU3Wb7+dn4WR4bFxEiy1z3HI+DFPaurNA87JoLJZfHyshPWziajnPnFuB+em
yYumTGTOEou7MZHXLW0RIt5Ebfc45lp2SwcRTVqwRhMrFg3xWMAqOvAwRkozxslR
9WD949qUNWymrS+EWsB6TN+Tyl2k4R8/nWSw0VlYkKsc/MloeEbIXJuWmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLEE5TYH83fLjw0wYKTfCqrpfqIkMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc1FUbE5nZnpkOHVQRFRCZ3BOOEtxdWwtb2lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANCYKEf7vKRLDaqX+n32
lvYhUTWCr75+xOs0xpCZaB/5JMaDptxt5qwtmqcu6r1jjEK4WcNmeNkhnTUZu90p
sgIw5xVb4hl9DHdH/NeEtOV3lF7ed7MuKgcHJfoUysXBngNqc+Jbg2NOKHBrunn8
Hr2kjgGtvUSGaU1toC4E2BikwEdMQY7ZcZPwyeHS//zxm3C5KsRjG8qQX+vLJkKX
FdqHa8tx1IfIkHhj0SIJoNKTqyLF1lQF/NPjaHSiUmDtX74Gj45Rlz72iyBfrA7I
hoKBOccY8jndxBbnh6006hYS9RM92sH79NIk+l9pindhhYHAPz3ItHj0D/kZQUL9
MII=
-----END CERTIFICATE-----
Generated at Fri Jun 20 16:48:32 2025 by rpki-client