Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uYk6O1hr8fTRTPNpkRAoBLNtzhM.roa
File: uYk6O1hr8fTRTPNpkRAoBLNtzhM.roa (raw, json)
Hash identifier: ifeX8Dr0OZE7gCyWIzmsVnNSGoXiKzRfeS34s838lBo=
Subject key identifier: B9:89:3A:3B:58:6B:F1:F4:D1:4C:F3:69:91:10:28:04:B3:6D:CE:13
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B79D76EB2EE95737B0AD4ED2093A3C5AB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uYk6O1hr8fTRTPNpkRAoBLNtzhM.roa
Signing time: Sun 29 Oct 2023 05:10:43 +0000
ROA not before: Sun 29 Oct 2023 05:10:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:79d1:a0e2/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:79:d7:6e:b2:ee:95:73:7b:0a:d4:ed:20:93:a3:c5:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 29 05:10:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9893a3b586bf1f4d14cf36991102804b36dce13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7d:d0:57:7a:d6:f5:08:fa:12:f9:8b:54:f5:
2e:e7:16:0b:bd:52:e8:31:99:c4:d7:31:d1:a4:e4:
8a:b3:d9:a1:a1:ae:e7:ef:59:6a:56:d5:60:8b:07:
0b:33:f4:fc:ac:db:57:b0:6b:9c:0e:62:a5:2d:13:
ca:9f:67:a2:82:0f:0d:d0:b8:24:d1:f7:f2:3a:ac:
4a:3e:50:ab:d4:5a:3f:cd:f6:a4:f4:1f:80:2d:45:
97:fc:3e:a1:69:3d:40:f8:c3:fb:75:cd:40:44:4b:
10:f4:a7:87:8b:8e:76:4a:08:0a:3d:2b:d7:30:99:
10:29:ac:a9:b7:88:0a:5a:49:cb:a3:a9:ad:9a:26:
f0:cd:e0:98:9b:a9:b8:f9:7a:64:a8:85:ae:2f:11:
76:c0:76:15:de:13:38:9a:43:cf:18:d8:1b:de:39:
4a:ec:b6:81:f8:50:7e:b2:0c:a3:95:9f:00:3a:55:
68:b2:50:cc:e2:eb:7c:46:bf:3c:6f:18:bd:da:0c:
c7:54:0b:fa:f0:10:3f:46:a0:03:bb:dc:66:29:4a:
8b:1d:f5:dd:aa:61:1a:6a:c6:a3:55:05:73:a9:f0:
fd:8f:74:8c:4a:bc:f1:e3:fc:39:ee:5b:2d:b3:a4:
1f:7e:6c:ba:91:18:83:de:ec:19:ed:fe:f4:ee:ae:
a8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:89:3A:3B:58:6B:F1:F4:D1:4C:F3:69:91:10:28:04:B3:6D:CE:13
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uYk6O1hr8fTRTPNpkRAoBLNtzhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:d1:8d:f7:1f:59:6b:69:da:11:c0:75:bd:e9:e5:c7:17:20:
21:75:80:07:00:85:84:7a:e8:9f:d4:4b:83:d9:65:b7:00:00:
fd:5f:b8:40:db:97:1b:af:f0:90:58:09:17:c5:16:54:9b:28:
07:99:1b:4c:72:41:8e:ef:ed:21:6f:ff:7c:43:28:ed:59:9f:
e4:1f:37:18:dd:ed:34:f6:f9:b3:6c:63:89:85:46:2b:d3:3d:
58:4d:17:c0:2e:d5:86:dc:f4:5d:76:fb:78:06:70:ae:de:ef:
a8:89:94:7d:5d:b8:8d:a7:62:19:ea:81:7b:a5:44:ed:4e:ee:
93:a4:af:71:79:25:38:74:b4:29:0c:99:fd:ca:eb:9f:9e:da:
da:6f:9f:1e:a9:fe:c5:7c:c3:bc:09:7d:07:a2:57:1a:fc:55:
cc:d9:43:cd:65:47:58:7a:42:9b:02:3e:d4:78:05:e1:46:25:
3b:b2:55:87:fa:bd:8b:c3:29:58:5a:3f:60:6a:a7:e7:23:74:
44:51:79:aa:d8:3f:b2:bf:b2:58:a1:96:b8:b3:00:24:28:cf:
be:8b:df:79:bd:bd:28:b3:e6:84:40:03:d2:37:22:df:7f:19:
54:78:0d:58:0c:1c:7d:e5:97:f9:72:5e:6d:dd:13:30:b1:2f:
db:f5:d2:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYt5126y7pVzewrU7SCTo8WrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI5MDUxMDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg5M2EzYjU4NmJmMWY0ZDE0Y2YzNjk5MTEwMjgwNGIzNmRjZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn3QV3rW9Qj6EvmLVPUu5xYLvVLo
MZnE1zHRpOSKs9mhoa7n71lqVtVgiwcLM/T8rNtXsGucDmKlLRPKn2eigg8N0Lgk
0ffyOqxKPlCr1Fo/zfak9B+ALUWX/D6haT1A+MP7dc1AREsQ9KeHi452SggKPSvX
MJkQKaypt4gKWknLo6mtmibwzeCYm6m4+XpkqIWuLxF2wHYV3hM4mkPPGNgb3jlK
7LaB+FB+sgyjlZ8AOlVoslDM4ut8Rr88bxi92gzHVAv68BA/RqADu9xmKUqLHfXd
qmEaasajVQVzqfD9j3SMSrzx4/w57lsts6Qffmy6kRiD3uwZ7f707q6omwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLmJOjtYa/H00UzzaZEQKASzbc4TMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdVlrNk8xaHI4ZlRSVFBOcGtSQW9CTE50emhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGfRjfcfWWtp2hHAdb3p
5ccXICF1gAcAhYR66J/US4PZZbcAAP1fuEDblxuv8JBYCRfFFlSbKAeZG0xyQY7v
7SFv/3xDKO1Zn+QfNxjd7TT2+bNsY4mFRivTPVhNF8Au1Ybc9F12+3gGcK7e76iJ
lH1duI2nYhnqgXulRO1O7pOkr3F5JTh0tCkMmf3K65+e2tpvnx6p/sV8w7wJfQei
Vxr8VczZQ81lR1h6QpsCPtR4BeFGJTuyVYf6vYvDKVhaP2Bqp+cjdERRearYP7K/
slihlrizACQoz76L33m9vSiz5oRAA9I3It9/GVR4DVgMHH3ll/lyXm3dEzCxL9v1
0pk=
-----END CERTIFICATE-----
Generated at Tue Jun 17 08:53:18 2025 by rpki-client