Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/v5R_wZgBIj6rd2pamSRcjJ-62J8.roa
File: v5R_wZgBIj6rd2pamSRcjJ-62J8.roa (raw, json)
Hash identifier: ukfvrInew7RHiqyeYtQrmmlI+TE5MN8wL5asOqymcdo=
Subject key identifier: BF:94:7F:C1:98:01:22:3E:AB:77:6A:5A:99:24:5C:8C:9F:BA:D8:9F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD7D04D06166F54761DC73B8F1739B201
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/v5R_wZgBIj6rd2pamSRcjJ-62J8.roa
Signing time: Wed 27 Sep 2023 18:04:27 +0000
ROA not before: Wed 27 Sep 2023 18:04:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:d7d0:39b3/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:d0:4d:06:16:6f:54:76:1d:c7:3b:8f:17:39:b2:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 27 18:04:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf947fc19801223eab776a5a99245c8c9fbad89f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:2d:9f:f0:32:60:27:a2:18:59:05:a6:ec:
06:61:71:db:25:44:c8:b0:4a:6a:4f:d2:f2:65:d2:
cb:54:5d:30:0e:39:94:94:61:e1:f0:38:16:de:3e:
b2:b3:70:8b:f9:2e:27:c8:c3:a5:76:da:c2:44:fb:
40:00:82:90:51:fe:e3:c9:9e:df:d0:19:bd:39:96:
0b:c9:61:c0:1a:c0:75:a8:f0:95:94:9c:4c:db:fa:
60:f7:f2:5d:80:0a:7b:23:71:1b:8a:d0:1b:ea:da:
25:bf:83:86:d3:16:41:b0:b6:bc:c9:f2:c5:87:fb:
ab:0a:1a:f9:9e:99:3e:37:e7:10:b8:ea:71:d9:3f:
a6:28:0c:34:20:48:04:9e:71:48:21:4c:54:cd:a6:
84:68:36:7e:ff:38:42:58:89:3b:a5:26:35:7d:6e:
e1:d9:7d:60:e7:6e:26:e6:e7:86:81:5b:cd:8e:72:
f7:67:ed:3e:fd:ce:77:6e:02:26:99:56:fa:47:55:
0e:17:c4:c7:a9:0e:3c:ff:ff:71:d4:43:ca:72:09:
09:f4:98:d1:2b:00:b4:fe:80:31:ac:46:7f:a8:90:
2a:da:fe:3c:f0:16:be:3c:80:bc:b3:e5:a0:49:86:
2a:f6:41:e8:f9:74:16:24:87:44:ff:ee:97:80:11:
6c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:94:7F:C1:98:01:22:3E:AB:77:6A:5A:99:24:5C:8C:9F:BA:D8:9F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/v5R_wZgBIj6rd2pamSRcjJ-62J8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a9:21:02:ff:82:69:84:91:82:9d:d9:1e:77:8a:6b:08:a5:bf:
c9:34:af:39:47:18:77:a3:cd:fa:d9:5d:90:d3:2b:21:e9:59:
a7:e3:17:97:8f:dd:18:f7:27:a7:be:ca:b5:ef:81:50:60:5b:
f7:20:15:63:d6:61:df:86:c7:4b:ad:31:b0:06:c1:c0:38:fa:
a4:34:c8:16:8c:49:a5:97:51:99:31:1b:8f:8e:95:29:04:60:
f9:3e:9e:af:87:55:95:e1:3a:5a:86:c8:b7:23:3a:af:f8:1c:
fa:cd:65:ca:eb:c2:82:40:58:dc:ea:ef:8a:a3:aa:f0:ac:ec:
c3:9a:c4:39:45:cc:96:6e:ea:f9:c3:20:a3:c9:2c:07:2b:2b:
ee:4b:99:4f:8e:ba:ef:d2:47:a9:93:0e:3b:28:89:7c:fb:c3:
4b:8f:5e:0e:e5:52:46:5c:cf:a7:59:cb:59:ff:88:b5:e1:79:
ab:16:14:de:63:4d:6e:4e:0b:de:75:90:5c:09:ff:77:66:36:
aa:c1:66:2f:1d:60:46:8b:93:82:6a:86:4d:9a:71:c8:ac:cf:
5f:77:5b:5a:7d:a8:ff:2a:bb:9a:5d:ad:01:a5:2d:e2:be:dc:
48:19:9a:67:cd:84:70:d5:e3:58:89:c6:67:51:e6:ae:63:00:
e5:4e:86:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrX0E0GFm9Udh3HO48XObIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI3MTgwNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjk0N2ZjMTk4MDEyMjNlYWI3NzZhNWE5OTI0NWM4YzlmYmFkODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZQtn/AyYCeiGFkFpuwGYXHbJUTI
sEpqT9LyZdLLVF0wDjmUlGHh8DgW3j6ys3CL+S4nyMOldtrCRPtAAIKQUf7jyZ7f
0Bm9OZYLyWHAGsB1qPCVlJxM2/pg9/JdgAp7I3EbitAb6tolv4OG0xZBsLa8yfLF
h/urChr5npk+N+cQuOpx2T+mKAw0IEgEnnFIIUxUzaaEaDZ+/zhCWIk7pSY1fW7h
2X1g524m5ueGgVvNjnL3Z+0+/c53bgImmVb6R1UOF8THqQ48//9x1EPKcgkJ9JjR
KwC0/oAxrEZ/qJAq2v488Ba+PIC8s+WgSYYq9kHo+XQWJIdE/+6XgBFsIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL+Uf8GYASI+q3dqWpkkXIyfutifMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdjVSX3daZ0JJajZyZDJwYW1TUmNqSi02Mko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKkhAv+CaYSRgp3ZHneK
awilv8k0rzlHGHejzfrZXZDTKyHpWafjF5eP3Rj3J6e+yrXvgVBgW/cgFWPWYd+G
x0utMbAGwcA4+qQ0yBaMSaWXUZkxG4+OlSkEYPk+nq+HVZXhOlqGyLcjOq/4HPrN
ZcrrwoJAWNzq74qjqvCs7MOaxDlFzJZu6vnDIKPJLAcrK+5LmU+Ouu/SR6mTDjso
iXz7w0uPXg7lUkZcz6dZy1n/iLXheasWFN5jTW5OC951kFwJ/3dmNqrBZi8dYEaL
k4Jqhk2accisz193W1p9qP8qu5pdrQGlLeK+3EgZmmfNhHDV41iJxmdR5q5jAOVO
hro=
-----END CERTIFICATE-----
Generated at Wed Jun 18 12:08:53 2025 by rpki-client