Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vWzcWZDwm81O-mdYSBa-rR4keQQ.roa
File: vWzcWZDwm81O-mdYSBa-rR4keQQ.roa (raw, json)
Hash identifier: OYno6c04ns2JWKSir/08KMJA50ZAoAZf5Lp1SgZZJCA=
Subject key identifier: BD:6C:DC:59:90:F0:9B:CD:4E:FA:67:58:48:16:BE:AD:1E:24:79:04
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C10E17B3B000E0386AEFC352934D7EF2D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vWzcWZDwm81O-mdYSBa-rR4keQQ.roa
Signing time: Mon 27 Nov 2023 13:04:21 +0000
ROA not before: Mon 27 Nov 2023 13:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:10e1:58ae/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:e1:7b:3b:00:0e:03:86:ae:fc:35:29:34:d7:ef:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 13:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd6cdc5990f09bcd4efa67584816bead1e247904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:98:e4:20:72:23:29:57:bf:41:5c:c3:66:bc:
c7:8f:46:50:b8:39:ae:e7:93:fe:73:af:29:10:0f:
aa:3f:0d:5d:2c:e3:4e:95:ac:50:9b:10:ef:64:99:
21:bc:25:a7:41:26:97:c0:65:e0:27:28:27:87:5b:
24:3c:20:69:1f:8c:d8:6c:60:ab:58:2e:55:6d:6c:
03:62:12:94:60:f4:86:a1:5e:7d:bd:f9:c2:77:c2:
f9:d2:4f:bd:56:6f:af:2d:7a:e4:0b:24:e8:a0:3b:
e1:f8:0d:5a:e6:08:dc:05:38:38:bc:13:a3:59:75:
c1:21:02:8d:8c:f8:2f:75:7e:db:d7:47:c9:b2:58:
f4:cf:cc:b9:fc:01:73:a4:7e:81:0d:2a:cf:d2:8d:
11:95:4e:fb:9c:61:69:e3:44:64:6d:98:92:ad:8e:
dc:46:64:ec:a9:e2:05:6f:00:8a:c2:df:1a:98:f9:
2c:08:9d:db:be:c3:24:e2:fc:6f:16:44:aa:f9:7d:
c1:3e:80:0c:58:9c:1f:af:b3:52:9c:ec:8d:ce:82:
62:e2:93:23:ae:a4:13:eb:9f:87:a4:1a:95:59:6e:
78:9e:52:f7:04:85:d0:05:2a:cc:a3:85:eb:94:58:
1e:86:f1:cc:28:10:5e:0a:92:00:7e:1f:2b:0f:2f:
bf:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6C:DC:59:90:F0:9B:CD:4E:FA:67:58:48:16:BE:AD:1E:24:79:04
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vWzcWZDwm81O-mdYSBa-rR4keQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c4:6f:30:53:ba:f1:8e:45:a5:4b:78:a2:e7:dd:21:cd:4a:7d:
1e:bb:b3:fb:2b:57:b4:d3:d4:a7:1e:b6:34:cf:c2:38:47:9d:
88:63:38:9f:12:a2:68:17:d2:91:45:7f:b0:5c:a7:79:4f:48:
47:07:ac:dd:d6:46:cb:dd:bd:37:5c:9a:a7:f0:aa:29:da:04:
f5:90:e6:58:4f:14:82:9c:9d:0b:a8:f9:55:f1:98:10:b9:ba:
a8:78:40:88:51:70:5b:e0:27:d9:d0:d6:95:0a:a1:97:fa:8b:
43:e5:61:72:db:90:ea:56:98:5b:99:ff:e9:d9:1f:cc:a2:e1:
fc:e5:21:d5:05:26:56:2b:40:af:9d:19:90:05:25:e0:9b:fb:
de:3c:49:28:86:a0:65:34:4e:8e:ad:a9:56:0b:9b:7a:bd:8f:
df:1e:9c:bd:e0:95:b3:da:ee:a6:06:76:7e:1f:d9:64:bd:ca:
41:58:64:7a:a3:a8:c6:c5:94:20:21:61:ac:bf:35:4f:ff:ec:
2e:c3:9a:14:15:75:ad:db:38:54:62:8b:e6:8f:d7:18:e0:3f:
47:41:89:3f:e1:e3:60:7b:16:ba:b1:2c:78:29:ec:f4:8a:e3:
bf:4f:e5:ad:5e:f8:93:1c:6d:2b:ef:36:c5:b8:73:b4:48:f0:
bd:e8:bb:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwQ4Xs7AA4Dhq78NSk01+8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MTMwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDZjZGM1OTkwZjA5YmNkNGVmYTY3NTg0ODE2YmVhZDFlMjQ3OTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5jkIHIjKVe/QVzDZrzHj0ZQuDmu
55P+c68pEA+qPw1dLONOlaxQmxDvZJkhvCWnQSaXwGXgJygnh1skPCBpH4zYbGCr
WC5VbWwDYhKUYPSGoV59vfnCd8L50k+9Vm+vLXrkCyTooDvh+A1a5gjcBTg4vBOj
WXXBIQKNjPgvdX7b10fJslj0z8y5/AFzpH6BDSrP0o0RlU77nGFp40RkbZiSrY7c
RmTsqeIFbwCKwt8amPksCJ3bvsMk4vxvFkSq+X3BPoAMWJwfr7NSnOyNzoJi4pMj
rqQT65+HpBqVWW54nlL3BIXQBSrMo4XrlFgehvHMKBBeCpIAfh8rDy+/6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL1s3FmQ8JvNTvpnWEgWvq0eJHkEMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdld6Y1daRHdtODFPLW1kWVNCYS1yUjRrZVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMRvMFO68Y5FpUt4oufd
Ic1KfR67s/srV7TT1KcetjTPwjhHnYhjOJ8SomgX0pFFf7Bcp3lPSEcHrN3WRsvd
vTdcmqfwqinaBPWQ5lhPFIKcnQuo+VXxmBC5uqh4QIhRcFvgJ9nQ1pUKoZf6i0Pl
YXLbkOpWmFuZ/+nZH8yi4fzlIdUFJlYrQK+dGZAFJeCb+948SSiGoGU0To6tqVYL
m3q9j98enL3glbPa7qYGdn4f2WS9ykFYZHqjqMbFlCAhYay/NU//7C7DmhQVda3b
OFRii+aP1xjgP0dBiT/h42B7FrqxLHgp7PSK479P5a1e+JMcbSvvNsW4c7RI8L3o
uz8=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:30:55 2025 by rpki-client