Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wAqhmB8SExsAf8BlhqZUvZM3B1A.roa
File: wAqhmB8SExsAf8BlhqZUvZM3B1A.roa (raw, json)
Hash identifier: nI2Tmi0jrbIxMpE7lLv4LXL4msHRhM14fzKkpfLp+Ow=
Subject key identifier: C0:0A:A1:98:1F:12:13:1B:00:7F:C0:65:86:A6:54:BD:93:37:07:50
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF012B72C4F6772E1C7B791AA9C0FD35A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wAqhmB8SExsAf8BlhqZUvZM3B1A.roa
Signing time: Mon 02 Oct 2023 11:07:52 +0000
ROA not before: Mon 02 Oct 2023 11:07:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:f00f:cedb/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:12:b7:2c:4f:67:72:e1:c7:b7:91:aa:9c:0f:d3:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 11:07:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c00aa1981f12131b007fc06586a654bd93370750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3e:d7:15:18:d9:2d:26:46:ad:3b:4a:89:5a:
46:f7:92:aa:bc:41:67:9f:d1:b8:b3:69:35:1f:73:
83:a8:e2:cb:61:f7:60:2a:74:65:b2:49:f9:6e:cd:
f8:5b:5c:f5:d5:d2:dd:39:de:0a:15:8b:10:e4:d7:
77:ba:ab:6e:84:c6:57:c5:66:71:3c:4a:da:c7:d3:
fd:a1:da:d1:54:c2:35:7f:26:3c:ec:ce:60:13:2c:
c0:ee:3b:67:b2:d0:85:5b:2f:40:03:ba:10:2d:90:
d6:f8:b1:41:cc:4e:b8:63:ad:ba:dc:f9:ef:90:af:
18:d0:6b:7c:c3:c3:55:f2:b5:66:f5:51:2f:37:22:
aa:4e:d8:d6:d1:49:e0:06:2c:4a:07:cf:5f:c0:58:
81:9d:41:e7:a9:9a:87:3b:0c:af:ae:fb:90:cf:2c:
ff:61:b2:64:88:92:7a:04:26:3e:0d:79:9d:0f:96:
f4:61:cf:35:8a:f7:35:d2:d5:01:d6:d2:4d:fc:50:
7b:d0:61:ce:ba:83:ab:f1:74:f3:81:69:3a:40:9f:
c4:0a:a8:7a:78:b9:9d:30:53:f2:a4:0c:27:8f:5d:
9e:a6:17:3a:d9:2e:b0:47:9e:ed:f3:a3:29:61:93:
83:63:b4:11:07:1a:2b:74:39:ff:7a:65:8f:05:6e:
f8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0A:A1:98:1F:12:13:1B:00:7F:C0:65:86:A6:54:BD:93:37:07:50
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wAqhmB8SExsAf8BlhqZUvZM3B1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
01:bc:16:1c:86:51:01:13:dd:9c:6f:c9:58:cc:38:61:3d:90:
60:e1:e2:1c:1b:47:df:60:15:1e:67:96:6b:82:e3:a7:58:ce:
95:01:0d:4a:c7:d1:2b:16:5e:2b:15:66:96:2d:28:9b:f5:2a:
f4:8d:0b:bd:bf:f3:a8:8c:ff:90:ae:9b:88:6b:b7:d0:06:58:
0d:25:6d:f1:5f:b7:6c:d3:f9:0e:da:7e:b7:7d:c7:ff:6f:d5:
d3:79:40:b2:36:4d:2f:f0:f9:f3:a0:36:b5:91:31:83:03:5d:
a4:45:c6:74:92:91:d4:32:72:ba:e2:a6:60:23:73:3d:48:80:
37:1a:fd:c7:b9:8f:e3:69:38:04:8c:98:a6:c8:b6:a5:d8:5d:
b2:51:ba:c9:ea:d7:a9:1d:48:81:5f:e3:52:56:80:57:92:79:
c5:82:3a:62:eb:65:ec:cb:07:12:b4:fb:09:91:90:02:90:a2:
9f:c7:9c:ba:11:13:7e:1e:3f:89:af:72:2f:ca:ee:5f:37:da:
46:84:34:07:02:b3:c0:ad:76:8a:dc:6a:f3:03:b3:e4:e6:0c:
ca:d7:78:a6:b7:62:f8:d6:01:4f:5a:5b:09:0c:e6:29:f1:5a:
78:4d:93:48:14:2f:79:5f:20:b6:0f:11:c7:a0:f1:49:f7:0d:
ee:1b:7e:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrwErcsT2dy4ce3kaqcD9NaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMTEwNzUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDBhYTE5ODFmMTIxMzFiMDA3ZmMwNjU4NmE2NTRiZDkzMzcwNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmD7XFRjZLSZGrTtKiVpG95KqvEFn
n9G4s2k1H3ODqOLLYfdgKnRlskn5bs34W1z11dLdOd4KFYsQ5Nd3uqtuhMZXxWZx
PErax9P9odrRVMI1fyY87M5gEyzA7jtnstCFWy9AA7oQLZDW+LFBzE64Y6263Pnv
kK8Y0Gt8w8NV8rVm9VEvNyKqTtjW0UngBixKB89fwFiBnUHnqZqHOwyvrvuQzyz/
YbJkiJJ6BCY+DXmdD5b0Yc81ivc10tUB1tJN/FB70GHOuoOr8XTzgWk6QJ/ECqh6
eLmdMFPypAwnj12ephc62S6wR57t86MpYZODY7QRBxordDn/emWPBW743wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMAKoZgfEhMbAH/AZYamVL2TNwdQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvd0FxaG1COFNFeHNBZjhCbGhxWlV2Wk0zQjFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAG8FhyGUQET3ZxvyVjM
OGE9kGDh4hwbR99gFR5nlmuC46dYzpUBDUrH0SsWXisVZpYtKJv1KvSNC72/86iM
/5Cum4hrt9AGWA0lbfFft2zT+Q7afrd9x/9v1dN5QLI2TS/w+fOgNrWRMYMDXaRF
xnSSkdQycrripmAjcz1IgDca/ce5j+NpOASMmKbItqXYXbJRusnq16kdSIFf41JW
gFeSecWCOmLrZezLBxK0+wmRkAKQop/HnLoRE34eP4mvci/K7l832kaENAcCs8Ct
dorcavMDs+TmDMrXeKa3YvjWAU9aWwkM5inxWnhNk0gUL3lfILYPEceg8Un3De4b
fnk=
-----END CERTIFICATE-----
Generated at Wed Jun 18 19:21:50 2025 by rpki-client