Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wErigzW9bLkoXViR82aPmwibWns.roa
File: wErigzW9bLkoXViR82aPmwibWns.roa (raw, json)
Hash identifier: UqZNFtLhSaT/irpaQx6ZjYMHgMSuL/I3IVZ1EBWYHus=
Subject key identifier: C0:4A:E2:83:35:BD:6C:B9:28:5D:58:91:F3:66:8F:9B:08:9B:5A:7B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADC894C316305A71A80AB79F8ADFA535F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wErigzW9bLkoXViR82aPmwibWns.roa
Signing time: Thu 28 Sep 2023 16:04:59 +0000
ROA not before: Thu 28 Sep 2023 16:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:dc89:22d0/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:89:4c:31:63:05:a7:1a:80:ab:79:f8:ad:fa:53:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 16:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c04ae28335bd6cb9285d5891f3668f9b089b5a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:34:00:46:18:e1:19:c9:f6:45:d7:e4:83:45:
58:c6:64:4e:ac:0e:8c:9f:3c:7f:43:9f:38:17:c2:
69:dc:46:87:e4:69:75:f0:28:73:d5:97:fd:05:08:
c4:bc:87:8e:47:a1:aa:9e:ca:a4:f3:67:8f:b5:9e:
41:7e:d1:2f:c2:84:3a:1d:31:66:79:c0:c9:1d:c0:
6c:91:27:a4:16:4e:b6:ff:86:e8:cd:c7:54:64:2d:
5e:10:6a:08:64:a7:97:83:7f:c3:2d:b2:c2:e2:1d:
a8:e6:ba:b1:f1:9c:7f:08:51:7c:29:7b:92:51:d9:
00:9e:3b:20:af:cf:bf:89:73:3d:18:42:c6:8e:e2:
c8:0b:24:b5:f8:47:73:32:51:5e:ce:3d:f8:4b:e9:
42:27:93:ad:c6:0c:c2:e0:20:48:7f:f2:95:cc:d1:
b5:c5:46:23:20:d2:b1:85:fa:68:f0:15:94:47:93:
d4:01:f1:28:63:d5:8a:e0:2d:a5:6f:87:97:d1:de:
e0:58:29:62:01:fe:c2:30:f5:ce:0b:c8:14:75:0f:
86:86:0d:8a:3f:2a:85:87:cd:51:e3:7f:52:cd:71:
70:e5:82:1e:a8:df:3b:cb:43:55:e7:e8:21:f1:51:
49:e8:76:a7:3f:f8:e3:68:6a:d7:c8:4f:cc:ac:fd:
79:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4A:E2:83:35:BD:6C:B9:28:5D:58:91:F3:66:8F:9B:08:9B:5A:7B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wErigzW9bLkoXViR82aPmwibWns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:36:4c:bd:5b:6e:e7:5b:9f:20:c1:d6:24:21:c2:9b:3c:1f:
6d:c3:5a:0a:e5:13:41:16:5a:7c:5f:8b:f8:83:fd:5e:7e:b6:
5e:4c:4d:c9:b1:18:d3:c4:b9:7b:59:71:ab:17:99:ce:7d:55:
df:99:1a:60:1e:2f:45:0c:f3:5a:83:f0:0f:11:e8:f8:16:69:
71:8a:11:8c:58:eb:fb:95:91:79:53:d4:bb:6a:b4:ad:d9:0f:
7c:7c:3a:ad:f0:4d:8f:fa:ea:4d:7f:f5:f5:03:fc:a5:b9:2f:
8a:6d:69:68:c1:ff:e0:da:0b:0a:29:0c:f8:8e:e4:9c:9a:52:
2f:35:d7:e7:cf:78:b5:dd:6c:28:1b:d8:da:4d:e3:6e:45:c4:
bc:7a:d5:f2:7c:7c:fb:1f:97:a3:2b:f9:67:c8:8a:9e:de:44:
ac:f9:63:bb:a8:17:f1:be:ae:13:7a:21:7c:93:35:e9:a7:71:
57:2b:d9:5a:2e:c2:eb:cb:b3:20:09:3b:f7:8e:a3:2c:e1:73:
41:5a:88:c0:14:63:41:ba:b8:52:b6:70:ce:40:97:6d:e1:14:
3d:07:8d:19:44:7c:53:d3:ad:dd:ad:66:c0:fc:6a:e3:5d:c8:
5a:bf:e8:4e:fb:b6:c7:06:d7:95:c3:4f:70:6b:57:a0:e8:29:
48:7b:d2:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrciUwxYwWnGoCrefit+lNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MTYwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDRhZTI4MzM1YmQ2Y2I5Mjg1ZDU4OTFmMzY2OGY5YjA4OWI1YTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzQARhjhGcn2Rdfkg0VYxmROrA6M
nzx/Q584F8Jp3EaH5Gl18Chz1Zf9BQjEvIeOR6Gqnsqk82ePtZ5BftEvwoQ6HTFm
ecDJHcBskSekFk62/4bozcdUZC1eEGoIZKeXg3/DLbLC4h2o5rqx8Zx/CFF8KXuS
UdkAnjsgr8+/iXM9GELGjuLICyS1+EdzMlFezj34S+lCJ5OtxgzC4CBIf/KVzNG1
xUYjINKxhfpo8BWUR5PUAfEoY9WK4C2lb4eX0d7gWCliAf7CMPXOC8gUdQ+Ghg2K
PyqFh81R439SzXFw5YIeqN87y0NV5+gh8VFJ6HanP/jjaGrXyE/MrP15wwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMBK4oM1vWy5KF1YkfNmj5sIm1p7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvd0VyaWd6VzliTGtvWFZpUjgyYVBtd2liV25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFo2TL1bbudbnyDB1iQh
wps8H23DWgrlE0EWWnxfi/iD/V5+tl5MTcmxGNPEuXtZcasXmc59Vd+ZGmAeL0UM
81qD8A8R6PgWaXGKEYxY6/uVkXlT1LtqtK3ZD3x8Oq3wTY/66k1/9fUD/KW5L4pt
aWjB/+DaCwopDPiO5JyaUi811+fPeLXdbCgb2NpN425FxLx61fJ8fPsfl6Mr+WfI
ip7eRKz5Y7uoF/G+rhN6IXyTNemncVcr2VouwuvLsyAJO/eOoyzhc0FaiMAUY0G6
uFK2cM5Al23hFD0HjRlEfFPTrd2tZsD8auNdyFq/6E77tscG15XDT3BrV6DoKUh7
0g4=
-----END CERTIFICATE-----
Generated at Tue Jun 17 02:11:52 2025 by rpki-client