Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PuFK2jqM6iCisqZ23cxA5OPEE2c.roa
File: PuFK2jqM6iCisqZ23cxA5OPEE2c.roa (raw, json)
Hash identifier: U2LRRPhB7okZ4vt4yVuU4a8MtxwVYrN73KJBBJ2CqzY=
Subject key identifier: 3E:E1:4A:DA:3A:8C:EA:20:A2:B2:A6:76:DD:CC:40:E4:E3:C4:13:67
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C374AC017FC205A187AA8CCD6C46C00E8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PuFK2jqM6iCisqZ23cxA5OPEE2c.roa
Signing time: Tue 05 Dec 2023 00:04:54 +0000
ROA not before: Tue 05 Dec 2023 00:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:374a:3126/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:37:4a:c0:17:fc:20:5a:18:7a:a8:cc:d6:c4:6c:00:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 00:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ee14ada3a8cea20a2b2a676ddcc40e4e3c41367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1d:51:94:3e:19:a0:53:06:7c:8b:68:71:f7:
13:a4:48:dd:7a:1d:e8:22:c3:12:d7:97:55:af:ba:
e0:37:a3:50:3e:1a:6d:1a:70:74:eb:f4:a8:56:fe:
9c:a9:99:7e:47:31:52:19:b6:36:7c:0f:8b:c1:64:
ce:e3:c5:34:30:e5:7a:9c:6f:e7:92:6b:ee:3b:cf:
e2:6d:76:60:b6:64:7e:7f:ab:1b:79:4c:65:3f:43:
26:89:57:ac:94:33:59:74:e8:84:d4:fa:02:0c:6a:
c5:62:45:36:33:94:d2:60:8f:c2:d5:93:21:87:de:
d7:2c:c4:22:f6:8b:a9:a2:be:16:f8:fd:ee:db:e7:
89:2d:d1:78:76:45:46:35:a0:9e:29:ac:2b:2d:d7:
c0:cd:bb:aa:7b:ee:6c:ab:a9:0a:ca:45:c4:73:7b:
f3:19:1c:49:b0:8e:ac:d7:61:ce:b7:e8:68:e2:14:
e1:43:fd:3d:03:c8:1c:42:04:a2:d6:e4:29:ed:9e:
c6:d5:56:dc:d7:cf:91:cc:56:65:4e:7c:e0:74:a7:
9c:c1:ab:b4:2d:1a:a8:9d:84:bd:d9:c6:db:5a:ab:
5a:7b:64:bf:43:4f:11:ad:1a:96:e8:30:0b:1d:6b:
fd:3a:c1:43:64:c5:80:a9:fb:86:ce:54:76:b0:4d:
16:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:E1:4A:DA:3A:8C:EA:20:A2:B2:A6:76:DD:CC:40:E4:E3:C4:13:67
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/PuFK2jqM6iCisqZ23cxA5OPEE2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:8e:30:7f:2f:53:0f:12:a1:20:83:6f:4f:c8:78:71:2a:48:
a8:aa:3b:bf:1b:e1:32:27:47:85:8f:13:8a:1f:df:fe:0e:5c:
2e:3e:ad:f9:05:0c:d3:85:21:2f:b5:6c:4a:dd:1d:00:1d:09:
97:91:b3:e8:83:34:2a:ad:7b:d8:78:3b:ea:d2:6e:26:61:c0:
3a:58:18:af:85:7d:aa:38:a2:f9:ec:58:6f:3d:93:44:8b:76:
e7:87:e8:50:4e:6d:03:48:bc:be:01:29:56:bb:4e:61:13:c2:
6e:60:e8:3d:46:82:47:38:44:e5:ae:64:bc:36:04:2b:39:a0:
70:75:66:e6:75:09:92:2b:7f:9b:da:d5:4b:78:01:ed:2a:3e:
36:89:2b:2a:fd:e1:ed:f0:b6:f6:a2:9a:88:92:6c:1f:43:8e:
ff:74:8c:7e:eb:06:30:13:47:90:98:2a:60:2c:3f:09:10:9f:
9c:8e:f2:e5:fe:fc:8c:56:e8:24:84:0e:76:14:b6:ff:4b:93:
bb:10:bc:8b:7e:e2:c9:69:eb:7c:d3:ce:3a:ab:ef:0c:66:99:
15:32:ba:4f:be:6e:19:09:92:bb:04:04:f9:99:8e:1c:84:91:
f1:66:18:15:69:b8:4d:f8:b6:56:c3:ba:01:3e:d4:41:0d:a1:
a5:ea:9f:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw3SsAX/CBaGHqozNbEbADoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MDAwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWUxNGFkYTNhOGNlYTIwYTJiMmE2NzZkZGNjNDBlNGUzYzQxMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmB1RlD4ZoFMGfItocfcTpEjdeh3o
IsMS15dVr7rgN6NQPhptGnB06/SoVv6cqZl+RzFSGbY2fA+LwWTO48U0MOV6nG/n
kmvuO8/ibXZgtmR+f6sbeUxlP0MmiVeslDNZdOiE1PoCDGrFYkU2M5TSYI/C1ZMh
h97XLMQi9oupor4W+P3u2+eJLdF4dkVGNaCeKawrLdfAzbuqe+5sq6kKykXEc3vz
GRxJsI6s12HOt+ho4hThQ/09A8gcQgSi1uQp7Z7G1Vbc18+RzFZlTnzgdKecwau0
LRqonYS92cbbWqtae2S/Q08RrRqW6DALHWv9OsFDZMWAqfuGzlR2sE0WiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD7hSto6jOogorKmdt3MQOTjxBNnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUHVGSzJqcU02aUNpc3FaMjNjeEE1T1BFRTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAaOMH8vUw8SoSCDb0/I
eHEqSKiqO78b4TInR4WPE4of3/4OXC4+rfkFDNOFIS+1bErdHQAdCZeRs+iDNCqt
e9h4O+rSbiZhwDpYGK+Ffao4ovnsWG89k0SLdueH6FBObQNIvL4BKVa7TmETwm5g
6D1Ggkc4ROWuZLw2BCs5oHB1ZuZ1CZIrf5va1Ut4Ae0qPjaJKyr94e3wtvaimoiS
bB9Djv90jH7rBjATR5CYKmAsPwkQn5yO8uX+/IxW6CSEDnYUtv9Lk7sQvIt+4slp
63zTzjqr7wxmmRUyuk++bhkJkrsEBPmZjhyEkfFmGBVpuE34tlbDugE+1EENoaXq
n20=
-----END CERTIFICATE-----
Generated at Mon Jul 28 22:10:43 2025 by rpki-client