Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TJ67w1BxjFlWIfre2sWHA6oAw3g.roa
File: TJ67w1BxjFlWIfre2sWHA6oAw3g.roa (raw, json)
Hash identifier: F7YXxGTZTTI0zE1vN1UuqtbIwef3+1waL0fstrB9mOI=
Subject key identifier: 4C:9E:BB:C3:50:71:8C:59:56:21:FA:DE:DA:C5:87:03:AA:00:C3:78
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD2AADBA9B421F00B536738D260117A50
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TJ67w1BxjFlWIfre2sWHA6oAw3g.roa
Signing time: Tue 26 Sep 2023 18:05:27 +0000
ROA not before: Tue 26 Sep 2023 18:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:d2aa:164e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d2:aa:db:a9:b4:21:f0:0b:53:67:38:d2:60:11:7a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 18:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4c9ebbc350718c595621fadedac58703aa00c378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a9:d0:ea:2d:a4:5e:79:e4:4b:dc:9f:0e:d0:
24:18:39:b6:d3:0b:22:40:87:0b:ba:f4:bd:24:e9:
0c:1e:5b:01:77:8c:c8:44:40:f6:4c:66:d6:69:f6:
7c:d2:42:1b:6a:86:82:3e:4b:86:d1:7d:b8:67:50:
97:ec:19:27:ef:71:11:b8:5a:b2:77:d3:ea:4c:bc:
d8:8d:4a:f8:5f:34:6b:6f:4f:32:34:52:56:8c:97:
99:99:07:9b:99:af:69:1f:d4:69:88:6a:64:4b:cc:
e7:5a:8b:ce:61:43:16:42:d1:49:b6:c2:5c:6f:b5:
ed:0e:3a:1c:91:4a:49:69:10:84:1c:a8:bb:6f:f0:
fc:d6:2f:3b:0a:95:ae:7f:1f:af:87:97:9b:62:6c:
5a:77:2a:55:6b:62:ea:f9:88:e9:f1:5f:fb:71:e7:
72:53:f1:29:63:5f:c1:5d:aa:78:1c:72:87:10:5e:
38:ff:49:85:98:9f:82:b4:cb:7e:cf:83:bd:25:31:
b4:8a:e2:29:c3:3a:a0:e1:95:d1:b8:d3:0e:da:0f:
d0:88:db:43:77:d8:57:f0:ce:cc:69:58:8d:1a:95:
a6:e1:d3:68:5c:c0:d0:d2:25:99:11:9d:6a:65:d1:
9f:64:07:b7:d4:83:74:97:ca:f0:66:87:d8:1e:c6:
83:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:9E:BB:C3:50:71:8C:59:56:21:FA:DE:DA:C5:87:03:AA:00:C3:78
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TJ67w1BxjFlWIfre2sWHA6oAw3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:a9:f6:66:d5:8a:84:83:57:36:07:78:e3:79:5d:8a:b8:61:
99:94:8c:e5:ac:6b:30:99:e2:6b:cf:8f:98:5c:76:19:d5:8d:
d4:85:4b:1e:23:1d:76:e0:b9:f2:6a:e7:94:f7:ea:c1:24:ae:
e9:ef:26:46:a6:54:c6:50:89:15:a0:72:3f:de:0f:a8:ae:62:
54:f2:eb:84:a4:ce:3f:da:21:11:fe:b8:e3:bf:35:f7:b7:18:
22:5c:9b:a2:18:3d:d6:38:56:71:e7:ca:31:35:3b:fd:d3:50:
ea:dd:e0:ba:b2:42:d7:c8:94:e9:e9:e5:6e:10:9e:88:42:1e:
10:2e:af:0a:a8:3f:85:1b:d2:e6:68:4d:bb:9a:2f:f1:c8:d8:
2a:df:d0:91:4f:e7:21:99:a8:9e:cf:65:1e:c4:93:63:ba:b9:
ec:71:c4:df:6e:d0:95:bc:11:d6:56:99:35:bd:03:46:ed:a4:
5f:03:5f:6b:71:85:c5:ac:6e:63:92:50:4a:ef:8b:76:88:cf:
83:d1:6e:17:8d:d6:a1:0a:05:cb:ca:a6:f9:f2:4a:ee:d6:e0:
1e:3a:5f:bb:d1:62:2b:64:90:7a:7d:38:a8:18:b9:78:f4:e0:
ab:2d:e2:16:18:2e:15:40:5d:cb:91:b2:1f:7a:59:c7:e5:c9:
55:14:ea:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrSqtuptCHwC1NnONJgEXpQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MTgwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzllYmJjMzUwNzE4YzU5NTYyMWZhZGVkYWM1ODcwM2FhMDBjMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAianQ6i2kXnnkS9yfDtAkGDm20wsi
QIcLuvS9JOkMHlsBd4zIRED2TGbWafZ80kIbaoaCPkuG0X24Z1CX7Bkn73ERuFqy
d9PqTLzYjUr4XzRrb08yNFJWjJeZmQebma9pH9RpiGpkS8znWovOYUMWQtFJtsJc
b7XtDjockUpJaRCEHKi7b/D81i87CpWufx+vh5ebYmxadypVa2Lq+Yjp8V/7cedy
U/EpY1/BXap4HHKHEF44/0mFmJ+CtMt+z4O9JTG0iuIpwzqg4ZXRuNMO2g/QiNtD
d9hX8M7MaViNGpWm4dNoXMDQ0iWZEZ1qZdGfZAe31IN0l8rwZofYHsaD4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEyeu8NQcYxZViH63trFhwOqAMN4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVEo2N3cxQnhqRmxXSWZyZTJzV0hBNm9BdzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABCp9mbVioSDVzYHeON5
XYq4YZmUjOWsazCZ4mvPj5hcdhnVjdSFSx4jHXbgufJq55T36sEkrunvJkamVMZQ
iRWgcj/eD6iuYlTy64Skzj/aIRH+uOO/Nfe3GCJcm6IYPdY4VnHnyjE1O/3TUOrd
4LqyQtfIlOnp5W4QnohCHhAurwqoP4Ub0uZoTbuaL/HI2Crf0JFP5yGZqJ7PZR7E
k2O6uexxxN9u0JW8EdZWmTW9A0btpF8DX2txhcWsbmOSUErvi3aIz4PRbheN1qEK
BcvKpvnySu7W4B46X7vRYitkkHp9OKgYuXj04Kst4hYYLhVAXcuRsh96WcflyVUU
6vI=
-----END CERTIFICATE-----
Generated at Tue Jul 29 05:14:09 2025 by rpki-client