Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gE0kQD0hb5wrtBVbVOn_VjEZ-pI.roa
File: gE0kQD0hb5wrtBVbVOn_VjEZ-pI.roa (raw, json)
Hash identifier: e92GkYieu7GnXpXNkKn2/1eVJMJln2auMfja47dHvIc=
Subject key identifier: 80:4D:24:40:3D:21:6F:9C:2B:B4:15:5B:54:E9:FF:56:31:19:FA:92
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE58C6F1392D4EC37B9F5B83C5536329F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gE0kQD0hb5wrtBVbVOn_VjEZ-pI.roa
Signing time: Sat 30 Sep 2023 10:05:00 +0000
ROA not before: Sat 30 Sep 2023 10:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:e58b:de71/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e5:8c:6f:13:92:d4:ec:37:b9:f5:b8:3c:55:36:32:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 10:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=804d24403d216f9c2bb4155b54e9ff563119fa92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:9c:cd:94:9e:ae:62:bd:78:d1:05:92:b6:78:
e8:2a:5b:4b:a6:ef:8f:81:cb:19:2b:2a:06:d7:9b:
d4:24:62:31:5b:dc:20:2c:a5:3e:45:e7:ea:6f:5f:
aa:6e:c2:7f:39:83:96:ad:8d:2a:07:77:7e:86:1d:
6a:23:48:84:c5:c4:cc:20:db:8a:17:bb:74:bd:c6:
07:98:66:f0:03:f2:dd:33:4a:64:a6:f6:5f:6d:33:
c0:af:90:68:bf:c0:f5:65:d8:81:8c:2b:f9:4e:53:
0f:4f:be:0b:07:8d:16:25:ef:33:44:d7:c2:f0:9d:
f8:d7:6e:a6:d2:33:ec:0a:43:0d:5e:2b:62:96:b5:
fc:42:f4:8a:17:f6:58:61:a3:99:82:9f:81:28:22:
81:ae:d1:36:b2:22:9d:d6:0e:49:3a:d3:66:00:5c:
6b:7b:39:08:e0:9e:eb:02:0c:a2:c7:56:52:6b:78:
f8:a2:9b:85:61:f5:20:9d:1f:24:ae:64:c2:1e:ed:
8d:8c:fb:37:3d:00:74:8a:f7:18:25:4c:c2:75:cb:
76:50:57:e7:88:46:bf:31:48:4b:e4:37:07:b9:86:
bd:8e:ce:9a:0c:b8:1e:5c:00:ed:df:e3:27:cb:8e:
e1:9d:6b:71:97:64:46:86:6b:9e:70:a0:83:f3:c3:
88:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4D:24:40:3D:21:6F:9C:2B:B4:15:5B:54:E9:FF:56:31:19:FA:92
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gE0kQD0hb5wrtBVbVOn_VjEZ-pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:48:46:4b:3e:81:22:60:9f:71:5b:f1:15:4f:a6:2e:c4:38:
7c:97:f4:86:ae:58:e5:a4:64:97:0b:c1:0f:00:42:d4:19:e1:
dc:80:b5:58:82:82:83:08:6a:06:62:6d:b1:c9:1b:df:fe:23:
b2:8f:0e:1e:5f:eb:c5:d2:61:24:41:25:27:40:8f:e4:62:ee:
b6:86:a3:37:49:5d:84:c4:5b:5c:22:7f:05:3a:84:59:8c:5e:
3b:e6:84:96:9d:de:42:d4:97:40:b5:5d:77:e5:3d:69:87:eb:
3d:6d:c9:9d:8a:cf:b8:4b:1d:51:10:70:93:cc:eb:c2:13:c8:
1a:fb:d2:da:2c:4f:67:52:40:15:e7:e0:04:f3:24:62:58:2b:
ac:e3:c8:85:92:76:00:f6:03:6f:9d:9e:c8:b8:f7:d4:d9:c2:
5c:c7:52:a0:ce:8e:32:31:ec:7d:70:41:1c:ba:19:5a:6c:f4:
2c:de:56:2d:80:12:32:1a:15:68:44:59:85:28:ac:c0:ab:ae:
a7:a1:63:a9:20:ba:31:9c:09:22:f7:f3:24:cd:5b:84:27:9a:
b9:e0:3f:7b:19:aa:43:67:fd:2d:79:34:2b:44:7d:f8:30:ef:
e2:f4:7f:48:57:bf:49:0d:b9:a7:57:07:1a:bf:9f:34:20:26:
81:37:7b:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrljG8TktTsN7n1uDxVNjKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMTAwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDRkMjQ0MDNkMjE2ZjljMmJiNDE1NWI1NGU5ZmY1NjMxMTlmYTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZzNlJ6uYr140QWStnjoKltLpu+P
gcsZKyoG15vUJGIxW9wgLKU+Refqb1+qbsJ/OYOWrY0qB3d+hh1qI0iExcTMINuK
F7t0vcYHmGbwA/LdM0pkpvZfbTPAr5Bov8D1ZdiBjCv5TlMPT74LB40WJe8zRNfC
8J34126m0jPsCkMNXitilrX8QvSKF/ZYYaOZgp+BKCKBrtE2siKd1g5JOtNmAFxr
ezkI4J7rAgyix1ZSa3j4opuFYfUgnR8krmTCHu2NjPs3PQB0ivcYJUzCdct2UFfn
iEa/MUhL5DcHuYa9js6aDLgeXADt3+Mny47hnWtxl2RGhmuecKCD88OIiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBNJEA9IW+cK7QVW1Tp/1YxGfqSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ0Uwa1FEMGhiNXdydEJWYlZPbl9WakVaLXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKZIRks+gSJgn3Fb8RVP
pi7EOHyX9IauWOWkZJcLwQ8AQtQZ4dyAtViCgoMIagZibbHJG9/+I7KPDh5f68XS
YSRBJSdAj+Ri7raGozdJXYTEW1wifwU6hFmMXjvmhJad3kLUl0C1XXflPWmH6z1t
yZ2Kz7hLHVEQcJPM68ITyBr70tosT2dSQBXn4ATzJGJYK6zjyIWSdgD2A2+dnsi4
99TZwlzHUqDOjjIx7H1wQRy6GVps9CzeVi2AEjIaFWhEWYUorMCrrqehY6kgujGc
CSL38yTNW4QnmrngP3sZqkNn/S15NCtEffgw7+L0f0hXv0kNuadXBxq/nzQgJoE3
e7Y=
-----END CERTIFICATE-----
Generated at Mon Jul 28 22:09:31 2025 by rpki-client