Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-XqDxyCw7ddbSk0opSCZtqlT2RM.roa
File: 1-XqDxyCw7ddbSk0opSCZtqlT2RM.roa (raw, json)
Hash identifier: 2NAwbj4rWMleTbXSgqRI9qB59LOZDfQAcrCl0kWpz6Q=
Subject key identifier: F9:7A:83:C7:20:B0:ED:D7:5B:4A:4D:28:A5:20:99:B6:A9:53:D9:13
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7CA2153DE6998C53CCA26500CB9A9458
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-XqDxyCw7ddbSk0opSCZtqlT2RM.roa
Signing time: Mon 18 Dec 2023 11:14:06 +0000
ROA not before: Mon 18 Dec 2023 11:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7c:a2:15:3d:e6:99:8c:53:cc:a2:65:00:cb:9a:94:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 11:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f97a83c720b0edd75b4a4d28a52099b6a953d913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a5:46:9a:21:a3:d6:05:c0:1c:66:56:a7:80:
52:44:01:f1:05:3c:f5:35:f7:eb:2f:d7:59:e9:ae:
8f:26:7b:b4:25:a0:17:68:45:a0:f7:53:a4:9b:a7:
da:3e:a1:fa:de:1a:4b:92:04:0f:47:a7:34:4f:69:
04:21:26:0d:cc:ab:27:56:94:4d:29:ec:20:a5:0c:
68:e1:fc:0a:57:b8:77:28:cb:0f:ee:64:e7:0f:5e:
69:69:47:8e:1a:3c:92:06:c0:bd:00:9e:af:25:43:
88:31:c9:7d:27:4c:ec:4c:98:d6:b5:0d:e7:e6:5a:
a8:18:a7:de:3a:be:40:8f:78:68:d7:58:86:f3:a5:
fc:06:03:ca:75:be:25:a5:b9:44:22:34:21:f2:7c:
de:3d:43:a9:eb:26:b9:ce:54:de:9c:bd:30:0f:3f:
97:06:1a:4e:0f:cf:73:e5:ff:95:55:5c:fc:b9:08:
41:ab:ff:ed:8e:37:36:cc:df:7d:b7:55:c4:d8:cb:
59:d6:4e:59:f3:e1:f8:79:ea:64:97:68:9a:d5:bb:
78:61:f8:88:18:d2:0d:2f:88:35:8b:a5:24:15:dd:
3a:35:b1:7b:d3:ea:fd:3d:68:0d:a2:98:21:18:ff:
d7:4a:ed:6f:18:65:ae:18:be:37:f8:eb:e9:66:3f:
52:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7A:83:C7:20:B0:ED:D7:5B:4A:4D:28:A5:20:99:B6:A9:53:D9:13
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-XqDxyCw7ddbSk0opSCZtqlT2RM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d0:20:65:82:49:57:8d:91:0e:73:de:28:42:06:a8:f4:13:ee:
0c:06:5b:20:ac:eb:b7:50:a2:52:e3:b3:80:be:1f:37:9c:b3:
61:06:ae:9b:55:2b:46:f9:c3:21:0c:3b:b8:17:70:2c:a7:93:
d9:04:00:53:1d:34:c6:79:22:64:93:76:df:d7:53:34:8a:45:
28:69:13:6d:ce:de:ef:8e:9f:53:68:d9:48:88:3c:ca:b4:76:
42:6b:56:b7:8f:18:87:58:00:22:7d:03:0d:a0:1f:50:ba:a8:
4d:7a:6a:ac:4d:7f:7a:d5:1c:fc:b0:5f:d0:3a:c0:ab:ed:99:
9d:8b:e4:cd:d1:1f:68:6a:1e:ab:4e:97:04:62:35:be:67:c1:
8a:dc:19:ff:44:b6:8d:6b:4f:35:f5:d6:a2:db:3a:1a:f8:71:
6f:f0:96:25:68:4e:40:1a:5c:e1:a6:f1:40:f2:19:17:a9:bd:
ea:95:d7:29:30:b9:1b:54:fb:ab:fa:93:f6:10:c4:48:37:4f:
51:44:8a:94:45:1b:d5:ec:8e:ef:66:c0:26:3f:c3:eb:2f:20:
08:27:bd:ee:2b:5a:6a:a7:ae:32:57:9f:1b:db:29:7f:df:51:
e8:78:12:f4:3d:57:27:71:0d:4d:5f:1d:ed:0c:6b:ae:5b:1c:
b5:3c:d9:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYx8ohU95pmMU8yiZQDLmpRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MTExNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTdhODNjNzIwYjBlZGQ3NWI0YTRkMjhhNTIwOTliNmE5NTNkOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqVGmiGj1gXAHGZWp4BSRAHxBTz1
NffrL9dZ6a6PJnu0JaAXaEWg91Okm6faPqH63hpLkgQPR6c0T2kEISYNzKsnVpRN
KewgpQxo4fwKV7h3KMsP7mTnD15paUeOGjySBsC9AJ6vJUOIMcl9J0zsTJjWtQ3n
5lqoGKfeOr5Aj3ho11iG86X8BgPKdb4lpblEIjQh8nzePUOp6ya5zlTenL0wDz+X
BhpOD89z5f+VVVz8uQhBq//tjjc2zN99t1XE2MtZ1k5Z8+H4eepkl2ia1bt4YfiI
GNINL4g1i6UkFd06NbF70+r9PWgNopghGP/XSu1vGGWuGL43+OvpZj9SfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPl6g8cgsO3XW0pNKKUgmbapU9kTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1YcUR4eUN3N2RkYlNrMG9wU0NadHFsVDJSTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQDQIGWCSVeNkQ5z3ihC
Bqj0E+4MBlsgrOu3UKJS47OAvh83nLNhBq6bVStG+cMhDDu4F3Asp5PZBABTHTTG
eSJkk3bf11M0ikUoaRNtzt7vjp9TaNlIiDzKtHZCa1a3jxiHWAAifQMNoB9QuqhN
emqsTX961Rz8sF/QOsCr7Zmdi+TN0R9oah6rTpcEYjW+Z8GK3Bn/RLaNa0819dai
2zoa+HFv8JYlaE5AGlzhpvFA8hkXqb3qldcpMLkbVPur+pP2EMRIN09RRIqURRvV
7I7vZsAmP8PrLyAIJ73uK1pqp64yV58b2yl/31HoeBL0PVcncQ1NXx3tDGuuWxy1
PNkI
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:28:13 2025 by rpki-client