Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4Pm3246t-a2zSADEysYYeUmNq7g.roa
File: 4Pm3246t-a2zSADEysYYeUmNq7g.roa (raw, json)
Hash identifier: YGxzdIWsc6u8ZB8RZ9/uTkMgCEsEm8Tb4eJwiykX7D8=
Subject key identifier: E0:F9:B7:DB:8E:AD:F9:AD:B3:48:00:C4:CA:C6:18:79:49:8D:AB:B8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B07459A1E880AFB09193BAE8A848F7B90
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4Pm3246t-a2zSADEysYYeUmNq7g.roa
Signing time: Fri 06 Oct 2023 23:14:43 +0000
ROA not before: Fri 06 Oct 2023 23:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:07:45:9a:1e:88:0a:fb:09:19:3b:ae:8a:84:8f:7b:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 23:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e0f9b7db8eadf9adb34800c4cac61879498dabb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e0:ae:22:21:f8:aa:89:ae:cc:09:2c:3d:6a:
e2:58:00:be:f8:e3:0a:27:ee:02:53:75:7f:1f:8b:
e3:0f:d6:39:17:b8:eb:87:fd:f1:b5:92:68:a8:e3:
f5:01:bf:10:11:f9:b5:7d:6d:95:2c:bb:6c:d1:33:
36:38:31:5c:0d:df:2c:84:63:88:94:cb:63:57:d8:
e4:dd:92:d5:76:c5:91:68:95:1b:4b:a3:e5:47:9e:
45:be:f2:a4:52:9a:75:9a:c0:e4:cf:61:47:61:ee:
26:2a:71:54:0e:ae:94:e9:cb:da:61:07:58:e1:2c:
11:bb:65:fe:9f:89:97:03:4e:ed:e6:6d:4f:3e:58:
5b:f5:0c:a0:65:8d:d6:e5:c1:6c:90:14:14:a0:1b:
02:df:2a:ce:be:9b:56:cf:a6:91:ab:1e:0c:87:89:
83:12:75:df:26:71:4e:d4:27:ca:41:c8:90:67:e5:
42:20:6c:f5:88:35:e4:77:a8:a6:18:48:ba:f0:ac:
a1:33:5e:9d:27:99:b1:9f:ab:42:de:d8:7b:be:dd:
88:ea:a9:17:29:a0:a0:24:b4:13:c8:b5:40:59:19:
c5:78:7a:fa:15:86:68:2c:a6:93:88:b3:44:a4:e3:
a6:0a:cf:d2:f0:f6:3c:f3:bb:88:78:e6:b9:6d:50:
88:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F9:B7:DB:8E:AD:F9:AD:B3:48:00:C4:CA:C6:18:79:49:8D:AB:B8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4Pm3246t-a2zSADEysYYeUmNq7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:7b:9c:58:c3:34:62:00:8b:cf:34:47:13:5f:be:40:65:1a:
5a:ca:cc:29:c1:1b:41:ee:aa:45:aa:f8:18:6e:bc:e7:df:d4:
db:a0:c7:d9:f1:86:d3:04:ff:2c:23:f6:51:de:fa:b8:05:71:
6f:3e:db:29:80:76:9e:86:cd:52:f3:ea:56:37:67:76:dd:1c:
9f:48:2c:9f:a5:11:c6:92:c9:f3:0c:6f:c3:2e:7b:d9:c5:4b:
1f:df:ec:ec:54:0b:18:3c:73:d3:d5:02:61:d2:10:8f:f0:6c:
05:f4:b2:4e:0f:cf:bc:f5:43:98:4a:40:79:7c:55:a8:3b:d9:
38:4a:61:a1:ef:78:7b:ba:ce:a1:b6:06:f6:14:c5:8f:35:b6:
99:e0:b7:c9:62:e3:27:bf:e2:5d:a6:53:2d:10:83:38:73:4a:
4f:de:25:50:6f:6b:bb:27:10:24:7e:6b:0a:d9:bc:3d:0a:22:
d8:00:b9:af:b3:32:20:c5:a7:92:8e:87:cd:c1:26:72:3e:c1:
82:68:14:f2:64:f5:ef:68:b6:64:b4:d8:cb:7f:87:b9:58:ba:
ef:88:62:34:5a:93:18:0c:6d:15:6f:ef:1a:d0:c9:a2:89:93:
ec:37:ac:75:01:28:5c:94:66:41:42:01:35:06:c6:4d:39:5a:
9f:b5:99:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsHRZoeiAr7CRk7roqEj3uQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MjMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGY5YjdkYjhlYWRmOWFkYjM0ODAwYzRjYWM2MTg3OTQ5OGRhYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleCuIiH4qomuzAksPWriWAC++OMK
J+4CU3V/H4vjD9Y5F7jrh/3xtZJoqOP1Ab8QEfm1fW2VLLts0TM2ODFcDd8shGOI
lMtjV9jk3ZLVdsWRaJUbS6PlR55FvvKkUpp1msDkz2FHYe4mKnFUDq6U6cvaYQdY
4SwRu2X+n4mXA07t5m1PPlhb9QygZY3W5cFskBQUoBsC3yrOvptWz6aRqx4Mh4mD
EnXfJnFO1CfKQciQZ+VCIGz1iDXkd6imGEi68KyhM16dJ5mxn6tC3th7vt2I6qkX
KaCgJLQTyLVAWRnFeHr6FYZoLKaTiLNEpOOmCs/S8PY887uIeOa5bVCIewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOD5t9uOrfmts0gAxMrGGHlJjau4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNFBtMzI0NnQtYTJ6U0FERXlzWVllVW1OcTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGd7nFjDNGIAi880RxNf
vkBlGlrKzCnBG0HuqkWq+BhuvOff1Nugx9nxhtME/ywj9lHe+rgFcW8+2ymAdp6G
zVLz6lY3Z3bdHJ9ILJ+lEcaSyfMMb8Mue9nFSx/f7OxUCxg8c9PVAmHSEI/wbAX0
sk4Pz7z1Q5hKQHl8Vag72ThKYaHveHu6zqG2BvYUxY81tpngt8li4ye/4l2mUy0Q
gzhzSk/eJVBva7snECR+awrZvD0KItgAua+zMiDFp5KOh83BJnI+wYJoFPJk9e9o
tmS02Mt/h7lYuu+IYjRakxgMbRVv7xrQyaKJk+w3rHUBKFyUZkFCATUGxk05Wp+1
ma4=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:18:47 2025 by rpki-client