Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4mclVoCy_XoMboXPMbsNlA4NopI.roa
File: 4mclVoCy_XoMboXPMbsNlA4NopI.roa (raw, json)
Hash identifier: y1q3L9h10Mmd2pqmYgoc6GOvyNmGWbye2JitjFg5lOs=
Subject key identifier: E2:67:25:56:80:B2:FD:7A:0C:6E:85:CF:31:BB:0D:94:0E:0D:A2:92
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B82A41FE7347A3C941BF918089E693DEA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4mclVoCy_XoMboXPMbsNlA4NopI.roa
Signing time: Mon 30 Oct 2023 22:11:16 +0000
ROA not before: Mon 30 Oct 2023 22:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:82:a4:1f:e7:34:7a:3c:94:1b:f9:18:08:9e:69:3d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 30 22:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e267255680b2fd7a0c6e85cf31bb0d940e0da292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2e:ff:1e:96:fe:89:a7:31:4d:70:b6:82:f5:
fe:c4:61:08:7d:b4:90:aa:ef:85:57:e4:80:af:9a:
45:87:b0:4f:22:7a:46:1c:d2:54:9c:84:19:c8:0e:
01:40:3b:40:38:af:a0:4c:57:20:43:c5:d0:c0:9d:
07:03:f3:ec:86:eb:e1:ab:f8:80:68:00:af:dd:34:
1a:e2:b0:ed:9d:b0:82:35:91:e8:9f:dd:0e:9c:8d:
47:79:e5:d6:c9:22:69:9c:b8:68:e7:f2:94:58:07:
97:c1:bd:2c:ef:6b:17:ae:72:65:de:c2:76:73:63:
da:ec:22:84:f2:8c:47:3d:e3:12:89:8c:13:37:04:
8c:fc:93:f7:6c:58:ae:d8:0c:94:6a:11:aa:44:85:
03:10:cd:96:2c:b2:09:6b:10:59:89:35:3e:28:59:
fd:70:d0:29:6c:96:f7:9b:df:4f:42:a3:1b:90:88:
d5:af:62:41:41:9e:1f:d6:92:61:77:7b:f6:a3:54:
1a:90:aa:76:67:75:9c:dc:1d:a8:0b:12:3d:be:bf:
c4:87:53:e3:f5:19:de:1e:b4:4f:29:c7:24:47:ba:
ee:97:a2:df:ae:9f:f5:92:1b:98:43:8e:ac:fc:a1:
5b:40:2f:de:07:4e:75:44:6c:80:6b:cd:41:c8:01:
8c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:67:25:56:80:B2:FD:7A:0C:6E:85:CF:31:BB:0D:94:0E:0D:A2:92
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/4mclVoCy_XoMboXPMbsNlA4NopI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:62:f3:b9:66:2e:52:ef:d2:5e:4d:87:ac:14:af:7a:3b:d6:
a1:a8:9c:95:e5:71:7e:09:02:a8:ab:59:57:da:ab:64:6a:65:
c4:bb:d7:ff:33:97:f7:08:92:71:6c:b1:0c:a4:c9:a7:a9:a1:
e4:ed:bf:9b:90:ce:6c:fc:7d:b1:0b:d5:6e:35:01:58:c7:f1:
09:66:84:1d:c7:b7:63:a0:87:64:e4:e3:97:5a:11:5c:7c:e7:
ff:9d:51:75:39:1c:e8:a0:d5:91:a1:74:d9:96:6e:20:cc:fd:
4c:04:83:a6:14:f8:8f:f2:fe:92:80:95:83:46:c7:9e:fe:1f:
6e:b9:06:bf:a7:45:34:b4:82:36:6c:bb:6a:6e:eb:cc:0d:a6:
a8:3b:ee:75:3e:e9:e1:b0:e2:d6:41:a8:71:0d:e0:61:98:50:
79:7c:87:40:bb:c2:99:d6:3f:31:08:ed:a5:de:42:f7:39:c1:
dc:10:43:95:69:39:3b:b7:2b:c7:18:ab:87:cb:3b:8a:1e:2d:
2f:d9:00:a6:2d:4a:e0:81:0a:a2:47:7a:bf:98:ca:7e:17:7f:
2b:8d:71:ed:c8:a7:a0:ac:56:6a:d2:45:ef:d3:b7:de:fe:7a:
13:a0:f5:a9:15:d8:69:7f:dc:06:e5:8e:0c:50:03:a3:e4:c1:
36:2b:99:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuCpB/nNHo8lBv5GAieaT3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMwMjIxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjY3MjU1NjgwYjJmZDdhMGM2ZTg1Y2YzMWJiMGQ5NDBlMGRhMjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtC7/Hpb+iacxTXC2gvX+xGEIfbSQ
qu+FV+SAr5pFh7BPInpGHNJUnIQZyA4BQDtAOK+gTFcgQ8XQwJ0HA/Pshuvhq/iA
aACv3TQa4rDtnbCCNZHon90OnI1HeeXWySJpnLho5/KUWAeXwb0s72sXrnJl3sJ2
c2Pa7CKE8oxHPeMSiYwTNwSM/JP3bFiu2AyUahGqRIUDEM2WLLIJaxBZiTU+KFn9
cNApbJb3m99PQqMbkIjVr2JBQZ4f1pJhd3v2o1QakKp2Z3Wc3B2oCxI9vr/Eh1Pj
9RneHrRPKcckR7rul6Lfrp/1khuYQ46s/KFbQC/eB051RGyAa81ByAGM6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOJnJVaAsv16DG6FzzG7DZQODaKSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNG1jbFZvQ3lfWG9NYm9YUE1ic05sQTROb3BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABpi87lmLlLv0l5Nh6wU
r3o71qGonJXlcX4JAqirWVfaq2RqZcS71/8zl/cIknFssQykyaepoeTtv5uQzmz8
fbEL1W41AVjH8QlmhB3Ht2Ogh2Tk45daEVx85/+dUXU5HOig1ZGhdNmWbiDM/UwE
g6YU+I/y/pKAlYNGx57+H265Br+nRTS0gjZsu2pu68wNpqg77nU+6eGw4tZBqHEN
4GGYUHl8h0C7wpnWPzEI7aXeQvc5wdwQQ5VpOTu3K8cYq4fLO4oeLS/ZAKYtSuCB
CqJHer+Yyn4XfyuNce3Ip6CsVmrSRe/Tt97+ehOg9akV2Gl/3AbljgxQA6PkwTYr
mfo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:21:58 2025 by rpki-client