Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nbOgGUvnkKBHBhjjjU-7tWf99Pw.roa
File: nbOgGUvnkKBHBhjjjU-7tWf99Pw.roa (raw, json)
Hash identifier: Uikx1QwK0uDzX42CSTwdClu3b40CNN97sFHvoZeafrE=
Subject key identifier: 9D:B3:A0:19:4B:E7:90:A0:47:06:18:E3:8D:4F:BB:B5:67:FD:F4:FC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4624EB206E7F9EF8AEE5D2A75EE0C68D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nbOgGUvnkKBHBhjjjU-7tWf99Pw.roa
Signing time: Thu 19 Oct 2023 04:15:06 +0000
ROA not before: Thu 19 Oct 2023 04:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:46:24:eb:20:6e:7f:9e:f8:ae:e5:d2:a7:5e:e0:c6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 19 04:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9db3a0194be790a0470618e38d4fbbb567fdf4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f5:ef:dd:b8:c8:f1:75:ca:7c:df:a7:e3:66:
2c:d4:47:57:0c:f2:97:7f:7c:2a:66:b5:0c:a8:8a:
b8:8a:70:45:50:25:e4:52:2c:b7:ad:43:7c:91:14:
44:6c:12:6e:55:f1:59:a8:b1:34:4d:cb:79:01:5e:
7c:99:bc:bd:d6:3c:0a:e0:4b:d8:52:0f:45:96:d7:
ff:f4:35:4d:f5:40:91:76:b6:dd:f5:a0:45:77:cb:
95:42:7c:28:f6:8f:fa:01:0b:e9:a9:c7:32:4b:bf:
26:5b:54:b1:a6:9f:32:a5:07:86:db:e9:c8:9f:c3:
49:de:08:ae:62:41:c0:db:91:96:cc:7c:a5:dc:4a:
11:4c:28:28:15:ef:1c:8b:d7:1a:cf:97:ac:fc:bf:
cb:b0:8b:29:88:b0:d8:2c:32:d8:a7:9c:8f:ee:56:
08:3e:24:89:20:9b:6e:27:d2:25:aa:f3:8a:1f:19:
15:1f:26:58:8b:a2:94:43:fb:71:42:7e:90:ba:68:
5b:9f:3d:2e:b0:e9:e3:ff:2a:61:f9:e2:98:b6:2f:
6e:ee:45:13:64:61:46:e6:de:04:9a:df:c3:69:30:
37:90:f6:23:1b:16:1c:32:48:d7:25:04:f2:02:b8:
51:42:c2:6f:d9:53:79:e0:7a:ca:3f:f0:64:55:a1:
9f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B3:A0:19:4B:E7:90:A0:47:06:18:E3:8D:4F:BB:B5:67:FD:F4:FC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/nbOgGUvnkKBHBhjjjU-7tWf99Pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:87:85:9c:d6:87:06:4b:3c:57:8d:67:41:f5:dc:fa:2e:26:
b3:0d:27:ae:39:48:29:10:f2:8c:2c:c2:92:11:7c:35:ef:de:
f9:59:2f:ca:92:d6:08:1d:c9:80:6b:17:dd:d0:41:13:cd:02:
df:88:42:bf:1d:8f:ae:52:1b:7e:f0:5b:96:cc:a9:3e:cc:c0:
37:60:7a:e1:33:38:9c:6d:a8:a1:30:5d:7d:88:f7:8f:39:d5:
2e:a4:c4:a3:71:75:3f:ca:5c:21:ce:e2:cb:68:c5:c7:dc:b3:
43:28:a5:3e:4b:55:c6:d1:0b:d8:d6:29:66:b2:2f:2f:88:0f:
c2:70:21:5d:e7:c9:ec:99:6a:fd:18:b1:ce:c4:03:12:a3:5e:
47:ff:09:04:5e:0d:d8:36:48:97:fa:03:54:21:4d:b6:c4:d2:
b6:a7:ee:42:a2:5b:83:ec:f2:67:a7:91:db:5b:29:e3:72:e7:
7c:f7:08:2e:1b:12:78:28:b4:11:87:14:a2:cb:49:83:37:84:
16:1b:b9:20:99:6d:00:fe:ea:8a:b1:60:36:4a:c2:b0:28:74:
04:a4:87:21:c1:4e:83:8a:52:f1:bb:ce:de:08:df:37:bd:7d:
ea:86:93:65:21:a4:26:fa:c7:f6:bc:38:3a:e9:32:58:87:1b:
da:89:d6:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtGJOsgbn+e+K7l0qde4MaNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE5MDQxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGIzYTAxOTRiZTc5MGEwNDcwNjE4ZTM4ZDRmYmJiNTY3ZmRmNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/Xv3bjI8XXKfN+n42Ys1EdXDPKX
f3wqZrUMqIq4inBFUCXkUiy3rUN8kRREbBJuVfFZqLE0Tct5AV58mby91jwK4EvY
Ug9Fltf/9DVN9UCRdrbd9aBFd8uVQnwo9o/6AQvpqccyS78mW1Sxpp8ypQeG2+nI
n8NJ3giuYkHA25GWzHyl3EoRTCgoFe8ci9caz5es/L/LsIspiLDYLDLYp5yP7lYI
PiSJIJtuJ9IlqvOKHxkVHyZYi6KUQ/txQn6Qumhbnz0usOnj/yph+eKYti9u7kUT
ZGFG5t4Emt/DaTA3kPYjGxYcMkjXJQTyArhRQsJv2VN54HrKP/BkVaGfMQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ2zoBlL55CgRwYY441Pu7Vn/fT8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbmJPZ0dVdm5rS0JIQmhqampVLTd0V2Y5OVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMmHhZzWhwZLPFeNZ0H1
3PouJrMNJ645SCkQ8owswpIRfDXv3vlZL8qS1ggdyYBrF93QQRPNAt+IQr8dj65S
G37wW5bMqT7MwDdgeuEzOJxtqKEwXX2I94851S6kxKNxdT/KXCHO4stoxcfcs0Mo
pT5LVcbRC9jWKWayLy+ID8JwIV3nyeyZav0Ysc7EAxKjXkf/CQReDdg2SJf6A1Qh
TbbE0ran7kKiW4Ps8menkdtbKeNy53z3CC4bEngotBGHFKLLSYM3hBYbuSCZbQD+
6oqxYDZKwrAodASkhyHBToOKUvG7zt4I3ze9feqGk2UhpCb6x/a8ODrpMliHG9qJ
1kc=
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:46:34 2025 by rpki-client