Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/u_a9OeCb_fSooiskecjnxVEPe-o.roa
File: u_a9OeCb_fSooiskecjnxVEPe-o.roa (raw, json)
Hash identifier: YgWDWor68zb6un4cZC+qr2YKNhYod9Z+H9j05Bh5pm0=
Subject key identifier: BB:F6:BD:39:E0:9B:FD:F4:A8:A2:2B:24:79:C8:E7:C5:51:0F:7B:EA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C81C95B6323D3AF785D58CFA7C224CCC2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/u_a9OeCb_fSooiskecjnxVEPe-o.roa
Signing time: Tue 19 Dec 2023 11:15:06 +0000
ROA not before: Tue 19 Dec 2023 11:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:81:c9:5b:63:23:d3:af:78:5d:58:cf:a7:c2:24:cc:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 19 11:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbf6bd39e09bfdf4a8a22b2479c8e7c5510f7bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:30:f2:4e:3b:b5:5e:02:fa:9b:98:b5:ec:71:
53:d6:b2:23:21:35:9a:18:42:54:90:f1:76:4b:dc:
10:dc:e9:f4:e0:73:08:36:29:b3:49:41:ff:b1:d9:
d4:74:94:df:02:de:32:18:23:b7:72:89:17:91:cb:
63:f4:17:43:24:47:02:5b:de:da:55:9e:2a:79:7b:
64:cf:5e:f9:f9:b6:44:f7:c7:f7:99:53:ff:eb:d3:
b9:56:5d:79:c3:e4:61:0e:7a:05:7f:95:15:de:6c:
62:98:27:db:b5:f1:be:a5:b4:ae:26:00:df:44:cb:
39:74:c2:98:4b:2b:b9:20:e0:74:bc:89:81:c6:69:
cd:90:b9:7b:dd:6f:0a:d4:a5:e6:ea:b9:69:87:d3:
dc:27:d5:e4:c0:a8:d0:aa:40:38:8a:59:85:bf:bc:
7f:d2:ca:57:88:16:3c:3a:7c:19:66:07:36:24:df:
ac:0f:ce:cd:72:51:23:d3:59:9b:1e:0b:3c:7f:19:
53:55:e5:24:92:87:98:2a:dd:ac:33:bc:b3:a4:ed:
d4:f6:42:f8:d3:45:e7:ae:09:bf:26:dc:45:4a:bd:
07:0c:8a:ec:6c:ad:c0:1c:74:c0:5b:99:63:ec:8a:
a4:98:9d:f9:fd:c5:3a:2f:cd:8b:3f:9b:05:e0:05:
98:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F6:BD:39:E0:9B:FD:F4:A8:A2:2B:24:79:C8:E7:C5:51:0F:7B:EA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/u_a9OeCb_fSooiskecjnxVEPe-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b9:3d:44:5a:0d:33:4a:29:11:d5:fb:a1:a0:0b:09:a3:52:0f:
a3:94:06:13:37:43:82:fb:7f:ef:ad:d6:2b:df:60:06:36:af:
1b:e3:53:25:ca:38:a4:ec:e5:83:85:38:63:7d:5e:f1:03:38:
1e:05:61:36:02:b0:a1:81:fa:27:a4:be:99:85:8b:0b:9d:f2:
76:e4:40:26:d2:6a:f9:e6:90:f5:70:32:a8:79:5b:5d:90:de:
b2:ac:db:69:33:85:68:5d:d8:b7:bf:c6:3d:8f:ec:6e:46:fd:
92:d8:6a:e2:96:7c:f9:f4:15:75:e0:09:d4:e2:f1:a3:54:3e:
04:bf:bc:f0:17:05:3b:49:ed:ad:d6:13:b9:68:cd:29:60:c4:
08:e7:59:a6:06:87:13:2b:8f:52:e6:a9:c7:8c:09:76:4e:01:
0d:30:af:0f:b7:c5:15:cd:bc:db:01:ae:36:ab:68:f1:0c:ae:
42:80:47:58:e1:ea:c1:40:0c:e3:ba:9e:0e:1b:46:8f:db:b9:
00:7b:4a:25:3e:a8:43:8a:32:4e:53:e4:4a:fb:72:02:74:4e:
d7:f9:23:0e:e5:e9:32:32:2f:be:04:a2:c1:5a:4e:a2:f7:cf:
87:a2:a5:15:cb:d9:18:ee:fc:96:69:a6:de:49:88:9e:85:42:
cc:e3:d4:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyByVtjI9OveF1Yz6fCJMzCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE5MTExNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmY2YmQzOWUwOWJmZGY0YThhMjJiMjQ3OWM4ZTdjNTUxMGY3YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDDyTju1XgL6m5i17HFT1rIjITWa
GEJUkPF2S9wQ3On04HMINimzSUH/sdnUdJTfAt4yGCO3cokXkctj9BdDJEcCW97a
VZ4qeXtkz175+bZE98f3mVP/69O5Vl15w+RhDnoFf5UV3mximCfbtfG+pbSuJgDf
RMs5dMKYSyu5IOB0vImBxmnNkLl73W8K1KXm6rlph9PcJ9XkwKjQqkA4ilmFv7x/
0spXiBY8OnwZZgc2JN+sD87NclEj01mbHgs8fxlTVeUkkoeYKt2sM7yzpO3U9kL4
00Xnrgm/JtxFSr0HDIrsbK3AHHTAW5lj7IqkmJ35/cU6L82LP5sF4AWYuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLv2vTngm/30qKIrJHnI58VRD3vqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdV9hOU9lQ2JfZlNvb2lza2Vjam54VkVQZS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALk9RFoNM0opEdX7oaAL
CaNSD6OUBhM3Q4L7f++t1ivfYAY2rxvjUyXKOKTs5YOFOGN9XvEDOB4FYTYCsKGB
+iekvpmFiwud8nbkQCbSavnmkPVwMqh5W12Q3rKs22kzhWhd2Le/xj2P7G5G/ZLY
auKWfPn0FXXgCdTi8aNUPgS/vPAXBTtJ7a3WE7lozSlgxAjnWaYGhxMrj1LmqceM
CXZOAQ0wrw+3xRXNvNsBrjaraPEMrkKAR1jh6sFADOO6ng4bRo/buQB7SiU+qEOK
Mk5T5Er7cgJ0Ttf5Iw7l6TIyL74EosFaTqL3z4eipRXL2Rju/JZppt5JiJ6FQszj
1KA=
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:33:32 2025 by rpki-client