Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0gQ62zrh4jlcY5SRLX60dQVTrBc.roa
File: 0gQ62zrh4jlcY5SRLX60dQVTrBc.roa (raw, json)
Hash identifier: FP8hHtDxOG2Cy5itCRtfGMCoC5hDjucwSuF8CCqFHpE=
Subject key identifier: D2:04:3A:DB:3A:E1:E2:39:5C:63:94:91:2D:7E:B4:75:05:53:AC:17
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABDE1F6C555428A01ABA415C41E3809BD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0gQ62zrh4jlcY5SRLX60dQVTrBc.roa
Signing time: Fri 22 Sep 2023 17:13:37 +0000
ROA not before: Fri 22 Sep 2023 17:13:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:e1:f6:c5:55:42:8a:01:ab:a4:15:c4:1e:38:09:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 17:13:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2043adb3ae1e2395c6394912d7eb4750553ac17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:40:f6:32:1b:8a:48:91:15:d5:98:a1:86:b7:
24:4e:8e:8c:fb:9c:dc:e2:d7:6e:c0:46:65:04:6b:
4e:50:a4:72:fc:0f:8d:37:78:64:92:33:93:01:0f:
e2:7b:75:8e:98:d0:26:21:ed:1e:f9:06:a4:00:e8:
d4:e8:b8:86:75:24:ba:c7:76:5a:d7:b5:79:62:b7:
7e:36:05:22:1e:74:62:62:2b:d8:80:33:ad:27:d4:
f2:74:3d:b0:8f:11:16:f8:06:cc:de:7b:09:be:75:
1c:dc:fb:15:98:62:c9:ae:33:1b:02:54:73:a1:b6:
fd:1c:2e:2b:96:65:c3:ea:cc:06:75:d0:4e:d0:31:
24:3e:80:e8:39:a8:c9:c5:48:e0:fb:62:43:1b:17:
6c:81:f3:6c:e8:f7:80:d5:db:99:99:ac:be:12:69:
b9:9c:8d:b9:a1:1d:4f:60:80:cf:13:76:30:7c:2b:
85:23:af:c7:f3:42:f6:f8:4e:25:80:f8:e2:05:78:
75:00:29:af:7d:d1:5a:b5:88:d2:e2:f6:35:ce:b6:
dd:94:82:56:4e:c9:df:40:d8:cf:21:14:1c:e2:47:
aa:c1:d4:91:13:74:db:5b:46:ee:a8:d1:f1:10:f1:
22:22:20:ee:12:35:85:95:cb:32:02:10:96:81:56:
f2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:04:3A:DB:3A:E1:E2:39:5C:63:94:91:2D:7E:B4:75:05:53:AC:17
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0gQ62zrh4jlcY5SRLX60dQVTrBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:75:ac:83:4b:74:21:42:9e:20:27:d5:65:cd:2d:de:d2:3c:
82:85:85:26:c8:05:f4:31:65:0c:32:15:43:9e:80:ca:74:58:
9c:bf:f4:b1:c3:06:7a:f2:59:0f:8e:83:91:ed:13:69:7a:23:
92:61:cd:3b:6e:33:66:8b:b6:3a:fb:3d:33:31:1c:2b:33:29:
9b:5c:a6:c3:46:d5:83:b7:8d:3c:18:ed:17:24:72:5d:17:1b:
d2:f7:8a:e5:5e:ba:23:d4:a6:ff:4c:22:13:65:06:f8:9d:c0:
66:5e:b7:e2:25:69:04:04:7d:96:6f:32:4d:e2:0d:51:e0:e8:
13:13:47:7e:8e:4e:d0:47:ff:b9:06:8e:42:8d:36:0e:ca:2a:
32:c2:e7:56:3d:f0:fa:e5:ea:f1:97:81:ca:de:e2:00:ac:47:
d0:12:71:19:a8:12:05:8c:67:75:bc:7c:37:e6:56:57:87:74:
ea:44:3c:b5:77:f2:cf:38:33:54:4b:f9:7c:de:e8:df:bd:71:
dd:14:24:10:0d:54:ad:8e:0c:de:75:7b:47:2f:45:a6:f4:89:
82:9b:dd:19:bd:d8:75:4f:a9:81:89:1e:57:7c:ef:e6:7c:5b:
6c:0e:d0:17:85:1c:eb:8d:71:f3:1a:2f:51:16:20:ab:34:1b:
50:19:6e:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq94fbFVUKKAaukFcQeOAm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMTcxMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjA0M2FkYjNhZTFlMjM5NWM2Mzk0OTEyZDdlYjQ3NTA1NTNhYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0D2MhuKSJEV1ZihhrckTo6M+5zc
4tduwEZlBGtOUKRy/A+NN3hkkjOTAQ/ie3WOmNAmIe0e+QakAOjU6LiGdSS6x3Za
17V5Yrd+NgUiHnRiYivYgDOtJ9TydD2wjxEW+AbM3nsJvnUc3PsVmGLJrjMbAlRz
obb9HC4rlmXD6swGddBO0DEkPoDoOajJxUjg+2JDGxdsgfNs6PeA1duZmay+Emm5
nI25oR1PYIDPE3YwfCuFI6/H80L2+E4lgPjiBXh1ACmvfdFatYjS4vY1zrbdlIJW
TsnfQNjPIRQc4keqwdSRE3TbW0buqNHxEPEiIiDuEjWFlcsyAhCWgVbykQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNIEOts64eI5XGOUkS1+tHUFU6wXMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMGdRNjJ6cmg0amxjWTVTUkxYNjBkUVZUckJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIN1rINLdCFCniAn1WXN
Ld7SPIKFhSbIBfQxZQwyFUOegMp0WJy/9LHDBnryWQ+Og5HtE2l6I5JhzTtuM2aL
tjr7PTMxHCszKZtcpsNG1YO3jTwY7Rckcl0XG9L3iuVeuiPUpv9MIhNlBvidwGZe
t+IlaQQEfZZvMk3iDVHg6BMTR36OTtBH/7kGjkKNNg7KKjLC51Y98Prl6vGXgcre
4gCsR9AScRmoEgWMZ3W8fDfmVleHdOpEPLV38s84M1RL+Xze6N+9cd0UJBANVK2O
DN51e0cvRab0iYKb3Rm92HVPqYGJHld87+Z8W2wO0BeFHOuNcfMaL1EWIKs0G1AZ
bn8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:51:28 2025 by rpki-client