Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/G-fKJvLLVf_a_e9MarfBXfdf868.roa
File: G-fKJvLLVf_a_e9MarfBXfdf868.roa (raw, json)
Hash identifier: SRg2ng2L56QF49LzSK3cCwM1pv/PVh66nj3TJ65mYko=
Subject key identifier: 1B:E7:CA:26:F2:CB:55:FF:DA:FD:EF:4C:6A:B7:C1:5D:F7:5F:F3:AF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C661B2D3D366C2509515FC7C1BEB0A8ED
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/G-fKJvLLVf_a_e9MarfBXfdf868.roa
Signing time: Thu 14 Dec 2023 02:15:06 +0000
ROA not before: Thu 14 Dec 2023 02:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:66:1b:2d:3d:36:6c:25:09:51:5f:c7:c1:be:b0:a8:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 02:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1be7ca26f2cb55ffdafdef4c6ab7c15df75ff3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4b:3d:97:6a:1c:b4:c1:e2:e7:dd:39:b2:bf:
ab:69:8b:73:66:ac:6c:ac:fd:ca:fe:3d:ac:b9:12:
f7:94:7e:56:61:dc:eb:37:75:a6:2e:cd:f0:78:35:
15:be:2a:8e:23:99:17:ed:74:12:e2:bd:76:75:83:
bd:41:8d:f7:30:c2:23:d7:5f:54:bd:fd:11:a8:b4:
f8:0b:44:08:0a:5f:3b:e7:2b:23:b9:b9:cc:9c:96:
f4:d3:cb:25:41:12:a2:51:6a:f1:9c:f3:fb:17:69:
7c:fd:83:85:c6:0d:84:68:eb:6c:dc:72:93:84:20:
dd:1e:8d:bc:65:62:1c:ae:6d:40:60:a6:7c:12:59:
c9:0a:b8:0f:a3:12:ff:27:76:07:6f:65:8b:27:ad:
43:17:0e:65:e7:68:53:12:1d:9e:c2:be:c8:77:3c:
8a:93:0c:9f:3a:bc:2f:15:c2:e3:b2:47:17:ac:b5:
63:b3:6b:82:1a:c8:5f:b5:8b:2e:a2:da:94:00:70:
c4:97:ef:7b:35:ee:c8:64:68:7a:b0:d1:ae:13:48:
89:50:c3:57:6d:30:a9:fc:21:49:d5:cc:a1:74:fd:
8e:3e:71:58:d0:50:92:36:80:0b:b0:c7:a7:3b:08:
51:82:54:c2:42:f4:62:23:ad:97:8b:c7:ca:b2:a1:
34:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:E7:CA:26:F2:CB:55:FF:DA:FD:EF:4C:6A:B7:C1:5D:F7:5F:F3:AF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/G-fKJvLLVf_a_e9MarfBXfdf868.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:91:ef:ec:31:1f:73:c2:48:d0:a7:5b:d2:58:96:a2:c2:b1:
4d:a8:20:14:91:ca:0d:26:07:ec:5e:81:bd:0b:19:ae:5d:72:
42:16:36:f4:2b:96:a4:0d:a5:84:bf:05:97:7e:39:9a:5f:5a:
81:1b:6a:33:8e:a8:59:b7:9e:b4:2b:d2:fd:b8:ae:7a:79:9f:
7d:95:5d:09:c3:82:7d:1e:c2:86:46:72:8a:5e:a7:82:bd:be:
3f:70:e4:f1:18:fe:17:2b:48:9b:99:63:15:c8:4b:a7:34:79:
56:5b:0b:d0:42:20:c4:75:20:74:e0:4b:86:cc:aa:88:37:0f:
e8:51:5e:7d:c5:74:77:34:03:86:7f:23:eb:f1:a9:e8:01:af:
93:88:2f:04:f9:53:d6:a7:4d:ee:8b:45:a5:0f:46:36:74:73:
a7:1f:d1:04:9b:ec:7c:f2:4a:4d:eb:fa:80:30:0e:04:a3:22:
49:34:09:cc:fe:58:3a:d6:6d:9b:0d:bb:bf:51:f4:73:2a:8d:
15:81:bb:b7:48:8d:72:7b:8a:ad:10:19:5f:d9:3e:77:d6:04:
34:78:77:d4:53:88:77:20:88:30:32:f7:c9:4f:1c:ee:09:c7:
97:56:15:ef:30:ac:6b:4e:f6:28:bd:63:2e:29:9c:2f:ee:cc:
6d:fa:26:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxmGy09NmwlCVFfx8G+sKjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MDIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmU3Y2EyNmYyY2I1NWZmZGFmZGVmNGM2YWI3YzE1ZGY3NWZmM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUs9l2octMHi5905sr+raYtzZqxs
rP3K/j2suRL3lH5WYdzrN3WmLs3weDUVviqOI5kX7XQS4r12dYO9QY33MMIj119U
vf0RqLT4C0QICl875ysjubnMnJb008slQRKiUWrxnPP7F2l8/YOFxg2EaOts3HKT
hCDdHo28ZWIcrm1AYKZ8ElnJCrgPoxL/J3YHb2WLJ61DFw5l52hTEh2ewr7IdzyK
kwyfOrwvFcLjskcXrLVjs2uCGshftYsuotqUAHDEl+97Ne7IZGh6sNGuE0iJUMNX
bTCp/CFJ1cyhdP2OPnFY0FCSNoALsMenOwhRglTCQvRiI62Xi8fKsqE0uwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBvnyibyy1X/2v3vTGq3wV33X/OvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRy1mS0p2TExWZl9hX2U5TWFyZkJYZmRmODY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADGR7+wxH3PCSNCnW9JY
lqLCsU2oIBSRyg0mB+xegb0LGa5dckIWNvQrlqQNpYS/BZd+OZpfWoEbajOOqFm3
nrQr0v24rnp5n32VXQnDgn0ewoZGcopep4K9vj9w5PEY/hcrSJuZYxXIS6c0eVZb
C9BCIMR1IHTgS4bMqog3D+hRXn3FdHc0A4Z/I+vxqegBr5OILwT5U9anTe6LRaUP
RjZ0c6cf0QSb7HzySk3r+oAwDgSjIkk0Ccz+WDrWbZsNu79R9HMqjRWBu7dIjXJ7
iq0QGV/ZPnfWBDR4d9RTiHcgiDAy98lPHO4Jx5dWFe8wrGtO9ii9Yy4pnC/uzG36
JsY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:04:35 2025 by rpki-client