Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/G1IVkpoZRo8QDrZX3lW6Ouc3z_g.roa
File: G1IVkpoZRo8QDrZX3lW6Ouc3z_g.roa (raw, json)
Hash identifier: H1r+tfqz8Ovz+L3IdJofxxzplbm6V4t6LpxlBqY5b/c=
Subject key identifier: 1B:52:15:92:9A:19:46:8F:10:0E:B6:57:DE:55:BA:3A:E7:37:CF:F8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C56E0785860BC14A32294860FFB729D4B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/G1IVkpoZRo8QDrZX3lW6Ouc3z_g.roa
Signing time: Mon 11 Dec 2023 03:16:40 +0000
ROA not before: Mon 11 Dec 2023 03:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:56:e0:78:58:60:bc:14:a3:22:94:86:0f:fb:72:9d:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 11 03:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b5215929a19468f100eb657de55ba3ae737cff8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d2:02:03:21:4d:c6:40:f6:c7:e4:18:ee:10:
43:19:b5:00:c1:1f:e0:9b:71:84:8f:ea:bf:83:1f:
52:9b:1c:62:85:01:23:2c:72:68:e0:52:39:36:aa:
ed:f9:0d:a7:89:bb:84:12:a1:ea:29:63:d8:ce:54:
55:85:7e:6c:c1:97:7d:85:29:b1:bb:86:08:08:55:
c2:e1:dd:6e:b6:b3:cc:9e:68:08:40:69:c5:f4:3c:
e9:4e:65:30:10:b5:1c:cf:f0:5c:15:17:5d:e6:a2:
0e:e7:5a:9b:1c:51:d1:f8:32:02:09:fa:39:c5:86:
a5:12:d7:8a:e3:f4:72:60:04:62:22:21:a5:ee:47:
8d:f0:98:59:1d:5b:b3:c8:73:79:d9:9d:f4:bb:9b:
a6:d5:e5:bb:0b:b2:fb:1a:cf:b0:70:cb:c0:af:36:
e6:01:c6:40:a9:e9:b8:8d:1c:9c:45:de:29:5b:f5:
4d:09:c0:01:f8:8f:7a:f1:74:bb:b1:92:cd:4d:a4:
26:d1:0c:db:0f:63:ec:96:d3:92:f7:06:c7:e1:5d:
8d:97:92:56:88:30:8e:8c:18:ad:a4:54:fe:07:54:
09:8d:15:01:bf:a3:ae:2d:43:5c:25:3e:f7:ef:35:
f2:75:3b:82:27:42:ba:a6:72:e5:f4:ae:4f:fc:31:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:52:15:92:9A:19:46:8F:10:0E:B6:57:DE:55:BA:3A:E7:37:CF:F8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/G1IVkpoZRo8QDrZX3lW6Ouc3z_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b6:a7:19:f2:6b:c2:ef:fe:d5:6c:20:c5:f6:02:51:02:dd:23:
2b:85:a1:1f:12:52:1f:7e:18:40:ac:75:a2:da:4d:d8:7f:8d:
54:bd:f8:44:81:f6:26:65:7a:b7:e0:57:d1:16:1c:e3:ea:05:
cd:a2:69:3c:0e:0a:0b:49:17:6c:8a:9a:8a:11:22:1d:43:43:
ed:de:6e:e7:42:25:7e:15:10:dc:6c:10:10:94:2e:1b:c7:33:
62:76:33:53:2b:d9:4b:55:8d:c6:f3:10:f6:58:09:75:b3:41:
23:86:1f:27:fb:38:2b:57:5d:8b:d3:e5:8f:d9:f8:93:8a:d2:
04:da:0e:3b:85:ca:59:9a:df:b3:b2:c6:7c:73:0e:05:0a:ca:
e0:e9:ec:1d:78:f6:18:ed:de:48:2a:dc:8e:88:1a:41:87:bb:
60:da:26:ff:d8:fd:8c:aa:1b:89:5c:80:bb:80:87:58:8f:ee:
d0:a5:c7:8f:5d:4c:de:57:eb:c5:1d:36:0e:93:be:b0:e9:cd:
af:19:a7:fc:37:2f:10:71:dd:d1:e8:c2:3b:4c:5f:6c:bd:eb:
9e:da:bf:d4:81:19:79:f8:cb:a4:f3:bf:58:ef:2d:e2:bd:e9:
05:71:16:94:c5:89:8c:58:cd:ac:58:f9:40:28:fb:8c:9f:ba:
90:d4:8e:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxW4HhYYLwUoyKUhg/7cp1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjExMDMxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjUyMTU5MjlhMTk0NjhmMTAwZWI2NTdkZTU1YmEzYWU3MzdjZmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9ICAyFNxkD2x+QY7hBDGbUAwR/g
m3GEj+q/gx9SmxxihQEjLHJo4FI5Nqrt+Q2nibuEEqHqKWPYzlRVhX5swZd9hSmx
u4YICFXC4d1utrPMnmgIQGnF9DzpTmUwELUcz/BcFRdd5qIO51qbHFHR+DICCfo5
xYalEteK4/RyYARiIiGl7keN8JhZHVuzyHN52Z30u5um1eW7C7L7Gs+wcMvArzbm
AcZAqem4jRycRd4pW/VNCcAB+I968XS7sZLNTaQm0QzbD2PsltOS9wbH4V2Nl5JW
iDCOjBitpFT+B1QJjRUBv6OuLUNcJT737zXydTuCJ0K6pnLl9K5P/DE0EwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBtSFZKaGUaPEA62V95VujrnN8/4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRzFJVmtwb1pSbzhRRHJaWDNsVzZPdWMzel9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALanGfJrwu/+1WwgxfYC
UQLdIyuFoR8SUh9+GECsdaLaTdh/jVS9+ESB9iZlerfgV9EWHOPqBc2iaTwOCgtJ
F2yKmooRIh1DQ+3ebudCJX4VENxsEBCULhvHM2J2M1Mr2UtVjcbzEPZYCXWzQSOG
Hyf7OCtXXYvT5Y/Z+JOK0gTaDjuFylma37OyxnxzDgUKyuDp7B149hjt3kgq3I6I
GkGHu2DaJv/Y/YyqG4lcgLuAh1iP7tClx49dTN5X68UdNg6TvrDpza8Zp/w3LxBx
3dHowjtMX2y9657av9SBGXn4y6Tzv1jvLeK96QVxFpTFiYxYzaxY+UAo+4yfupDU
jjI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:21:04 2025 by rpki-client