Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GHPmNMvMQgeTf_K1EVzZjixyby4.roa
File: GHPmNMvMQgeTf_K1EVzZjixyby4.roa (raw, json)
Hash identifier: dYzyh1+UklW9toP2kOnexOyiMjsz/cbjgna8KNpsv+k=
Subject key identifier: 18:73:E6:34:CB:CC:42:07:93:7F:F2:B5:11:5C:D9:8E:2C:72:6F:2E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BDB78FDA2E7695914E3AB2C972E8F59E5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GHPmNMvMQgeTf_K1EVzZjixyby4.roa
Signing time: Fri 17 Nov 2023 04:10:21 +0000
ROA not before: Fri 17 Nov 2023 04:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:db:78:fd:a2:e7:69:59:14:e3:ab:2c:97:2e:8f:59:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 17 04:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1873e634cbcc4207937ff2b5115cd98e2c726f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:65:d3:15:58:f1:8a:b0:f7:6c:8b:e8:4d:
37:35:e3:fe:d5:ed:c8:50:48:1b:b5:e1:99:4d:89:
fa:7a:e9:86:0a:0f:d5:0d:44:f0:56:eb:2f:e3:8b:
1a:2c:64:4c:02:ed:d5:7a:52:db:35:b3:64:0c:ff:
df:d2:e8:34:ad:1f:b4:26:17:c5:44:78:f3:2e:a1:
55:eb:ac:78:64:95:f2:9f:89:7d:2a:1c:1e:6c:14:
0e:9f:79:9b:a8:41:7b:37:14:4e:2c:27:a3:d0:f1:
27:89:d8:12:3c:18:b5:1e:92:38:e9:34:b9:ad:f6:
55:c8:e2:54:54:66:5a:de:db:20:71:87:d0:13:6d:
82:24:7c:8e:f5:cf:dc:bd:be:df:80:35:db:19:8c:
3b:7e:2c:6a:dd:92:cf:8c:44:57:1b:8c:45:97:12:
ae:6b:5b:e8:ab:7a:83:c9:82:6f:b7:37:85:4d:49:
7a:94:50:3f:ff:2d:16:ed:d6:a9:8a:98:15:e5:52:
40:37:74:1c:d9:96:7d:80:85:f5:81:a6:46:38:d1:
fd:20:a5:5a:eb:cd:c3:5f:a0:ff:78:1e:90:09:2c:
02:3f:e1:48:8e:04:33:87:b1:04:e9:0e:09:04:19:
ad:4c:79:b4:c2:61:2c:df:92:8a:de:c1:fe:43:d8:
8a:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:73:E6:34:CB:CC:42:07:93:7F:F2:B5:11:5C:D9:8E:2C:72:6F:2E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GHPmNMvMQgeTf_K1EVzZjixyby4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:20:46:25:ef:58:83:e9:e8:3f:79:79:86:8f:93:37:f1:38:
17:68:26:b2:f1:36:4a:fb:0c:35:9a:95:16:d4:dd:68:eb:f7:
90:21:02:9d:f3:f8:42:43:26:cd:99:5d:aa:85:2e:91:fd:dc:
c7:41:14:7c:3a:5a:bb:19:f9:7b:5e:8e:28:08:cf:b0:e3:71:
c0:03:b6:70:67:e4:05:9e:3e:81:5d:2d:45:d5:12:42:be:c0:
bd:25:1f:a1:1a:ca:f9:01:b4:85:1d:0d:0a:66:d0:05:97:f2:
e5:e3:03:a2:30:96:06:cf:91:d6:2c:58:55:e3:dc:00:27:30:
46:7f:e1:54:28:6e:fe:2e:52:3f:a6:22:60:49:91:f5:5f:a2:
83:c0:4c:4d:9c:01:7e:b6:0c:a1:33:c3:c8:29:f8:6d:18:d0:
20:03:80:a4:be:99:16:bc:4a:ad:c8:d8:94:43:59:1a:f7:d7:
99:b6:ed:16:bf:05:70:1e:1c:26:8c:04:0f:ee:37:d6:ab:87:
a0:c4:a8:7d:95:a5:2f:77:12:7f:2b:e7:f5:f4:02:2b:30:38:
da:94:0b:d1:f8:c4:05:76:b0:3e:c7:3d:ed:f0:84:a7:db:be:
b8:d3:56:e9:6f:69:81:c4:5a:d4:54:ef:07:3a:e9:21:a9:8e:
96:d5:a3:26
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvbeP2i52lZFOOrLJcuj1nlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE3MDQxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODczZTYzNGNiY2M0MjA3OTM3ZmYyYjUxMTVjZDk4ZTJjNzI2ZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh9l0xVY8Yqw92yL6E03NeP+1e3I
UEgbteGZTYn6eumGCg/VDUTwVusv44saLGRMAu3VelLbNbNkDP/f0ug0rR+0JhfF
RHjzLqFV66x4ZJXyn4l9KhwebBQOn3mbqEF7NxROLCej0PEnidgSPBi1HpI46TS5
rfZVyOJUVGZa3tsgcYfQE22CJHyO9c/cvb7fgDXbGYw7fixq3ZLPjERXG4xFlxKu
a1voq3qDyYJvtzeFTUl6lFA//y0W7dapipgV5VJAN3Qc2ZZ9gIX1gaZGONH9IKVa
683DX6D/eB6QCSwCP+FIjgQzh7EE6Q4JBBmtTHm0wmEs35KK3sH+Q9iKawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBhz5jTLzEIHk3/ytRFc2Y4scm8uMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvR0hQbU5Ndk1RZ2VUZl9LMUVWelpqaXh5Ynk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEggRiXvWIPp6D95eYaP
kzfxOBdoJrLxNkr7DDWalRbU3Wjr95AhAp3z+EJDJs2ZXaqFLpH93MdBFHw6WrsZ
+XtejigIz7DjccADtnBn5AWePoFdLUXVEkK+wL0lH6EayvkBtIUdDQpm0AWX8uXj
A6IwlgbPkdYsWFXj3AAnMEZ/4VQobv4uUj+mImBJkfVfooPATE2cAX62DKEzw8gp
+G0Y0CADgKS+mRa8Sq3I2JRDWRr315m27Ra/BXAeHCaMBA/uN9arh6DEqH2VpS93
En8r5/X0AiswONqUC9H4xAV2sD7HPe3whKfbvrjTVulvaYHEWtRU7wc66SGpjpbV
oyY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:43:31 2025 by rpki-client