Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GJrftHRtuLLS2k-ZAJqEdlcbqCg.roa
File: GJrftHRtuLLS2k-ZAJqEdlcbqCg.roa (raw, json)
Hash identifier: WAjfss407HkQRhRjfmw/200+DGl13jI2jtnDSSuSAqs=
Subject key identifier: 18:9A:DF:B4:74:6D:B8:B2:D2:DA:4F:99:00:9A:84:76:57:1B:A8:28
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B28F60D8C0A05B60D27A0B2232A463109
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GJrftHRtuLLS2k-ZAJqEdlcbqCg.roa
Signing time: Fri 13 Oct 2023 12:14:55 +0000
ROA not before: Fri 13 Oct 2023 12:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:28:f6:0d:8c:0a:05:b6:0d:27:a0:b2:23:2a:46:31:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 13 12:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=189adfb4746db8b2d2da4f99009a8476571ba828
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:21:d6:4f:a4:fa:b9:a5:0b:0f:4a:d4:69:b5:
ef:f3:9e:f7:91:6e:7a:ca:1e:57:97:77:8b:89:03:
38:e1:b1:9f:f4:4c:02:30:93:0b:26:66:7b:38:4e:
b9:bf:a5:f9:6e:fa:5f:a4:c4:4b:6c:2e:22:2a:02:
e7:98:36:73:ed:31:c6:78:5b:ac:00:93:b0:d4:6d:
da:9f:c1:88:37:04:78:79:24:49:66:6d:b1:cd:2a:
c7:bf:6d:a2:37:04:d9:a0:36:7a:c1:99:8f:89:48:
10:74:41:fc:cf:f7:82:58:c9:ba:fa:db:b2:76:96:
8e:a8:04:04:d7:10:5d:17:38:b0:eb:45:dd:98:28:
7d:84:15:02:04:99:47:df:64:15:2a:d4:09:fd:8f:
6f:52:3a:00:c7:d3:af:85:75:b9:eb:d8:1f:ca:07:
20:25:db:d7:65:aa:e7:98:b8:51:1d:11:14:57:6d:
37:4f:7b:7c:e9:81:41:b6:31:57:d3:08:52:3a:7f:
43:94:4b:5a:5f:5a:59:cc:22:9f:2f:08:99:7d:5d:
a9:ec:0c:6f:5f:ea:e7:88:0d:93:93:73:1b:04:ca:
63:0e:b7:99:a6:55:77:c8:33:b0:55:a7:36:93:3a:
4c:12:aa:8c:4c:e1:f3:c6:9d:37:71:02:69:a5:a5:
29:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9A:DF:B4:74:6D:B8:B2:D2:DA:4F:99:00:9A:84:76:57:1B:A8:28
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GJrftHRtuLLS2k-ZAJqEdlcbqCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:9f:f0:b4:b3:bb:54:34:95:98:d0:b5:09:61:e5:cc:6f:a4:
9d:80:f8:76:7d:c3:7b:b1:20:37:3f:06:52:0e:61:73:4e:10:
e1:69:01:4a:f2:a1:96:41:45:eb:54:11:a8:cc:52:7c:b6:1d:
35:d6:75:77:04:8e:f9:8a:7a:9a:d6:d2:7c:57:9b:73:17:e8:
79:ec:96:bf:3d:ad:50:d6:34:57:9d:e7:8e:04:d2:ac:d5:43:
ec:e8:15:f7:d6:1b:93:26:41:6b:0d:15:7c:c4:da:21:c2:fb:
f7:3c:06:26:bb:35:69:8e:78:9e:aa:12:18:6d:af:86:71:16:
e6:24:ca:7e:6c:49:4e:84:25:ee:f5:98:de:9e:84:8d:e0:ab:
3e:78:b5:76:80:9c:78:f8:42:1e:d9:d9:b9:24:c8:90:09:af:
57:39:8e:c7:03:07:69:2b:03:4f:c3:9e:5a:44:0b:a6:9a:e2:
5d:44:1b:05:20:49:f7:4a:72:d4:65:a1:c3:0c:c7:63:93:47:
b4:f6:7b:99:54:5c:8c:31:fe:7f:0c:92:fa:06:30:78:5c:11:
ff:70:e5:f7:2e:99:63:95:31:07:9f:1f:34:fb:22:f6:73:c9:
08:e2:6d:45:2f:69:35:26:d7:ee:dc:ac:29:8c:ae:55:5f:73:
d0:fb:95:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYso9g2MCgW2DSegsiMqRjEJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEzMTIxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODlhZGZiNDc0NmRiOGIyZDJkYTRmOTkwMDlhODQ3NjU3MWJhODI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgiHWT6T6uaULD0rUabXv8573kW56
yh5Xl3eLiQM44bGf9EwCMJMLJmZ7OE65v6X5bvpfpMRLbC4iKgLnmDZz7THGeFus
AJOw1G3an8GINwR4eSRJZm2xzSrHv22iNwTZoDZ6wZmPiUgQdEH8z/eCWMm6+tuy
dpaOqAQE1xBdFziw60XdmCh9hBUCBJlH32QVKtQJ/Y9vUjoAx9OvhXW569gfygcg
JdvXZarnmLhRHREUV203T3t86YFBtjFX0whSOn9DlEtaX1pZzCKfLwiZfV2p7Axv
X+rniA2Tk3MbBMpjDreZplV3yDOwVac2kzpMEqqMTOHzxp03cQJppaUpkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBia37R0bbiy0tpPmQCahHZXG6goMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvR0pyZnRIUnR1TExTMmstWkFKcUVkbGNicUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIWf8LSzu1Q0lZjQtQlh
5cxvpJ2A+HZ9w3uxIDc/BlIOYXNOEOFpAUryoZZBRetUEajMUny2HTXWdXcEjvmK
eprW0nxXm3MX6Hnslr89rVDWNFed544E0qzVQ+zoFffWG5MmQWsNFXzE2iHC+/c8
Bia7NWmOeJ6qEhhtr4ZxFuYkyn5sSU6EJe71mN6ehI3gqz54tXaAnHj4Qh7Z2bkk
yJAJr1c5jscDB2krA0/DnlpEC6aa4l1EGwUgSfdKctRlocMMx2OTR7T2e5lUXIwx
/n8MkvoGMHhcEf9w5fcumWOVMQefHzT7IvZzyQjibUUvaTUm1+7crCmMrlVfc9D7
lfc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:03:26 2025 by rpki-client