Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Gh3ulw-MHBhZRLBd-eROIfHZUcg.roa
File: Gh3ulw-MHBhZRLBd-eROIfHZUcg.roa (raw, json)
Hash identifier: gTWDW0uAJzIfdAWed9on/mgsdXfN+TNan7fwmgvzlVw=
Subject key identifier: 1A:1D:EE:97:0F:8C:1C:18:59:44:B0:5D:F9:E4:4E:21:F1:D9:51:C8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE40D5732B6AFFB39992B0A8EF872FEEE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Gh3ulw-MHBhZRLBd-eROIfHZUcg.roa
Signing time: Sat 18 Nov 2023 20:09:21 +0000
ROA not before: Sat 18 Nov 2023 20:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e4:0d:57:32:b6:af:fb:39:99:2b:0a:8e:f8:72:fe:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 18 20:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a1dee970f8c1c185944b05df9e44e21f1d951c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8b:0f:77:54:2b:f3:a6:d9:ee:37:87:8e:2d:
46:38:bd:ab:23:e8:ca:4a:d3:e3:fc:59:16:1d:59:
21:cd:3a:8d:8e:84:f6:99:96:b0:ce:24:87:01:3e:
5c:75:d2:7b:ce:cb:76:8f:a7:65:19:ee:c6:74:28:
fe:cf:86:af:b8:d3:1e:a9:a5:a2:9c:4d:54:3b:4d:
01:5a:fc:23:9a:6d:2d:96:95:1c:6f:c4:6d:c4:6b:
31:fa:8b:c6:f7:1a:3e:2b:d1:72:e9:7f:3e:9c:a7:
a2:98:a6:0d:fe:a0:30:c4:e3:a6:e8:b4:e6:9e:10:
c9:82:77:7c:af:98:30:11:1b:5e:ac:a7:a8:f5:d2:
b0:e1:02:08:c4:2a:2f:fb:e4:c3:99:6f:80:e9:cc:
29:de:a9:17:48:77:0f:d6:40:9f:f9:c7:18:c8:73:
97:01:8f:14:66:9d:e0:54:49:7a:f7:ff:00:d7:7d:
14:1b:31:bb:dd:d7:0e:19:23:2e:81:58:05:60:eb:
2b:7a:0d:78:c1:94:47:9e:e1:30:76:c2:13:43:42:
83:10:93:7b:6c:57:10:fb:77:7c:07:4d:dd:96:4b:
05:92:1b:3d:61:7b:2a:92:e3:21:be:49:a4:2d:03:
9f:36:3e:29:50:5d:4d:78:04:72:3f:ea:25:09:26:
b7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1D:EE:97:0F:8C:1C:18:59:44:B0:5D:F9:E4:4E:21:F1:D9:51:C8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Gh3ulw-MHBhZRLBd-eROIfHZUcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:65:20:d5:bc:11:a6:db:72:d8:7e:1c:ce:84:28:9e:94:82:
9e:b0:e4:cb:6c:04:b6:36:ac:2a:d8:01:9e:aa:ce:68:f8:f0:
10:eb:2c:1b:e3:58:f5:49:5c:e7:0d:81:ad:ae:f2:83:d5:67:
0f:87:2f:ec:29:2b:55:c8:fb:45:5d:19:be:43:ab:c9:26:57:
df:3e:6f:12:13:e6:32:a7:51:a9:f4:b3:e0:6c:07:30:e9:47:
3d:e3:91:7f:3a:8a:1c:83:39:46:e8:e8:e8:23:d2:56:0e:21:
86:03:97:26:f4:30:04:59:c7:17:8b:6b:cf:d6:71:df:29:9f:
7f:ad:72:48:dd:a9:fe:bc:b3:a3:d7:76:2b:41:d7:66:51:1c:
c5:e3:91:4a:6a:5a:c1:44:0c:44:1f:ce:09:08:12:58:0f:18:
91:e9:e7:de:ca:58:58:7a:33:2e:15:02:b1:1e:e3:70:55:95:
fd:58:50:99:52:83:17:a7:e4:47:d8:2f:b4:ab:1e:83:94:6a:
cf:39:aa:e2:1a:a9:68:90:5d:c7:f1:b3:b4:e1:a0:a1:1f:c4:
a0:c5:51:23:ba:b1:f7:19:df:f8:21:e8:e0:5f:4f:cb:87:63:
5f:f1:32:d3:ad:6a:e8:db:96:a0:d4:b2:28:8b:b3:d6:63:ad:
34:04:de:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvkDVcytq/7OZkrCo74cv7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE4MjAwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTFkZWU5NzBmOGMxYzE4NTk0NGIwNWRmOWU0NGUyMWYxZDk1MWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgosPd1Qr86bZ7jeHji1GOL2rI+jK
StPj/FkWHVkhzTqNjoT2mZawziSHAT5cddJ7zst2j6dlGe7GdCj+z4avuNMeqaWi
nE1UO00BWvwjmm0tlpUcb8RtxGsx+ovG9xo+K9Fy6X8+nKeimKYN/qAwxOOm6LTm
nhDJgnd8r5gwERterKeo9dKw4QIIxCov++TDmW+A6cwp3qkXSHcP1kCf+ccYyHOX
AY8UZp3gVEl69/8A130UGzG73dcOGSMugVgFYOsreg14wZRHnuEwdsITQ0KDEJN7
bFcQ+3d8B03dlksFkhs9YXsqkuMhvkmkLQOfNj4pUF1NeARyP+olCSa3LwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBod7pcPjBwYWUSwXfnkTiHx2VHIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvR2gzdWx3LU1IQmhaUkxCZC1lUk9JZkhaVWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVlINW8Eabbcth+HM6E
KJ6Ugp6w5MtsBLY2rCrYAZ6qzmj48BDrLBvjWPVJXOcNga2u8oPVZw+HL+wpK1XI
+0VdGb5Dq8kmV98+bxIT5jKnUan0s+BsBzDpRz3jkX86ihyDOUbo6Ogj0lYOIYYD
lyb0MARZxxeLa8/Wcd8pn3+tckjdqf68s6PXditB12ZRHMXjkUpqWsFEDEQfzgkI
ElgPGJHp597KWFh6My4VArEe43BVlf1YUJlSgxen5EfYL7SrHoOUas85quIaqWiQ
Xcfxs7ThoKEfxKDFUSO6sfcZ3/gh6OBfT8uHY1/xMtOtaujblqDUsiiLs9ZjrTQE
3uI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:07:31 2025 by rpki-client