Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VGUBzB2BmSqy3AtXEIaWbyep2_E.roa
File: VGUBzB2BmSqy3AtXEIaWbyep2_E.roa (raw, json)
Hash identifier: 4C9u4HptbNCMdNVY56y7CeZoCrFgoMSgVscwW7HDZNY=
Subject key identifier: 54:65:01:CC:1D:81:99:2A:B2:DC:0B:57:10:86:96:6F:27:A9:DB:F1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7B8E82989B60BD557D8BCA7325BA05FC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VGUBzB2BmSqy3AtXEIaWbyep2_E.roa
Signing time: Mon 18 Dec 2023 06:13:06 +0000
ROA not before: Mon 18 Dec 2023 06:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:8e:82:98:9b:60:bd:55:7d:8b:ca:73:25:ba:05:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 06:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=546501cc1d81992ab2dc0b571086966f27a9dbf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:33:51:c5:69:f6:a5:0c:ad:23:b2:e9:9d:29:
a9:ad:63:cd:19:13:f3:c3:8c:c5:a1:f8:9f:06:e7:
18:8f:e6:27:68:a9:1c:2b:51:20:d2:3a:d5:b0:fa:
8a:b1:cc:a9:71:61:69:bb:5e:57:f8:8b:ce:77:2f:
50:b1:61:12:ab:bb:e6:40:6f:c9:9e:8c:7b:3c:3b:
ad:db:41:b5:46:51:b5:a0:e8:29:8e:85:a9:81:d5:
cc:07:3c:92:93:5a:1e:d7:6b:ad:bf:91:7a:c8:63:
6f:e9:cc:5e:fe:42:f6:44:0f:8e:1d:bb:24:2f:5e:
7c:8e:46:dd:5c:57:60:5b:7b:0c:76:a5:2c:6b:7f:
61:59:62:7d:a8:b8:e9:f6:46:8b:a2:1e:ad:a8:25:
0c:07:3c:f6:68:d1:02:24:34:18:e8:b8:b9:eb:4a:
c0:3b:cf:87:2c:23:de:bf:3f:37:5a:75:49:4d:e4:
d7:29:2c:a8:8f:09:15:35:5d:69:70:bb:d0:b9:c9:
82:ab:f9:3b:c6:bb:0c:6b:eb:ac:1f:cd:00:ed:93:
67:73:7f:7f:2e:de:a4:10:e1:cd:a1:bd:d5:9d:86:
3e:d3:27:83:61:e3:67:1b:ce:85:37:2d:d8:64:c6:
12:c8:60:ec:e0:ea:2c:bf:e7:7d:10:24:11:a5:b7:
e1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:65:01:CC:1D:81:99:2A:B2:DC:0B:57:10:86:96:6F:27:A9:DB:F1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VGUBzB2BmSqy3AtXEIaWbyep2_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c3:9d:c1:d6:dc:0a:b1:51:39:65:0f:3d:61:84:ed:fe:ca:16:
7e:ad:ab:b9:bc:a8:89:53:d4:70:6a:45:a8:2e:0e:06:61:20:
ee:de:91:f8:93:3f:03:f7:68:63:40:a6:ca:83:42:82:0d:ef:
27:55:47:7b:da:ac:39:6a:e7:ce:29:73:3a:4a:f1:1f:9c:85:
f6:e1:c0:46:97:f6:a3:25:c8:6d:f7:7e:63:20:0d:d8:32:f9:
28:37:4b:16:1b:6f:e9:73:b6:87:4c:e4:73:f8:38:2a:ca:e3:
8f:8b:1b:9e:e7:b6:1c:b5:b4:0d:8f:0c:60:e4:5f:0b:dc:56:
9f:1b:1a:ac:34:ec:be:4a:bb:14:8d:ab:cb:ce:93:99:81:f8:
37:90:28:3d:9c:f6:aa:c7:e0:00:03:ab:6e:2b:9c:a5:63:57:
e6:40:8f:20:10:b6:78:4a:50:2d:d4:21:1a:0b:75:80:40:e0:
93:e9:fe:c2:25:8b:3e:38:4e:bb:c2:21:2a:d9:30:48:61:e6:
9d:6a:41:6a:60:8f:56:d8:d6:91:b0:a4:d2:78:2a:33:ac:4b:
d6:d7:80:b1:a4:ea:8c:f9:90:ab:52:34:c7:ff:27:be:16:c5:
e8:26:ce:b8:af:c4:4a:3a:bc:82:a1:2a:d1:8e:b0:17:3e:36:
4f:09:b9:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx7joKYm2C9VX2LynMlugX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MDYxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDY1MDFjYzFkODE5OTJhYjJkYzBiNTcxMDg2OTY2ZjI3YTlkYmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozNRxWn2pQytI7LpnSmprWPNGRPz
w4zFofifBucYj+YnaKkcK1Eg0jrVsPqKscypcWFpu15X+IvOdy9QsWESq7vmQG/J
nox7PDut20G1RlG1oOgpjoWpgdXMBzySk1oe12utv5F6yGNv6cxe/kL2RA+OHbsk
L158jkbdXFdgW3sMdqUsa39hWWJ9qLjp9kaLoh6tqCUMBzz2aNECJDQY6Li560rA
O8+HLCPevz83WnVJTeTXKSyojwkVNV1pcLvQucmCq/k7xrsMa+usH80A7ZNnc39/
Lt6kEOHNob3VnYY+0yeDYeNnG86FNy3YZMYSyGDs4Oosv+d9ECQRpbfhhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFRlAcwdgZkqstwLVxCGlm8nqdvxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVkdVQnpCMkJtU3F5M0F0WEVJYVdieWVwMl9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMOdwdbcCrFROWUPPWGE
7f7KFn6tq7m8qIlT1HBqRaguDgZhIO7ekfiTPwP3aGNApsqDQoIN7ydVR3varDlq
584pczpK8R+chfbhwEaX9qMlyG33fmMgDdgy+Sg3SxYbb+lztodM5HP4OCrK44+L
G57nthy1tA2PDGDkXwvcVp8bGqw07L5KuxSNq8vOk5mB+DeQKD2c9qrH4AADq24r
nKVjV+ZAjyAQtnhKUC3UIRoLdYBA4JPp/sIliz44TrvCISrZMEhh5p1qQWpgj1bY
1pGwpNJ4KjOsS9bXgLGk6oz5kKtSNMf/J74WxegmzrivxEo6vIKhKtGOsBc+Nk8J
uY8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:15:48 2025 by rpki-client