Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VgC1mHV5aYUVlcAdU1qRYEtXlXI.roa
File: VgC1mHV5aYUVlcAdU1qRYEtXlXI.roa (raw, json)
Hash identifier: F64po/p3MJY4d0jmBzirKpohG5GoR3bzHUIlpozQnK8=
Subject key identifier: 56:00:B5:98:75:79:69:85:15:95:C0:1D:53:5A:91:60:4B:57:95:72
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B213AAE6B4939D27EA635C937EA4A9CD7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VgC1mHV5aYUVlcAdU1qRYEtXlXI.roa
Signing time: Thu 12 Oct 2023 00:12:55 +0000
ROA not before: Thu 12 Oct 2023 00:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:21:3a:ae:6b:49:39:d2:7e:a6:35:c9:37:ea:4a:9c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 12 00:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5600b598757969851595c01d535a91604b579572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c8:9c:7f:84:fb:97:36:9a:40:be:e2:b5:82:
db:c6:e3:b6:d2:6a:80:42:2c:2e:c4:46:59:d0:10:
50:ca:e0:5e:a2:1f:ba:f7:9b:6f:2c:53:68:ad:a6:
23:05:f9:50:d3:a9:90:08:0f:af:de:cc:bb:53:6c:
c9:1a:cf:df:4a:cb:f3:90:c7:f3:3e:a0:57:a4:ae:
69:00:b2:3f:06:b8:56:50:80:c9:2c:39:43:dc:93:
31:9f:89:c8:68:ab:18:24:d8:4f:af:92:60:bc:33:
99:75:85:b2:4d:18:a9:2e:16:04:04:59:c6:b2:38:
e0:95:5e:3d:7d:16:79:a3:0e:20:09:30:ac:ff:9f:
dd:52:ff:16:05:8e:a8:93:cd:a9:4f:64:23:6c:a6:
3d:3f:f7:e1:e9:29:5a:90:9b:e9:ac:2e:3e:41:1f:
2e:9d:26:ec:2e:e6:5c:fa:ec:2d:c3:d8:70:db:24:
50:dd:41:a0:8b:5e:71:61:bb:ae:b0:5c:be:7e:30:
c1:ed:65:fc:82:6b:f6:c7:d5:a9:73:da:be:05:4d:
b7:e1:6e:11:ca:2c:aa:fc:ed:66:33:2f:56:89:05:
28:b1:6f:1d:e2:e9:37:cd:35:dc:92:d0:92:cd:60:
10:e3:75:a5:f9:16:22:7f:3d:d5:1a:54:42:72:04:
28:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:00:B5:98:75:79:69:85:15:95:C0:1D:53:5A:91:60:4B:57:95:72
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VgC1mHV5aYUVlcAdU1qRYEtXlXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b6:e5:29:42:63:2c:d3:68:fd:d1:c4:e7:55:6f:1c:60:b5:f7:
00:d8:f1:20:06:e2:1f:68:70:d6:e9:2a:84:ef:82:1d:13:17:
1c:22:91:55:09:db:9f:50:db:fb:e3:6b:1b:b8:ac:e1:f3:05:
38:e1:77:e6:d2:ae:99:f9:c5:02:d1:65:e2:31:00:67:9b:0c:
4a:c5:ff:c5:2d:33:83:e3:3b:6d:24:ba:99:51:27:b6:8b:b4:
16:9b:e6:83:ad:d7:77:94:2e:49:3f:57:8c:47:15:d9:bf:e9:
fb:9c:bc:bf:1c:76:6f:16:93:39:ac:dc:0c:a4:6d:4e:f3:58:
76:1a:b6:64:21:c1:37:50:84:cb:92:25:57:ff:5f:77:8f:f9:
97:07:a2:f1:09:d3:93:f0:10:03:9f:4e:92:18:7c:ef:0f:b4:
ef:34:d4:75:a4:4c:0b:f8:a1:a5:87:da:30:9a:46:ec:f9:1c:
a3:f3:71:36:5a:1f:07:27:83:4a:92:15:d6:08:e8:7d:00:8c:
22:ac:41:96:31:88:24:f6:ea:fd:f8:0e:d4:62:60:a1:63:06:
0f:a3:57:64:06:64:e4:08:68:c8:39:cb:10:de:0f:92:f3:ce:
7e:6b:dd:57:67:9f:23:81:b0:b7:a4:44:a7:1b:d4:6c:59:0b:
aa:4f:0c:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYshOq5rSTnSfqY1yTfqSpzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEyMDAxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjAwYjU5ODc1Nzk2OTg1MTU5NWMwMWQ1MzVhOTE2MDRiNTc5NTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsicf4T7lzaaQL7itYLbxuO20mqA
QiwuxEZZ0BBQyuBeoh+695tvLFNoraYjBflQ06mQCA+v3sy7U2zJGs/fSsvzkMfz
PqBXpK5pALI/BrhWUIDJLDlD3JMxn4nIaKsYJNhPr5JgvDOZdYWyTRipLhYEBFnG
sjjglV49fRZ5ow4gCTCs/5/dUv8WBY6ok82pT2QjbKY9P/fh6SlakJvprC4+QR8u
nSbsLuZc+uwtw9hw2yRQ3UGgi15xYbuusFy+fjDB7WX8gmv2x9Wpc9q+BU234W4R
yiyq/O1mMy9WiQUosW8d4uk3zTXcktCSzWAQ43Wl+RYifz3VGlRCcgQo1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFYAtZh1eWmFFZXAHVNakWBLV5VyMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVmdDMW1IVjVhWVVWbGNBZFUxcVJZRXRYbFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALblKUJjLNNo/dHE51Vv
HGC19wDY8SAG4h9ocNbpKoTvgh0TFxwikVUJ259Q2/vjaxu4rOHzBTjhd+bSrpn5
xQLRZeIxAGebDErF/8UtM4PjO20kuplRJ7aLtBab5oOt13eULkk/V4xHFdm/6fuc
vL8cdm8Wkzms3AykbU7zWHYatmQhwTdQhMuSJVf/X3eP+ZcHovEJ05PwEAOfTpIY
fO8PtO801HWkTAv4oaWH2jCaRuz5HKPzcTZaHwcng0qSFdYI6H0AjCKsQZYxiCT2
6v34DtRiYKFjBg+jV2QGZOQIaMg5yxDeD5Lzzn5r3VdnnyOBsLekRKcb1GxZC6pP
DAo=
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:14:12 2025 by rpki-client