Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_gCPg7saGaQ4oCMktdCpHAOC1BI.roa
File: _gCPg7saGaQ4oCMktdCpHAOC1BI.roa (raw, json)
Hash identifier: W5j5s7AjHiFRzBLDB7a8fAPxytLIH2JCqf/FW6jsiM0=
Subject key identifier: FE:00:8F:83:BB:1A:19:A4:38:A0:23:24:B5:D0:A9:1C:03:82:D4:12
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B86BD50F161E8A6648404AD7B70487C63
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_gCPg7saGaQ4oCMktdCpHAOC1BI.roa
Signing time: Tue 31 Oct 2023 17:17:15 +0000
ROA not before: Tue 31 Oct 2023 17:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:bd:50:f1:61:e8:a6:64:84:04:ad:7b:70:48:7c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 17:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe008f83bb1a19a438a02324b5d0a91c0382d412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6a:35:5b:5d:d7:5c:6c:8c:e8:36:87:a8:a1:
86:3c:04:b6:ea:c9:8a:84:5a:e8:c2:5a:fc:44:34:
43:72:21:1b:9c:16:7a:3f:65:30:f8:64:47:7b:0c:
b7:df:49:c6:e7:68:0c:71:de:b3:c8:59:0b:9c:6f:
5d:88:c0:18:c4:e1:97:f0:ae:e5:54:e5:f2:b9:95:
ae:12:0a:ec:08:d2:b4:1d:66:0f:c0:c4:52:5b:f7:
f5:2a:e0:ad:2a:91:be:7d:1c:fb:ce:cc:bc:91:62:
c1:57:e2:cd:63:eb:0c:55:1e:f2:37:f6:8c:9d:87:
6f:98:d8:dc:1a:e1:5a:32:6f:8c:55:74:49:08:9e:
69:92:30:93:79:6f:7a:53:01:a0:01:a2:91:d1:7f:
62:b6:db:76:59:49:b2:26:38:d9:95:c5:7a:31:a5:
1b:99:c5:47:82:f0:3f:01:82:17:89:38:40:48:c6:
f8:88:bc:be:b2:9d:a4:79:35:6b:a8:18:83:51:5c:
2f:ae:f1:7a:57:4f:b4:a9:39:3b:e1:50:1d:3c:29:
9a:b4:7d:78:29:d3:1e:39:2a:22:be:37:b5:48:cf:
a5:f6:0b:29:8b:a6:f8:50:c6:4b:46:11:b2:f4:34:
d8:36:e6:6e:06:bf:92:21:d1:f4:c1:90:57:81:2a:
32:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:00:8F:83:BB:1A:19:A4:38:A0:23:24:B5:D0:A9:1C:03:82:D4:12
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/_gCPg7saGaQ4oCMktdCpHAOC1BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cc:56:1d:28:45:69:8c:f3:74:1b:33:ee:b1:fb:c7:ce:35:95:
9f:6e:e2:c8:f6:2e:5e:e9:e4:47:68:2e:0e:51:dc:b4:22:5a:
b7:10:67:a1:a4:b8:4c:7d:95:0f:1d:8e:2e:94:00:4f:11:c6:
e0:42:bb:23:32:e1:0c:44:c0:60:0b:d1:8f:1e:98:1f:55:af:
48:e9:0a:ae:fe:e7:22:38:cd:51:36:bc:f8:04:78:85:53:09:
08:39:e8:f3:48:88:c3:59:7d:11:48:16:ca:60:1e:c4:ab:de:
8f:e1:4c:29:76:36:20:9c:d7:25:9b:30:f6:59:92:29:65:54:
43:64:00:69:e8:0b:e7:c7:8a:74:65:ff:00:7c:21:35:57:b9:
72:27:15:23:c8:13:07:f1:26:1f:8e:95:29:2f:16:dd:54:92:
04:30:e3:9c:c1:aa:50:ae:33:1f:7e:da:82:3d:af:5d:ce:39:
fc:bc:70:f0:18:36:50:f9:71:5b:4f:c1:2c:b7:af:f5:db:02:
b9:a8:46:bd:44:a3:f3:7a:fe:ba:06:7a:da:91:67:7f:76:cc:
82:2b:4f:0e:99:a0:1e:35:fe:3f:2b:a8:cd:cd:9f:14:74:50:
f6:2c:7b:5e:60:8b:15:b8:60:a3:11:d9:01:4d:43:69:2d:b6:
f0:ad:b2:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuGvVDxYeimZIQErXtwSHxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMTcxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTAwOGY4M2JiMWExOWE0MzhhMDIzMjRiNWQwYTkxYzAzODJkNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2o1W13XXGyM6DaHqKGGPAS26smK
hFrowlr8RDRDciEbnBZ6P2Uw+GRHewy330nG52gMcd6zyFkLnG9diMAYxOGX8K7l
VOXyuZWuEgrsCNK0HWYPwMRSW/f1KuCtKpG+fRz7zsy8kWLBV+LNY+sMVR7yN/aM
nYdvmNjcGuFaMm+MVXRJCJ5pkjCTeW96UwGgAaKR0X9ittt2WUmyJjjZlcV6MaUb
mcVHgvA/AYIXiThASMb4iLy+sp2keTVrqBiDUVwvrvF6V0+0qTk74VAdPCmatH14
KdMeOSoivje1SM+l9gspi6b4UMZLRhGy9DTYNuZuBr+SIdH0wZBXgSoy+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP4Aj4O7GhmkOKAjJLXQqRwDgtQSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvX2dDUGc3c2FHYVE0b0NNa3RkQ3BIQU9DMUJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMxWHShFaYzzdBsz7rH7
x841lZ9u4sj2Ll7p5EdoLg5R3LQiWrcQZ6GkuEx9lQ8dji6UAE8RxuBCuyMy4QxE
wGAL0Y8emB9Vr0jpCq7+5yI4zVE2vPgEeIVTCQg56PNIiMNZfRFIFspgHsSr3o/h
TCl2NiCc1yWbMPZZkillVENkAGnoC+fHinRl/wB8ITVXuXInFSPIEwfxJh+OlSkv
Ft1UkgQw45zBqlCuMx9+2oI9r13OOfy8cPAYNlD5cVtPwSy3r/XbArmoRr1Eo/N6
/roGetqRZ392zIIrTw6ZoB41/j8rqM3NnxR0UPYse15gixW4YKMR2QFNQ2kttvCt
sj0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:45:08 2025 by rpki-client