Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a1Ggyd88I9aBQp_CkUPMxeid0Lg.roa
File: a1Ggyd88I9aBQp_CkUPMxeid0Lg.roa (raw, json)
Hash identifier: 0dsiwF5POgStjuI8LB/Ei473JE2oVtCznGTGcD3tVa8=
Subject key identifier: 6B:51:A0:C9:DF:3C:23:D6:81:42:9F:C2:91:43:CC:C5:E8:9D:D0:B8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2999EB38CFEE3C8A00297D3D8D16A2C4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a1Ggyd88I9aBQp_CkUPMxeid0Lg.roa
Signing time: Sat 02 Dec 2023 08:16:42 +0000
ROA not before: Sat 02 Dec 2023 08:16:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:29:99:eb:38:cf:ee:3c:8a:00:29:7d:3d:8d:16:a2:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 08:16:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6b51a0c9df3c23d681429fc29143ccc5e89dd0b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:93:7d:74:fa:b9:5f:7e:a8:a2:c7:fa:eb:29:
00:ab:32:c6:d0:9e:f3:11:03:8e:18:7d:75:7e:cc:
26:49:f5:79:35:a6:ba:ec:99:6a:20:fd:ff:75:af:
95:15:47:3d:9f:5e:16:30:ca:06:40:06:ba:fc:1b:
a4:db:61:fb:b6:39:38:c6:ee:81:7b:e2:2f:db:3f:
b5:8d:2b:99:de:75:2b:d3:2d:52:42:c2:54:7c:3c:
fe:34:7b:95:6e:bb:c6:00:df:6f:21:aa:ab:91:5d:
3d:2f:27:2a:b1:7e:8f:f6:4f:02:42:67:73:99:76:
81:ea:35:d2:d0:b5:c5:12:de:5a:fd:58:76:60:d2:
79:a2:1c:bd:92:83:1a:5d:d1:66:81:22:8d:1d:c7:
01:cf:53:5b:32:f9:b2:07:42:e2:58:55:f1:25:93:
86:3f:58:88:c4:c1:e3:89:fe:eb:a1:7c:48:b7:10:
32:3d:d2:f5:9f:d2:ba:c5:3f:3b:1b:9f:fa:13:39:
0f:40:43:da:8c:a3:da:8a:b1:4f:37:9d:24:5c:a4:
bd:79:d9:ff:73:34:b1:a5:66:53:b9:ee:ac:51:55:
6b:3e:f9:aa:29:7f:37:c0:cd:2e:64:74:a7:b5:16:
42:d0:fc:ef:71:f4:1c:8d:b5:aa:7f:43:f1:e2:03:
d3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:51:A0:C9:DF:3C:23:D6:81:42:9F:C2:91:43:CC:C5:E8:9D:D0:B8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/a1Ggyd88I9aBQp_CkUPMxeid0Lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:c0:db:24:4b:14:63:61:3c:2a:e9:dd:7c:e4:57:89:fd:e4:
91:e1:56:3e:df:77:19:2e:83:18:2f:59:05:c5:be:ee:ae:af:
bc:93:37:d1:64:36:dc:b1:56:aa:fa:f7:d5:09:16:72:2e:b4:
c3:9f:e9:7f:aa:2b:7f:60:15:ad:a3:3d:4f:c4:ce:84:0f:0f:
51:ef:a2:9f:8a:61:06:8a:2b:97:58:3e:0c:e8:b7:3c:1f:cb:
ac:4f:53:86:6d:23:42:9d:5f:97:de:a3:d3:96:bd:2d:7b:0e:
f6:00:a0:bb:34:51:8b:ff:54:9b:67:0f:c6:fb:f3:c4:5f:7a:
9a:fa:ad:0f:4f:91:f9:ff:e4:e6:8d:9a:6a:68:56:39:45:23:
1d:68:bc:22:0f:17:1f:56:b2:ac:51:5a:f4:86:aa:66:64:14:
bc:bc:14:5a:c4:30:e7:b9:ab:d9:e1:d0:20:57:19:d5:40:f2:
76:78:96:57:43:39:6b:e1:4c:4a:5e:8e:38:67:82:49:b0:3f:
71:28:6e:03:10:13:a1:23:ae:01:84:db:43:23:a7:f1:3c:e9:
7d:f5:23:5b:57:ee:1a:a5:e7:99:bc:70:ad:1a:be:ed:da:33:
b6:62:8f:82:1d:0a:07:7f:e0:86:99:91:58:74:77:2f:af:67:
50:5a:2b:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwpmes4z+48igApfT2NFqLEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMDgxNjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjUxYTBjOWRmM2MyM2Q2ODE0MjlmYzI5MTQzY2NjNWU4OWRkMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz5N9dPq5X36oosf66ykAqzLG0J7z
EQOOGH11fswmSfV5Naa67JlqIP3/da+VFUc9n14WMMoGQAa6/Buk22H7tjk4xu6B
e+Iv2z+1jSuZ3nUr0y1SQsJUfDz+NHuVbrvGAN9vIaqrkV09LycqsX6P9k8CQmdz
mXaB6jXS0LXFEt5a/Vh2YNJ5ohy9koMaXdFmgSKNHccBz1NbMvmyB0LiWFXxJZOG
P1iIxMHjif7roXxItxAyPdL1n9K6xT87G5/6EzkPQEPajKPairFPN50kXKS9edn/
czSxpWZTue6sUVVrPvmqKX83wM0uZHSntRZC0PzvcfQcjbWqf0Px4gPTjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGtRoMnfPCPWgUKfwpFDzMXondC4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYTFHZ3lkODhJOWFCUXBfQ2tVUE14ZWlkMExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAzA2yRLFGNhPCrp3Xzk
V4n95JHhVj7fdxkugxgvWQXFvu6ur7yTN9FkNtyxVqr699UJFnIutMOf6X+qK39g
Fa2jPU/EzoQPD1Hvop+KYQaKK5dYPgzotzwfy6xPU4ZtI0KdX5feo9OWvS17DvYA
oLs0UYv/VJtnD8b788Rfepr6rQ9Pkfn/5OaNmmpoVjlFIx1ovCIPFx9WsqxRWvSG
qmZkFLy8FFrEMOe5q9nh0CBXGdVA8nZ4lldDOWvhTEpejjhngkmwP3EobgMQE6Ej
rgGE20Mjp/E86X31I1tX7hql55m8cK0avu3aM7Zij4IdCgd/4IaZkVh0dy+vZ1Ba
K0o=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:55:40 2025 by rpki-client