Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/g0BDkuRYd6Qnozq3qasWRNrz8_g.roa
File: g0BDkuRYd6Qnozq3qasWRNrz8_g.roa (raw, json)
Hash identifier: wMkN9QXvpa73F4b8JnoL8KaASb6DG7bXBrmotF4XdKY=
Subject key identifier: 83:40:43:92:E4:58:77:A4:27:A3:3A:B7:A9:AB:16:44:DA:F3:F3:F8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC33703D48D2E90426C0E80AA3B3AA75F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/g0BDkuRYd6Qnozq3qasWRNrz8_g.roa
Signing time: Sat 23 Sep 2023 18:04:37 +0000
ROA not before: Sat 23 Sep 2023 18:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:c336:d0d1/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c3:37:03:d4:8d:2e:90:42:6c:0e:80:aa:3b:3a:a7:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 18:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83404392e45877a427a33ab7a9ab1644daf3f3f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b1:f0:05:cc:db:ce:e5:be:96:b8:7d:f2:38:
7d:f1:e0:d4:d3:80:bc:6f:e8:0e:1c:de:5a:bb:ab:
74:50:d8:36:a2:18:53:19:0d:97:7a:1c:42:5f:80:
c9:b6:ff:80:a0:6a:67:cf:bc:67:71:cb:04:2a:23:
ac:75:68:bd:4e:67:63:ef:7f:2b:bb:f2:81:27:48:
00:f1:ca:02:c9:9d:04:6c:ab:d5:c7:dd:22:40:d3:
c6:64:b0:72:71:26:ed:20:8a:f2:e3:14:e5:ca:c5:
64:b1:17:14:02:c0:06:7d:16:46:1b:f3:59:24:67:
25:35:aa:65:f4:c2:69:b0:78:92:17:15:c2:90:ec:
e6:e5:69:b3:6b:4a:25:12:06:1e:a3:68:a3:d8:e8:
1a:d3:b6:b5:5e:79:37:e4:2d:ff:26:d3:d8:73:d2:
69:79:3c:02:58:c4:de:2b:65:f7:a1:07:9b:e3:2e:
10:e6:af:65:15:d3:0b:3e:aa:cd:62:00:e0:78:39:
dd:79:48:88:41:b9:2b:66:c9:ca:d0:ea:09:a4:98:
1f:b3:75:18:80:84:b3:af:8a:3a:9b:34:41:02:b2:
f5:5d:74:5d:85:07:92:dd:79:43:5d:93:a6:10:d7:
db:58:04:4f:8b:ae:6c:a2:4d:c5:67:a5:ef:d2:84:
38:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:40:43:92:E4:58:77:A4:27:A3:3A:B7:A9:AB:16:44:DA:F3:F3:F8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/g0BDkuRYd6Qnozq3qasWRNrz8_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:fc:ba:07:e8:a1:0c:60:eb:a6:92:e6:d6:d8:7c:79:f4:fb:
74:2f:48:aa:83:4d:53:b8:5f:0a:d4:72:74:1f:7b:11:05:05:
a2:bd:99:ab:7a:d1:7b:72:c9:7f:f4:a0:39:2a:e3:55:4e:c6:
5d:07:76:6b:38:e1:d7:cc:7b:86:40:06:c7:c0:3e:83:00:da:
8c:e8:11:12:e9:e5:16:86:0e:49:d9:45:74:c3:06:60:71:f4:
da:7e:90:8b:82:c1:5c:24:30:62:0a:4f:4a:80:64:ca:61:df:
76:8b:2f:93:5a:da:a3:09:f2:db:e9:86:b1:e0:26:7e:a3:d4:
67:4d:d6:57:4c:40:85:39:3a:83:19:23:f3:14:b3:b6:70:44:
91:c0:d1:36:98:40:13:a4:1c:08:68:df:2b:c8:85:1b:b4:47:
3d:c2:bb:fb:bd:df:91:7d:b3:83:ba:6e:67:ed:b4:75:d5:6e:
5f:ba:39:e6:ab:3f:71:77:c0:7c:52:b1:dc:3c:ab:d8:38:0a:
61:4c:1d:b6:d4:c1:0d:6e:b4:da:ef:e1:7c:94:f7:53:c2:05:
90:5c:27:73:03:42:28:81:1f:ac:71:17:7c:16:b2:16:f4:af:
29:d5:3d:4c:82:05:fd:ba:df:22:cf:78:2b:0c:08:20:3c:ee:
39:3f:b2:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrDNwPUjS6QQmwOgKo7OqdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMTgwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQwNDM5MmU0NTg3N2E0MjdhMzNhYjdhOWFiMTY0NGRhZjNmM2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7HwBczbzuW+lrh98jh98eDU04C8
b+gOHN5au6t0UNg2ohhTGQ2XehxCX4DJtv+AoGpnz7xnccsEKiOsdWi9Tmdj738r
u/KBJ0gA8coCyZ0EbKvVx90iQNPGZLBycSbtIIry4xTlysVksRcUAsAGfRZGG/NZ
JGclNapl9MJpsHiSFxXCkOzm5Wmza0olEgYeo2ij2Oga07a1Xnk35C3/JtPYc9Jp
eTwCWMTeK2X3oQeb4y4Q5q9lFdMLPqrNYgDgeDndeUiIQbkrZsnK0OoJpJgfs3UY
gISzr4o6mzRBArL1XXRdhQeS3XlDXZOmENfbWARPi65sok3FZ6Xv0oQ4qwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFINAQ5LkWHekJ6M6t6mrFkTa8/P4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZzBCRGt1UllkNlFub3pxM3Fhc1dSTnJ6OF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKv8ugfooQxg66aS5tbY
fHn0+3QvSKqDTVO4XwrUcnQfexEFBaK9mat60XtyyX/0oDkq41VOxl0Hdms44dfM
e4ZABsfAPoMA2ozoERLp5RaGDknZRXTDBmBx9Np+kIuCwVwkMGIKT0qAZMph33aL
L5Na2qMJ8tvphrHgJn6j1GdN1ldMQIU5OoMZI/MUs7ZwRJHA0TaYQBOkHAho3yvI
hRu0Rz3Cu/u935F9s4O6bmfttHXVbl+6OearP3F3wHxSsdw8q9g4CmFMHbbUwQ1u
tNrv4XyU91PCBZBcJ3MDQiiBH6xxF3wWshb0rynVPUyCBf263yLPeCsMCCA87jk/
sqg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:52:13 2025 by rpki-client