Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gFOiJqfu8UqwgObjm9vAV08VKp8.roa
File: gFOiJqfu8UqwgObjm9vAV08VKp8.roa (raw, json)
Hash identifier: UQZHOb3Bc2DWB96nR5jjN/YuUXO5DlfLXJVNw0eKM10=
Subject key identifier: 80:53:A2:26:A7:EE:F1:4A:B0:80:E6:E3:9B:DB:C0:57:4F:15:2A:9F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5FE049211698D19622D31FB3493A4A46
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gFOiJqfu8UqwgObjm9vAV08VKp8.roa
Signing time: Tue 24 Oct 2023 04:10:16 +0000
ROA not before: Tue 24 Oct 2023 04:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5f:e0:49:21:16:98:d1:96:22:d3:1f:b3:49:3a:4a:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 04:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8053a226a7eef14ab080e6e39bdbc0574f152a9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0b:49:03:c6:8d:a9:44:9e:4d:de:6b:4f:7e:
cd:c7:94:8d:ba:64:1c:17:6d:ff:f1:ed:61:03:c8:
6b:bb:a5:48:5c:99:36:08:ec:b5:10:46:c4:cd:e1:
f4:d8:ee:7a:40:41:44:bd:69:d3:7f:4d:00:ac:93:
e0:6e:5a:86:0d:de:80:09:92:e1:a4:14:02:68:e7:
51:e0:56:62:2a:fe:59:82:b2:08:3f:6f:91:a2:d8:
a6:4b:a9:3f:b3:71:26:55:bf:72:32:63:1b:e5:fd:
c8:c4:96:78:4b:bb:5f:21:32:a0:78:85:2e:f1:b4:
16:2d:f0:21:cb:c2:39:55:6c:d5:08:f3:cb:50:01:
23:5d:b4:da:67:be:8f:7e:eb:c0:79:e8:69:d9:f8:
e2:e4:75:a5:f1:6e:63:98:12:fc:76:43:16:74:97:
af:d2:a7:21:0c:83:0e:35:1b:67:fe:5a:78:b8:a9:
ca:92:3e:da:10:f9:fa:dc:19:47:c0:70:7c:0c:6b:
2b:3b:ef:e7:d3:3e:73:05:1b:47:34:06:6d:4e:ff:
bb:97:8a:e1:7c:ac:fb:70:52:67:c4:fc:30:61:73:
8f:9a:e2:4a:42:95:70:c1:73:0f:0c:ad:1f:74:43:
1e:c3:82:6d:58:88:4d:ee:c8:7e:73:99:9f:d0:9c:
dc:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:53:A2:26:A7:EE:F1:4A:B0:80:E6:E3:9B:DB:C0:57:4F:15:2A:9F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gFOiJqfu8UqwgObjm9vAV08VKp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:d2:87:fa:13:da:0f:2a:fb:db:38:d6:d5:2d:07:c3:88:cf:
b8:59:b3:82:2a:24:11:6f:81:cd:22:f8:71:fb:a2:92:72:46:
98:5c:9f:49:b3:34:9b:22:0e:49:e8:31:c6:f8:74:14:57:b7:
e5:81:8d:0c:4e:eb:54:52:73:2e:ec:5c:21:de:71:dc:59:bc:
48:06:99:bb:0a:d0:74:1b:0e:5c:cc:6b:10:52:49:57:80:bf:
c8:57:48:9e:46:0c:04:ad:42:d5:8a:40:00:25:26:f5:86:09:
2d:41:78:7d:2e:63:64:71:3e:c4:b4:fd:58:84:bc:05:4a:b2:
ae:d3:dc:ac:40:0b:3c:05:cb:84:d6:bf:1f:9a:c2:99:ef:49:
4c:ea:91:16:fb:cd:95:94:b0:27:75:5a:c7:fc:7a:b9:90:1b:
cf:95:16:cf:a8:fc:53:74:99:5c:09:a9:75:66:3a:55:1c:fb:
c6:56:0a:2f:45:88:7c:f8:64:4c:50:17:59:69:9b:d0:46:f9:
88:eb:d2:aa:fb:26:dd:b8:82:5a:37:3a:85:e8:bc:89:3d:0b:
05:0f:04:49:6b:b5:7c:03:b5:03:6e:7b:41:44:06:04:d4:a5:
ca:59:20:42:47:64:4c:f7:23:e8:25:07:42:f8:82:4d:20:6b:
75:58:fa:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtf4EkhFpjRliLTH7NJOkpGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MDQxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDUzYTIyNmE3ZWVmMTRhYjA4MGU2ZTM5YmRiYzA1NzRmMTUyYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwtJA8aNqUSeTd5rT37Nx5SNumQc
F23/8e1hA8hru6VIXJk2COy1EEbEzeH02O56QEFEvWnTf00ArJPgblqGDd6ACZLh
pBQCaOdR4FZiKv5ZgrIIP2+RotimS6k/s3EmVb9yMmMb5f3IxJZ4S7tfITKgeIUu
8bQWLfAhy8I5VWzVCPPLUAEjXbTaZ76PfuvAeehp2fji5HWl8W5jmBL8dkMWdJev
0qchDIMONRtn/lp4uKnKkj7aEPn63BlHwHB8DGsrO+/n0z5zBRtHNAZtTv+7l4rh
fKz7cFJnxPwwYXOPmuJKQpVwwXMPDK0fdEMew4JtWIhN7sh+c5mf0JzcBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIBToian7vFKsIDm45vbwFdPFSqfMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ0ZPaUpxZnU4VXF3Z09iam05dkFWMDhWS3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGPSh/oT2g8q+9s41tUt
B8OIz7hZs4IqJBFvgc0i+HH7opJyRphcn0mzNJsiDknoMcb4dBRXt+WBjQxO61RS
cy7sXCHecdxZvEgGmbsK0HQbDlzMaxBSSVeAv8hXSJ5GDAStQtWKQAAlJvWGCS1B
eH0uY2RxPsS0/ViEvAVKsq7T3KxACzwFy4TWvx+awpnvSUzqkRb7zZWUsCd1Wsf8
ermQG8+VFs+o/FN0mVwJqXVmOlUc+8ZWCi9FiHz4ZExQF1lpm9BG+Yjr0qr7Jt24
glo3OoXovIk9CwUPBElrtXwDtQNue0FEBgTUpcpZIEJHZEz3I+glB0L4gk0ga3VY
+h0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:17:39 2025 by rpki-client