Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gLsSBdz4IY3fiFNHgMqHsIHlCXk.roa
File: gLsSBdz4IY3fiFNHgMqHsIHlCXk.roa (raw, json)
Hash identifier: gT3fOior0+Dmsvb1HgrEXnEU3/qIPGoKKCIlVhK8xKU=
Subject key identifier: 80:BB:12:05:DC:F8:21:8D:DF:88:53:47:80:CA:87:B0:81:E5:09:79
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2774B7D1E92C29B494113DDF14772CB2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gLsSBdz4IY3fiFNHgMqHsIHlCXk.roa
Signing time: Fri 01 Dec 2023 22:16:49 +0000
ROA not before: Fri 01 Dec 2023 22:16:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:27:74:b7:d1:e9:2c:29:b4:94:11:3d:df:14:77:2c:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 22:16:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80bb1205dcf8218ddf88534780ca87b081e50979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2a:96:3a:b6:50:5d:ff:74:06:1b:9c:8f:2b:
5e:a4:b9:7a:37:d1:9a:84:3d:ac:1b:88:63:37:a3:
12:3c:35:24:ee:f1:6f:7d:52:14:9d:d8:e5:6d:b5:
ad:7c:2b:c0:48:9f:05:e0:92:ad:71:a9:ac:18:ed:
ac:22:e5:9f:0a:3a:19:a6:b9:6b:d4:b1:59:12:ac:
59:46:17:76:d3:29:59:90:25:21:a9:a5:b8:68:74:
2e:09:c5:08:4e:72:6c:e8:4b:f1:0d:39:d6:40:8f:
31:4c:cd:a3:41:fe:5f:a4:70:d0:ba:6f:d8:2a:42:
60:ad:f4:21:a9:bd:be:14:ed:6b:7a:cd:a2:19:48:
5d:07:e6:63:8f:f4:4e:31:6b:38:e4:f0:cb:7c:e7:
f8:9f:04:73:b2:41:9b:ca:7e:1f:44:05:7a:6a:25:
6c:30:ed:f6:ba:23:01:d2:ac:99:05:af:02:a0:d8:
68:86:a4:41:58:28:54:46:9e:e9:6f:5c:e9:ce:11:
d3:26:fe:8e:d0:74:21:d7:b2:2f:de:75:17:02:20:
53:91:fe:91:fb:5d:36:4f:cf:4b:9a:0b:a7:94:7a:
12:71:f5:00:63:99:15:12:d1:16:4b:e4:c5:40:5c:
26:54:29:75:3c:4e:0d:7a:54:ad:df:b4:82:c6:47:
de:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:BB:12:05:DC:F8:21:8D:DF:88:53:47:80:CA:87:B0:81:E5:09:79
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gLsSBdz4IY3fiFNHgMqHsIHlCXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:2f:8d:23:71:2b:93:d3:fe:99:0d:18:f2:4b:8a:86:dd:83:
81:cf:50:3d:9e:71:b5:26:bb:36:f2:2a:9e:77:39:bc:b0:4f:
00:56:f4:39:f7:14:81:e1:a1:28:91:86:54:ee:e8:d8:a7:6f:
7d:87:a7:db:89:f9:01:02:6e:da:9d:10:bf:c5:11:e7:2a:f5:
63:13:23:1e:45:f4:d7:46:ed:94:6a:6d:01:56:4a:d3:ad:69:
25:c3:30:f5:7b:b7:62:e9:2d:8b:ac:7c:be:44:28:c3:14:c2:
e6:74:e8:06:09:75:a8:fc:78:0f:c6:d1:5c:19:71:e9:4c:c7:
e3:18:0c:c2:51:49:db:31:44:2e:6e:96:68:4e:9e:fe:c2:86:
0c:63:8a:43:8c:71:ed:d2:9a:25:f0:c5:60:84:3e:0b:f3:ec:
3f:73:66:e8:f6:76:55:85:86:65:ed:2a:fc:9b:1c:02:58:30:
b6:13:ca:f9:8e:41:83:8b:a8:bf:c4:9d:bb:f1:dc:2a:de:4a:
54:9b:98:f6:48:71:76:a8:de:85:f9:f6:c6:9a:9c:82:e3:ab:
47:94:58:4e:44:30:f3:26:79:88:c3:d0:27:ee:47:27:16:73:
f0:94:e8:8f:9a:2f:f1:f2:94:be:6d:79:6f:85:a7:b6:c7:7f:
79:fe:57:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwndLfR6SwptJQRPd8UdyyyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMjIxNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGJiMTIwNWRjZjgyMThkZGY4ODUzNDc4MGNhODdiMDgxZTUwOTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyqWOrZQXf90BhucjytepLl6N9Ga
hD2sG4hjN6MSPDUk7vFvfVIUndjlbbWtfCvASJ8F4JKtcamsGO2sIuWfCjoZprlr
1LFZEqxZRhd20ylZkCUhqaW4aHQuCcUITnJs6EvxDTnWQI8xTM2jQf5fpHDQum/Y
KkJgrfQhqb2+FO1res2iGUhdB+Zjj/ROMWs45PDLfOf4nwRzskGbyn4fRAV6aiVs
MO32uiMB0qyZBa8CoNhohqRBWChURp7pb1zpzhHTJv6O0HQh17Iv3nUXAiBTkf6R
+102T89LmgunlHoScfUAY5kVEtEWS+TFQFwmVCl1PE4NelSt37SCxkfelQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIC7EgXc+CGN34hTR4DKh7CB5Ql5MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ0xzU0JkejRJWTNmaUZOSGdNcUhzSUhsQ1hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI4vjSNxK5PT/pkNGPJL
iobdg4HPUD2ecbUmuzbyKp53ObywTwBW9Dn3FIHhoSiRhlTu6Ninb32Hp9uJ+QEC
btqdEL/FEecq9WMTIx5F9NdG7ZRqbQFWStOtaSXDMPV7t2LpLYusfL5EKMMUwuZ0
6AYJdaj8eA/G0VwZcelMx+MYDMJRSdsxRC5ulmhOnv7ChgxjikOMce3SmiXwxWCE
Pgvz7D9zZuj2dlWFhmXtKvybHAJYMLYTyvmOQYOLqL/Enbvx3CreSlSbmPZIcXao
3oX59saanILjq0eUWE5EMPMmeYjD0CfuRycWc/CU6I+aL/HylL5teW+Fp7bHf3n+
VzM=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:10:04 2025 by rpki-client