Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gURGtVy4Sn7ZDUIzEgPSy1aToBA.roa
File: gURGtVy4Sn7ZDUIzEgPSy1aToBA.roa (raw, json)
Hash identifier: X3nDvbC4z5xRjXI/JBSnRTb0LAYZoLWpoGK9NlzgU0o=
Subject key identifier: 81:44:46:B5:5C:B8:4A:7E:D9:0D:42:33:12:03:D2:CB:56:93:A0:10
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B55CFFD8C93FD5F6943831EF84D2AB349
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gURGtVy4Sn7ZDUIzEgPSy1aToBA.roa
Signing time: Sun 22 Oct 2023 05:16:16 +0000
ROA not before: Sun 22 Oct 2023 05:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:55:cf:fd:8c:93:fd:5f:69:43:83:1e:f8:4d:2a:b3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 05:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=814446b55cb84a7ed90d42331203d2cb5693a010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:63:b4:9d:08:24:d7:e3:45:0b:19:3b:55:44:
7c:00:32:b8:63:ab:c4:52:65:c5:aa:3e:46:03:82:
14:0c:be:55:e6:3e:ed:0d:54:4a:71:d8:51:ee:3c:
08:a4:f4:05:17:bd:67:a6:f1:3f:d4:fe:54:35:74:
4f:8c:b9:ec:05:c3:7e:35:f5:b2:d5:5a:77:65:e5:
fc:88:cb:1d:1e:fb:10:86:14:57:1c:30:a9:94:3a:
9d:83:b2:2c:f8:86:34:7f:60:36:39:c4:79:8a:5e:
67:72:95:92:0a:b8:f3:a2:b9:7b:27:d6:ad:eb:5a:
e2:7d:15:8d:4b:b6:87:ed:26:b0:79:a3:a7:24:d4:
40:42:a4:c6:82:bc:62:12:52:ce:1a:a0:ef:a3:b6:
5c:ea:64:01:ca:c9:74:5f:bf:75:db:fa:d0:9b:35:
4e:4b:43:db:53:4f:8b:32:ae:e8:9c:0e:4a:aa:6c:
59:9c:55:7e:bc:da:9d:08:ed:3c:6f:07:e0:30:87:
ce:8a:64:cc:78:1d:b6:88:0e:88:d1:4d:2b:6a:25:
16:f2:c4:d4:da:71:e5:06:32:ca:c8:1a:1e:b2:fe:
66:dd:60:08:00:08:78:eb:7f:09:c0:bc:73:40:7c:
76:8f:1d:ad:4c:47:f1:d8:51:99:fc:a4:49:09:e4:
49:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:44:46:B5:5C:B8:4A:7E:D9:0D:42:33:12:03:D2:CB:56:93:A0:10
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gURGtVy4Sn7ZDUIzEgPSy1aToBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:24:2b:ad:b0:f5:d4:e3:4f:67:cc:7b:f2:6c:45:b3:da:24:
f2:6b:0c:de:8f:95:f5:fa:d8:6b:1f:83:ce:60:05:86:c3:33:
ce:85:b9:bf:3a:b3:59:5d:5f:ab:4e:ad:b3:ea:ec:ce:97:b5:
48:23:2e:dd:79:87:a0:30:80:9e:5e:dc:19:82:d9:9a:78:7a:
d1:5f:ab:78:f0:f8:10:f1:1b:48:a4:ac:63:9a:64:ef:12:12:
8a:79:ff:05:f9:8f:38:46:bf:9e:6a:f4:1b:04:6e:7a:36:5e:
09:21:aa:3a:97:ea:e9:88:f9:4e:2b:bd:ae:83:60:b5:22:e9:
9b:43:a2:56:8a:12:c2:4b:1d:bc:17:ca:2c:25:12:4b:8b:bc:
34:c0:25:d6:79:58:34:71:db:4b:15:92:34:c5:79:a0:84:40:
fa:ea:10:1e:84:fc:43:ac:d0:b2:ee:4b:c1:9b:23:63:43:51:
1c:fe:bd:bb:14:41:6e:26:38:54:50:e4:69:66:e0:ba:83:95:
62:11:fd:5d:10:c5:7e:24:0f:b4:fa:fb:75:bd:08:9b:87:6c:
ae:6b:19:4b:56:4c:29:70:77:32:9d:89:fc:8c:fd:7d:08:2c:
18:30:bb:50:7c:da:91:32:fb:ff:2c:de:87:da:8d:80:fa:93:
20:4d:65:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtVz/2Mk/1faUODHvhNKrNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMDUxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ0NDZiNTVjYjg0YTdlZDkwZDQyMzMxMjAzZDJjYjU2OTNhMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWO0nQgk1+NFCxk7VUR8ADK4Y6vE
UmXFqj5GA4IUDL5V5j7tDVRKcdhR7jwIpPQFF71npvE/1P5UNXRPjLnsBcN+NfWy
1Vp3ZeX8iMsdHvsQhhRXHDCplDqdg7Is+IY0f2A2OcR5il5ncpWSCrjzorl7J9at
61rifRWNS7aH7SaweaOnJNRAQqTGgrxiElLOGqDvo7Zc6mQBysl0X7912/rQmzVO
S0PbU0+LMq7onA5KqmxZnFV+vNqdCO08bwfgMIfOimTMeB22iA6I0U0raiUW8sTU
2nHlBjLKyBoesv5m3WAIAAh4638JwLxzQHx2jx2tTEfx2FGZ/KRJCeRJDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIFERrVcuEp+2Q1CMxID0stWk6AQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ1VSR3RWeTRTbjdaRFVJekVnUFN5MWFUb0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI4kK62w9dTjT2fMe/Js
RbPaJPJrDN6PlfX62Gsfg85gBYbDM86Fub86s1ldX6tOrbPq7M6XtUgjLt15h6Aw
gJ5e3BmC2Zp4etFfq3jw+BDxG0ikrGOaZO8SEop5/wX5jzhGv55q9BsEbno2Xgkh
qjqX6umI+U4rva6DYLUi6ZtDolaKEsJLHbwXyiwlEkuLvDTAJdZ5WDRx20sVkjTF
eaCEQPrqEB6E/EOs0LLuS8GbI2NDURz+vbsUQW4mOFRQ5Glm4LqDlWIR/V0QxX4k
D7T6+3W9CJuHbK5rGUtWTClwdzKdifyM/X0ILBgwu1B82pEy+/8s3ofajYD6kyBN
Zd4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:34:42 2025 by rpki-client