Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/glDzWm3u1Bhq7rDGj5Sa7YQAMns.roa
File: glDzWm3u1Bhq7rDGj5Sa7YQAMns.roa (raw, json)
Hash identifier: l/M8qLFJHRJQmA3u1bEqW4g8L3kYSpL4WIT4DyEEGeI=
Subject key identifier: 82:50:F3:5A:6D:EE:D4:18:6A:EE:B0:C6:8F:94:9A:ED:84:00:32:7B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC567514C013936E2A1D1A70E959563EA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/glDzWm3u1Bhq7rDGj5Sa7YQAMns.roa
Signing time: Sun 24 Sep 2023 04:16:37 +0000
ROA not before: Sun 24 Sep 2023 04:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c5:67:51:4c:01:39:36:e2:a1:d1:a7:0e:95:95:63:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 04:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8250f35a6deed4186aeeb0c68f949aed8400327b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:99:42:68:48:27:1e:d2:e3:a5:43:33:c0:9f:
e2:1e:36:5e:5e:26:f2:60:cc:d7:c2:16:80:cc:39:
1a:a5:97:2e:bb:8a:e4:5c:12:73:ce:fb:1b:9c:c4:
ee:93:65:cc:60:d1:ee:e8:4c:5d:e2:98:cc:b0:21:
ec:ed:96:9c:1d:0e:0e:40:d3:de:96:c8:e2:08:5e:
dc:ad:64:65:7f:bb:c8:27:a7:a2:c4:f5:e6:a4:fd:
9b:24:f9:4b:8a:32:b8:a8:b1:6c:0e:6f:e7:e2:49:
55:fd:be:11:ab:70:7e:1c:df:c9:d2:ca:fd:44:55:
e4:67:4a:20:5c:9b:a8:45:41:28:fb:13:f5:b5:90:
6e:a1:d8:1e:9a:fa:00:08:54:21:6a:4e:9e:ff:6c:
83:10:bf:c5:94:f2:78:17:27:94:1a:1c:31:cb:ca:
dc:66:ee:cf:ce:15:e1:c4:97:f5:37:9b:5d:67:62:
ad:96:a5:29:4e:33:43:d0:db:c8:9b:55:55:e9:b1:
78:a8:97:e5:78:57:ba:73:06:74:3d:5d:ab:ff:13:
51:b5:ee:75:75:59:d5:c2:0d:5b:e5:6f:5e:7b:95:
6d:aa:e4:84:57:36:31:9b:5a:d5:17:fd:0c:c4:63:
af:68:59:bd:9b:8b:c3:22:02:cc:d1:00:28:aa:8c:
f7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:50:F3:5A:6D:EE:D4:18:6A:EE:B0:C6:8F:94:9A:ED:84:00:32:7B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/glDzWm3u1Bhq7rDGj5Sa7YQAMns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:ea:fc:90:6b:91:bd:75:e9:94:ef:92:da:28:1e:94:25:58:
b5:2a:bf:88:ea:a7:16:ac:0f:26:35:03:7c:84:d1:66:e9:b6:
9d:c7:69:a8:9a:9e:3b:b2:ef:39:13:9c:66:33:dd:f5:2f:c4:
41:a6:88:e5:94:b2:a4:4f:c5:f1:ac:ed:33:48:95:c5:b0:4b:
a0:06:80:d8:93:96:4c:0b:dc:02:ae:55:a4:7b:99:de:31:40:
60:da:3c:28:0f:5a:4c:9b:b7:c8:00:23:fd:af:fa:b2:01:4e:
d3:9c:f0:36:b6:20:bf:48:5d:1a:dd:d1:72:1e:85:a0:27:4b:
15:e1:74:fb:82:b5:5c:d9:89:d7:04:3b:f9:c6:59:69:4d:b0:
9e:15:98:4e:f9:3f:36:2f:53:e7:ea:75:02:03:e5:bc:be:e2:
40:c6:13:bd:15:8a:cb:b9:70:bb:bd:95:13:83:6b:dd:bd:d0:
4b:a2:e0:26:ef:bd:78:44:64:2f:e4:d1:7a:3b:83:ef:18:3b:
ec:d0:66:3e:eb:1b:ee:d9:e7:ca:73:c2:e9:f6:6c:62:46:27:
86:89:74:47:68:6e:66:c2:e0:ed:d0:16:a3:79:1d:5e:e0:44:
e2:e8:e8:2f:f5:6c:81:b6:40:69:90:3f:c5:f1:a1:a6:76:ce:
08:4d:8e:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrFZ1FMATk24qHRpw6VlWPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MDQxNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjUwZjM1YTZkZWVkNDE4NmFlZWIwYzY4Zjk0OWFlZDg0MDAzMjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5lCaEgnHtLjpUMzwJ/iHjZeXiby
YMzXwhaAzDkapZcuu4rkXBJzzvsbnMTuk2XMYNHu6Exd4pjMsCHs7ZacHQ4OQNPe
lsjiCF7crWRlf7vIJ6eixPXmpP2bJPlLijK4qLFsDm/n4klV/b4Rq3B+HN/J0sr9
RFXkZ0ogXJuoRUEo+xP1tZBuodgemvoACFQhak6e/2yDEL/FlPJ4FyeUGhwxy8rc
Zu7PzhXhxJf1N5tdZ2KtlqUpTjND0NvIm1VV6bF4qJfleFe6cwZ0PV2r/xNRte51
dVnVwg1b5W9ee5VtquSEVzYxm1rVF/0MxGOvaFm9m4vDIgLM0QAoqoz3uQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIJQ81pt7tQYau6wxo+Umu2EADJ7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ2xEeldtM3UxQmhxN3JER2o1U2E3WVFBTW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAATq/JBrkb116ZTvktoo
HpQlWLUqv4jqpxasDyY1A3yE0Wbptp3Haaianjuy7zkTnGYz3fUvxEGmiOWUsqRP
xfGs7TNIlcWwS6AGgNiTlkwL3AKuVaR7md4xQGDaPCgPWkybt8gAI/2v+rIBTtOc
8Da2IL9IXRrd0XIehaAnSxXhdPuCtVzZidcEO/nGWWlNsJ4VmE75PzYvU+fqdQID
5by+4kDGE70Visu5cLu9lRODa9290Eui4CbvvXhEZC/k0Xo7g+8YO+zQZj7rG+7Z
58pzwun2bGJGJ4aJdEdobmbC4O3QFqN5HV7gROLo6C/1bIG2QGmQP8XxoaZ2zghN
jgU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:06:40 2025 by rpki-client