Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lGIMeP8JUGm6vD9qfns0sHTSde0.roa
File: lGIMeP8JUGm6vD9qfns0sHTSde0.roa (raw, json)
Hash identifier: u9w8CSB8Rxz0AWdkWW4z7oIZBy5OewNw7Ik4nHsMYrs=
Subject key identifier: 94:62:0C:78:FF:09:50:69:BA:BC:3F:6A:7E:7B:34:B0:74:D2:75:ED
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACEB0F158E95046EA15074D79B4AA982E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lGIMeP8JUGm6vD9qfns0sHTSde0.roa
Signing time: Mon 25 Sep 2023 23:33:37 +0000
ROA not before: Mon 25 Sep 2023 23:33:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ce:b0:f1:58:e9:50:46:ea:15:07:4d:79:b4:aa:98:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 23:33:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94620c78ff095069babc3f6a7e7b34b074d275ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:98:f1:94:ea:3a:78:d2:c4:6f:4d:b3:b4:63:
10:32:33:0f:f6:47:7c:7c:28:ba:55:58:02:d9:38:
a3:5d:e9:05:c6:47:c4:9d:ff:81:c4:79:9f:c9:6b:
33:ea:91:07:41:b4:ac:2d:ec:74:50:27:a7:be:b8:
56:09:4d:7a:ab:02:d9:86:6c:a1:fc:c9:6c:6b:a8:
46:5c:76:8a:2e:74:19:99:90:89:8e:5f:54:56:ab:
96:48:e8:63:2b:52:ce:bd:92:76:f2:3e:fc:3e:7e:
17:2f:fa:21:03:83:f8:b4:ff:d3:be:75:f4:f2:f8:
1b:dd:c4:3b:aa:d0:02:ea:84:d5:15:2f:e0:ed:95:
65:f6:d8:94:20:ae:29:17:e0:2a:84:13:3b:68:1b:
00:96:c4:cd:95:0e:26:05:46:71:a2:51:2c:e0:3c:
b0:32:6b:69:2f:45:7a:f3:91:78:1e:45:f1:17:05:
52:d2:50:22:55:0a:e7:ad:a2:a9:2a:8d:06:a0:b8:
6c:b5:26:e0:5b:9d:f4:bf:9a:ca:00:02:a2:7f:2a:
e0:5c:52:5c:ae:01:3b:e9:3e:06:90:7e:cd:ce:54:
c8:97:a9:2c:79:20:3d:3d:95:4c:51:4c:87:37:b7:
66:3c:98:cd:11:0c:da:60:b8:fe:93:1e:fc:c2:cd:
85:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:62:0C:78:FF:09:50:69:BA:BC:3F:6A:7E:7B:34:B0:74:D2:75:ED
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/lGIMeP8JUGm6vD9qfns0sHTSde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:0d:dc:d5:0e:a0:27:da:93:6b:15:77:44:94:f6:09:da:08:
d5:95:73:cb:86:78:d4:ec:5c:e2:7d:c5:db:cb:84:d7:27:2f:
db:5f:82:43:ff:63:03:e4:84:1d:da:32:22:38:0a:dc:83:4e:
0c:2a:fa:f6:82:ed:71:96:12:31:49:e1:38:76:1a:de:1a:a4:
82:65:f3:3f:4d:0d:e7:bd:dd:6c:af:14:a9:57:11:9e:23:18:
0c:8f:51:12:d0:0c:b2:3d:ad:07:fe:0e:9e:d5:e7:7e:1c:3b:
d3:9f:2a:60:20:1c:fd:98:02:a7:ec:de:74:fa:b8:e3:60:40:
df:82:09:a0:fa:5c:00:da:30:83:59:81:5b:4f:39:b3:24:db:
97:19:77:7e:58:c3:8c:21:31:74:a0:3d:8c:91:09:94:32:cc:
86:66:46:a8:aa:e5:d0:32:69:aa:33:9e:b4:41:68:00:8e:13:
a1:ee:85:9d:4d:ce:68:23:23:9c:d1:d4:19:76:b9:b2:d5:d5:
c6:02:f9:14:56:d3:0e:94:5e:c6:c4:53:77:8f:8b:e3:dc:bf:
8e:51:bc:f3:d5:35:07:8a:d9:7a:ec:08:28:60:e2:13:22:cc:
e7:5d:10:ee:27:db:41:3b:05:89:3e:44:50:82:76:d8:f4:95:
7d:f5:53:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrOsPFY6VBG6hUHTXm0qpguMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MjMzMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDYyMGM3OGZmMDk1MDY5YmFiYzNmNmE3ZTdiMzRiMDc0ZDI3NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZjxlOo6eNLEb02ztGMQMjMP9kd8
fCi6VVgC2TijXekFxkfEnf+BxHmfyWsz6pEHQbSsLex0UCenvrhWCU16qwLZhmyh
/Mlsa6hGXHaKLnQZmZCJjl9UVquWSOhjK1LOvZJ28j78Pn4XL/ohA4P4tP/TvnX0
8vgb3cQ7qtAC6oTVFS/g7ZVl9tiUIK4pF+AqhBM7aBsAlsTNlQ4mBUZxolEs4Dyw
MmtpL0V685F4HkXxFwVS0lAiVQrnraKpKo0GoLhstSbgW530v5rKAAKifyrgXFJc
rgE76T4GkH7NzlTIl6kseSA9PZVMUUyHN7dmPJjNEQzaYLj+kx78ws2FswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJRiDHj/CVBpurw/an57NLB00nXtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbEdJTWVQOEpVR202dkQ5cWZuczBzSFRTZGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEIN3NUOoCfak2sVd0SU
9gnaCNWVc8uGeNTsXOJ9xdvLhNcnL9tfgkP/YwPkhB3aMiI4CtyDTgwq+vaC7XGW
EjFJ4Th2Gt4apIJl8z9NDee93WyvFKlXEZ4jGAyPURLQDLI9rQf+Dp7V534cO9Of
KmAgHP2YAqfs3nT6uONgQN+CCaD6XADaMINZgVtPObMk25cZd35Yw4whMXSgPYyR
CZQyzIZmRqiq5dAyaaoznrRBaACOE6HuhZ1NzmgjI5zR1Bl2ubLV1cYC+RRW0w6U
XsbEU3ePi+Pcv45RvPPVNQeK2XrsCChg4hMizOddEO4n20E7BYk+RFCCdtj0lX31
UzI=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:35:37 2025 by rpki-client