Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pfGgrLVAkiJXwkKhEtySHpY5168.roa
File: pfGgrLVAkiJXwkKhEtySHpY5168.roa (raw, json)
Hash identifier: QWAd8/d1ADiBYSZZJQHTyPqbe8+jPD998QdfXTXot+8=
Subject key identifier: A5:F1:A0:AC:B5:40:92:22:57:C2:42:A1:12:DC:92:1E:96:39:D7:AF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5AF2BB135C16EFE7126EF287A41127AD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pfGgrLVAkiJXwkKhEtySHpY5168.roa
Signing time: Mon 11 Dec 2023 22:15:06 +0000
ROA not before: Mon 11 Dec 2023 22:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5a:f2:bb:13:5c:16:ef:e7:12:6e:f2:87:a4:11:27:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 11 22:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5f1a0acb540922257c242a112dc921e9639d7af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:cb:1d:38:93:a6:1d:87:ac:c7:69:9a:43:87:
0e:d4:b3:85:84:49:94:a2:8d:8a:7b:e7:bb:c8:22:
5d:ff:93:88:09:8e:e9:dc:f3:8c:13:17:7d:c4:6c:
13:52:fa:3b:e6:66:52:7d:0b:49:29:9d:d5:a0:d3:
a8:6b:2b:01:1d:8b:10:15:28:ea:08:c2:36:30:fe:
eb:84:7a:da:a0:1e:75:c9:b9:96:68:dc:6e:a7:82:
e7:cf:cc:3d:4d:6f:a1:2d:b5:f4:53:62:dd:72:76:
5f:79:cd:82:fa:22:e6:db:66:d3:5a:d3:4d:4b:d8:
72:42:6b:40:ed:2b:f3:78:41:d3:2f:85:d2:35:90:
73:5e:c2:7b:e0:3b:e1:23:bf:a7:83:ec:1c:59:ef:
4a:cb:65:b7:1b:1b:3e:35:1e:10:bd:0b:dc:52:12:
cc:a3:ac:1d:f9:4c:c6:ad:49:8e:0e:64:c1:a5:a3:
0f:4e:60:a7:25:1c:d9:d2:47:3b:02:e6:50:63:04:
e3:e0:95:77:87:85:67:49:9d:5e:93:4d:34:10:2e:
87:ff:c2:d2:1b:78:a9:73:23:8e:20:05:67:3d:74:
7e:fc:a5:86:af:02:91:0f:18:b6:e8:ae:19:b7:0e:
68:15:cf:6b:0d:4b:04:42:81:4a:96:99:36:da:d5:
20:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F1:A0:AC:B5:40:92:22:57:C2:42:A1:12:DC:92:1E:96:39:D7:AF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/pfGgrLVAkiJXwkKhEtySHpY5168.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:42:12:c3:86:42:7a:e5:f6:4c:bd:b6:95:3c:ba:d2:96:81:
3c:48:d8:be:f7:eb:5f:a9:d5:1a:02:31:99:74:b2:06:a7:9f:
8c:44:24:9c:a2:ac:71:27:2e:9d:30:b9:5a:b7:0a:8f:38:0d:
14:66:79:7d:02:0c:93:9d:81:bf:9a:c5:b5:6d:0c:bc:f1:34:
d2:00:95:87:ac:74:ef:eb:22:6e:a4:e2:36:db:1d:d2:fb:50:
c1:34:93:3a:1c:66:af:43:55:ff:ce:0b:1f:93:38:da:90:62:
56:e8:ab:ee:7f:53:8b:21:6a:94:4e:4b:a9:22:3f:8c:97:51:
15:b8:6f:bb:98:ec:33:fe:2b:76:fc:7d:5b:b1:6b:cd:31:be:
b7:66:2f:28:38:19:aa:2d:41:44:ae:20:e0:c7:1e:af:8e:83:
cc:e9:04:9b:8d:51:92:e7:87:f7:5d:04:bd:54:69:a8:53:13:
ab:76:13:a5:80:c7:f0:07:b5:2c:9f:36:c7:7b:fa:50:f3:59:
a6:36:07:c8:5a:a3:86:48:29:a2:fb:a5:02:28:5b:e6:2b:21:
70:b8:f5:74:7f:1d:74:1c:d3:2d:74:94:0b:fc:7d:22:8f:28:
f7:cc:fd:ce:67:fc:7d:6c:b0:d2:ff:f7:21:85:cd:3e:77:3d:
09:8b:b5:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxa8rsTXBbv5xJu8oekESetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjExMjIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWYxYTBhY2I1NDA5MjIyNTdjMjQyYTExMmRjOTIxZTk2MzlkN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8sdOJOmHYesx2maQ4cO1LOFhEmU
oo2Ke+e7yCJd/5OICY7p3POMExd9xGwTUvo75mZSfQtJKZ3VoNOoaysBHYsQFSjq
CMI2MP7rhHraoB51ybmWaNxup4Lnz8w9TW+hLbX0U2LdcnZfec2C+iLm22bTWtNN
S9hyQmtA7SvzeEHTL4XSNZBzXsJ74DvhI7+ng+wcWe9Ky2W3Gxs+NR4QvQvcUhLM
o6wd+UzGrUmODmTBpaMPTmCnJRzZ0kc7AuZQYwTj4JV3h4VnSZ1ek000EC6H/8LS
G3ipcyOOIAVnPXR+/KWGrwKRDxi26K4Ztw5oFc9rDUsEQoFKlpk22tUg1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKXxoKy1QJIiV8JCoRLckh6WOdevMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcGZHZ3JMVkFraUpYd2tLaEV0eVNIcFk1MTY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHBCEsOGQnrl9ky9tpU8
utKWgTxI2L7361+p1RoCMZl0sgann4xEJJyirHEnLp0wuVq3Co84DRRmeX0CDJOd
gb+axbVtDLzxNNIAlYesdO/rIm6k4jbbHdL7UME0kzocZq9DVf/OCx+TONqQYlbo
q+5/U4shapROS6kiP4yXURW4b7uY7DP+K3b8fVuxa80xvrdmLyg4GaotQUSuIODH
Hq+Og8zpBJuNUZLnh/ddBL1UaahTE6t2E6WAx/AHtSyfNsd7+lDzWaY2B8hao4ZI
KaL7pQIoW+YrIXC49XR/HXQc0y10lAv8fSKPKPfM/c5n/H1ssNL/9yGFzT53PQmL
tW0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:50:29 2025 by rpki-client