Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sgTMv7jPynv49DAfD9MaCLk2_3Y.roa
File: sgTMv7jPynv49DAfD9MaCLk2_3Y.roa (raw, json)
Hash identifier: 7lorimf7EIFz7h0H8p1rdlG8clluatngDPSsjcR81iQ=
Subject key identifier: B2:04:CC:BF:B8:CF:CA:7B:F8:F4:30:1F:0F:D3:1A:08:B9:36:FF:76
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1C1C12140EE2FB202317C8D1A7CAFBBA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sgTMv7jPynv49DAfD9MaCLk2_3Y.roa
Signing time: Wed 11 Oct 2023 00:21:23 +0000
ROA not before: Wed 11 Oct 2023 00:21:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1c:1c:12:14:0e:e2:fb:20:23:17:c8:d1:a7:ca:fb:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 11 00:21:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b204ccbfb8cfca7bf8f4301f0fd31a08b936ff76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:78:5a:fc:1f:c6:2d:a9:49:4f:5b:4a:3c:7d:
6e:40:61:72:d5:28:08:17:19:43:51:bf:26:80:67:
e3:92:1e:4e:d6:df:48:96:76:93:df:87:e8:dc:3b:
bd:31:43:df:0e:ba:f6:20:09:f4:1e:bc:95:60:93:
d0:5c:3b:bf:79:a4:1e:7d:da:84:04:91:3d:36:91:
ed:40:fb:f9:0c:7d:b5:37:9a:6b:61:37:10:56:60:
a4:8d:37:47:02:34:4e:95:16:35:4c:79:72:74:46:
31:25:ae:13:f2:bf:48:43:e9:96:f6:f5:c1:1b:95:
b2:26:20:26:68:22:22:dd:3e:15:0c:96:8a:d2:ce:
dd:7f:c0:9e:a2:32:21:a2:b3:2f:7b:2f:e7:33:5c:
c3:a5:be:fd:ac:f1:61:60:eb:2f:e5:cf:fb:db:19:
b9:f1:74:a3:e6:83:61:60:42:82:1b:96:6c:6f:e8:
4b:e8:7b:ce:4b:55:79:a0:c0:1a:36:2e:dd:c1:31:
f7:4c:4d:ff:66:f9:93:01:4e:6f:ca:78:8c:a3:d8:
61:3b:c7:a1:82:7a:6c:5f:32:92:9a:ba:64:79:e9:
26:75:53:29:4b:71:06:b8:74:9f:4f:6b:9a:52:63:
b8:7d:9d:71:86:7f:a0:76:23:bb:1e:5c:3e:fa:5e:
4a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:04:CC:BF:B8:CF:CA:7B:F8:F4:30:1F:0F:D3:1A:08:B9:36:FF:76
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sgTMv7jPynv49DAfD9MaCLk2_3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:98:6e:17:c7:f8:f2:90:08:45:66:44:77:00:b2:81:3f:3b:
0b:4f:35:51:a6:79:f5:4d:dd:5a:01:5b:a3:b7:89:ba:4c:60:
a8:56:8c:32:93:b6:9b:ed:8f:93:80:d8:14:23:71:18:75:14:
40:6c:c3:45:10:20:5a:7e:5d:b6:cb:20:5e:96:0d:fa:4d:87:
f1:53:11:72:0e:be:30:da:47:6f:6f:de:40:dd:a9:b2:34:05:
64:ee:86:85:8e:5a:12:4f:60:c8:2a:50:e3:cb:d0:7e:e8:5f:
93:66:f7:b6:0d:e0:ed:c2:9d:ef:31:13:11:7a:c2:b6:3b:ae:
fc:98:81:d9:10:a1:d5:46:34:fe:b8:54:56:cc:5d:be:6e:2c:
f5:95:63:4e:f1:ba:65:07:bc:57:a1:e0:5a:ee:12:f6:7c:06:
3f:12:04:39:3f:4b:77:4b:f3:de:54:e6:33:48:02:a1:28:71:
5a:00:13:8a:c1:71:b8:fb:a4:88:7a:1e:2c:15:02:8d:9c:61:
83:57:a3:93:61:51:cf:32:ba:d3:2c:0b:67:1d:a8:2d:87:10:
4f:78:70:af:3d:03:f0:5f:42:d2:f8:a4:ca:00:e8:ac:0b:b6:
54:2d:5f:b8:ab:e4:e3:db:5f:2e:f1:cb:e6:0c:66:f6:b6:43:
33:c7:7e:0c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYscHBIUDuL7ICMXyNGnyvu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDExMDAyMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjA0Y2NiZmI4Y2ZjYTdiZjhmNDMwMWYwZmQzMWEwOGI5MzZmZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXha/B/GLalJT1tKPH1uQGFy1SgI
FxlDUb8mgGfjkh5O1t9IlnaT34fo3Du9MUPfDrr2IAn0HryVYJPQXDu/eaQefdqE
BJE9NpHtQPv5DH21N5prYTcQVmCkjTdHAjROlRY1THlydEYxJa4T8r9IQ+mW9vXB
G5WyJiAmaCIi3T4VDJaK0s7df8CeojIhorMvey/nM1zDpb79rPFhYOsv5c/72xm5
8XSj5oNhYEKCG5Zsb+hL6HvOS1V5oMAaNi7dwTH3TE3/ZvmTAU5vyniMo9hhO8eh
gnpsXzKSmrpkeekmdVMpS3EGuHSfT2uaUmO4fZ1xhn+gdiO7Hlw++l5KOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLIEzL+4z8p7+PQwHw/TGgi5Nv92MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc2dUTXY3alB5bnY0OURBZkQ5TWFDTGsyXzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIWYbhfH+PKQCEVmRHcA
soE/OwtPNVGmefVN3VoBW6O3ibpMYKhWjDKTtpvtj5OA2BQjcRh1FEBsw0UQIFp+
XbbLIF6WDfpNh/FTEXIOvjDaR29v3kDdqbI0BWTuhoWOWhJPYMgqUOPL0H7oX5Nm
97YN4O3Cne8xExF6wrY7rvyYgdkQodVGNP64VFbMXb5uLPWVY07xumUHvFeh4Fru
EvZ8Bj8SBDk/S3dL895U5jNIAqEocVoAE4rBcbj7pIh6HiwVAo2cYYNXo5NhUc8y
utMsC2cdqC2HEE94cK89A/BfQtL4pMoA6KwLtlQtX7ir5OPbXy7xy+YMZva2QzPH
fgw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:51 2025 by rpki-client