Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tG-rTZckJWjTOSGblQoENIfGfZY.roa
File: tG-rTZckJWjTOSGblQoENIfGfZY.roa (raw, json)
Hash identifier: 3EgTUii6nYGCIHabDk7O2uN10PugIrIMNsGEqBvyWiY=
Subject key identifier: B4:6F:AB:4D:97:24:25:68:D3:39:21:9B:95:0A:04:34:87:C6:7D:96
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADB116D9BE34EAC7D06129FAC8ED04031
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tG-rTZckJWjTOSGblQoENIfGfZY.roa
Signing time: Thu 28 Sep 2023 09:14:27 +0000
ROA not before: Thu 28 Sep 2023 09:14:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:db:11:6d:9b:e3:4e:ac:7d:06:12:9f:ac:8e:d0:40:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 09:14:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b46fab4d97242568d339219b950a043487c67d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:49:a3:42:ae:61:e1:7e:09:46:a1:4d:11:a7:
7d:17:c1:20:46:73:09:ba:3e:7a:57:4e:28:57:50:
af:29:29:90:56:42:f2:14:1b:d5:85:22:8d:a1:de:
cf:cb:75:21:40:52:06:50:36:cc:24:42:ea:b4:d6:
5d:82:3a:6d:71:d6:2b:84:de:80:47:83:92:5e:0d:
62:82:8f:0f:12:db:58:3a:7a:2b:fe:d6:d1:26:06:
13:3c:1e:3d:fc:0d:1b:2c:df:b1:bf:0a:35:8c:44:
93:2d:b8:a4:a8:6a:16:5b:4e:eb:07:2b:da:a7:62:
0d:73:04:61:4d:91:3b:1c:a2:e3:90:54:62:05:f8:
02:29:e4:eb:e3:ab:7a:ee:57:7d:12:52:fe:86:c9:
97:8a:c7:d9:d3:6f:91:2d:75:8a:5d:f4:a9:41:43:
7a:47:fa:b3:68:5a:5e:b1:a6:38:65:cc:ce:74:e6:
74:19:15:49:6c:87:ff:ef:97:73:a6:c9:90:82:9a:
23:6f:7f:c1:9e:d5:31:94:e1:70:01:db:6f:20:61:
69:d2:95:d4:c4:df:f1:85:d7:4d:20:69:10:45:2c:
23:8d:8c:c4:a6:0b:8e:7a:4b:2f:f0:39:87:f7:11:
12:fd:18:21:08:c3:f6:d2:1a:72:71:dd:d4:cc:d2:
70:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:6F:AB:4D:97:24:25:68:D3:39:21:9B:95:0A:04:34:87:C6:7D:96
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tG-rTZckJWjTOSGblQoENIfGfZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
43:c5:9e:02:71:91:92:bb:f9:66:64:d9:9a:af:00:65:cf:49:
5a:b8:5f:49:86:10:eb:41:36:20:d1:4f:6d:ef:65:22:ee:51:
62:5f:71:fa:db:05:19:28:ff:cb:26:c3:60:88:95:ba:63:40:
af:b9:54:2d:5e:9d:54:9e:79:71:20:bc:8e:fa:7b:06:f4:f4:
0c:8d:8d:99:e6:42:38:a8:fd:33:b6:ec:54:2d:c2:a7:51:90:
34:70:d2:34:13:f8:27:4c:6c:17:fd:bb:46:13:1d:79:11:6e:
b5:72:03:c9:c1:9a:1c:ab:b4:84:f1:9b:ca:81:36:6b:c2:c3:
74:d2:ee:59:ad:7c:46:83:ab:8c:03:d9:ef:f7:91:13:7d:d9:
73:cd:5a:37:01:52:84:69:5e:5b:6a:38:96:6c:19:5f:1b:b1:
a1:b5:ac:d5:da:fe:6c:23:e4:14:47:8a:f6:6e:31:8e:e8:5e:
54:df:d6:09:a7:1f:0e:91:31:86:ae:9d:aa:9c:3c:bd:15:ef:
00:d0:12:b5:e7:ee:0c:57:19:42:74:2a:07:03:bf:e3:a5:59:
a5:f3:87:8b:9d:a9:27:0b:c3:1a:27:49:94:b7:a3:7c:2d:bb:
8d:03:ae:2b:50:80:de:3b:bb:fa:16:ff:ca:0e:e9:28:32:8c:
f3:c9:8f:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrbEW2b406sfQYSn6yO0EAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MDkxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDZmYWI0ZDk3MjQyNTY4ZDMzOTIxOWI5NTBhMDQzNDg3YzY3ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EmjQq5h4X4JRqFNEad9F8EgRnMJ
uj56V04oV1CvKSmQVkLyFBvVhSKNod7Py3UhQFIGUDbMJELqtNZdgjptcdYrhN6A
R4OSXg1igo8PEttYOnor/tbRJgYTPB49/A0bLN+xvwo1jESTLbikqGoWW07rByva
p2INcwRhTZE7HKLjkFRiBfgCKeTr46t67ld9ElL+hsmXisfZ02+RLXWKXfSpQUN6
R/qzaFpesaY4ZczOdOZ0GRVJbIf/75dzpsmQgpojb3/BntUxlOFwAdtvIGFp0pXU
xN/xhddNIGkQRSwjjYzEpguOeksv8DmH9xES/RghCMP20hpycd3UzNJwZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLRvq02XJCVo0zkhm5UKBDSHxn2WMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdEctclRaY2tKV2pUT1NHYmxRb0VOSWZHZlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEPFngJxkZK7+WZk2Zqv
AGXPSVq4X0mGEOtBNiDRT23vZSLuUWJfcfrbBRko/8smw2CIlbpjQK+5VC1enVSe
eXEgvI76ewb09AyNjZnmQjio/TO27FQtwqdRkDRw0jQT+CdMbBf9u0YTHXkRbrVy
A8nBmhyrtITxm8qBNmvCw3TS7lmtfEaDq4wD2e/3kRN92XPNWjcBUoRpXltqOJZs
GV8bsaG1rNXa/mwj5BRHivZuMY7oXlTf1gmnHw6RMYaunaqcPL0V7wDQErXn7gxX
GUJ0KgcDv+OlWaXzh4udqScLwxonSZS3o3wtu40DritQgN47u/oW/8oO6SgyjPPJ
jw0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:38:45 2025 by rpki-client