Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-g5t0LuXhk2vXydif5rX5A3qSLk.roa
File: 1-g5t0LuXhk2vXydif5rX5A3qSLk.roa (raw, json)
Hash identifier: ZxCFOYVvKtssL72MhmRoQ02GS5l8hveKqiTBe9qxV4c=
Subject key identifier: FA:0E:6D:D0:BB:97:86:4D:AF:5F:27:62:7F:9A:D7:E4:0D:EA:48:B9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACDFBA465D1E23B665198D3A5EACEC063
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-g5t0LuXhk2vXydif5rX5A3qSLk.roa
Signing time: Mon 25 Sep 2023 20:15:35 +0000
ROA not before: Mon 25 Sep 2023 20:15:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:fb:a4:65:d1:e2:3b:66:51:98:d3:a5:ea:ce:c0:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 20:15:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa0e6dd0bb97864daf5f27627f9ad7e40dea48b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d2:f1:cc:6c:db:93:79:81:a7:6a:99:8c:b0:
0e:92:45:fb:77:ac:cb:9a:bf:7c:b7:3e:55:d7:aa:
17:d6:04:eb:59:49:3e:39:dc:60:0c:e7:66:4b:b2:
a4:5b:44:b0:09:58:8b:46:f6:ee:19:29:3b:21:04:
c0:2b:90:6d:d3:f5:c4:54:0c:19:c9:ef:36:c3:bc:
1c:cf:70:7e:2d:9c:ec:aa:89:b3:99:ea:70:2b:17:
7f:05:c0:eb:f1:a6:14:99:5a:50:35:8d:b3:5c:93:
a6:ca:df:0b:26:d7:cb:7c:ee:dd:06:0d:97:9a:94:
a5:93:50:e6:1c:ff:cd:9d:89:69:0b:6c:f7:96:f6:
e1:9c:16:2a:65:aa:77:18:f6:95:ba:2f:a8:2e:a8:
83:c5:c4:af:ec:92:23:ad:b8:c7:93:df:5c:8e:8a:
28:33:21:30:1a:4f:f2:d0:98:3a:15:47:fa:47:88:
db:37:00:8e:6c:26:ac:05:a9:7b:cd:19:42:cc:db:
e7:63:4f:86:96:65:1a:f1:c4:c4:7d:8d:ab:c8:7f:
8e:fc:58:18:54:ad:12:b0:9d:2f:c9:95:1a:ec:a0:
d3:04:ea:41:06:0b:a5:b3:37:0b:5d:95:b0:09:32:
15:75:c3:e6:62:a0:0b:6a:5e:75:26:b7:ef:11:b8:
04:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:0E:6D:D0:BB:97:86:4D:AF:5F:27:62:7F:9A:D7:E4:0D:EA:48:B9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-g5t0LuXhk2vXydif5rX5A3qSLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8b:27:79:fd:0b:82:06:51:9d:d5:ee:8a:79:ca:c6:e3:a5:8d:
cc:47:ad:42:72:a5:d6:c9:f7:5c:9a:44:10:e2:e1:db:3d:98:
e0:a4:0e:5f:6f:d3:5a:18:fd:cb:84:88:cd:66:c7:35:24:cf:
f0:f1:7d:11:64:4a:ec:37:16:ac:8a:bb:b5:68:3e:30:cd:1d:
66:56:7d:84:8a:07:be:14:5d:db:63:51:ee:d2:80:12:50:cf:
66:6a:dd:2f:d2:21:cc:02:b3:bc:44:33:64:8d:8f:b9:34:c0:
cc:a0:14:9f:16:84:58:1d:fa:21:90:0e:69:e0:6e:e0:bc:01:
98:23:28:31:ca:f2:e5:70:38:08:95:73:54:66:59:6d:9f:1b:
59:9d:01:ed:91:62:39:c9:cf:ed:e8:15:d7:19:6f:af:e6:b9:
f9:60:3a:9b:14:ae:e4:d7:64:11:59:d3:35:bd:49:86:c9:02:
8d:24:84:c2:d3:a0:55:e3:2d:9e:17:68:2f:47:6b:ed:90:a8:
d2:c2:ef:2d:b2:06:9f:0b:e5:ae:5a:9b:57:50:92:19:de:10:
a0:7e:0f:8b:eb:a9:c4:c6:23:26:da:33:ab:f8:39:3c:65:c1:
b2:cb:b3:7c:41:5e:4a:b1:2c:71:31:2c:d3:7a:00:21:11:a1:
0e:15:a3:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrN+6Rl0eI7ZlGY06XqzsBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MjAxNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTBlNmRkMGJiOTc4NjRkYWY1ZjI3NjI3ZjlhZDdlNDBkZWE0OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotLxzGzbk3mBp2qZjLAOkkX7d6zL
mr98tz5V16oX1gTrWUk+OdxgDOdmS7KkW0SwCViLRvbuGSk7IQTAK5Bt0/XEVAwZ
ye82w7wcz3B+LZzsqomzmepwKxd/BcDr8aYUmVpQNY2zXJOmyt8LJtfLfO7dBg2X
mpSlk1DmHP/NnYlpC2z3lvbhnBYqZap3GPaVui+oLqiDxcSv7JIjrbjHk99cjooo
MyEwGk/y0Jg6FUf6R4jbNwCObCasBal7zRlCzNvnY0+GlmUa8cTEfY2ryH+O/FgY
VK0SsJ0vyZUa7KDTBOpBBgulszcLXZWwCTIVdcPmYqALal51JrfvEbgE1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPoObdC7l4ZNr18nYn+a1+QN6ki5MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1nNXQwTHVYaGsydlh5ZGlmNXJYNUEzcVNMay5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCLJ3n9C4IGUZ3V7op5
ysbjpY3MR61CcqXWyfdcmkQQ4uHbPZjgpA5fb9NaGP3LhIjNZsc1JM/w8X0RZErs
Nxasiru1aD4wzR1mVn2Eige+FF3bY1Hu0oASUM9mat0v0iHMArO8RDNkjY+5NMDM
oBSfFoRYHfohkA5p4G7gvAGYIygxyvLlcDgIlXNUZlltnxtZnQHtkWI5yc/t6BXX
GW+v5rn5YDqbFK7k12QRWdM1vUmGyQKNJITC06BV4y2eF2gvR2vtkKjSwu8tsgaf
C+WuWptXUJIZ3hCgfg+L66nExiMm2jOr+Dk8ZcGyy7N8QV5KsSxxMSzTegAhEaEO
FaNp
-----END CERTIFICATE-----
Generated at Mon May 12 23:25:13 2025 by rpki-client