Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-gI_EUELHwQJHKr9LaQOO1in-0w.roa
File: 1-gI_EUELHwQJHKr9LaQOO1in-0w.roa (raw, json)
Hash identifier: H8bTcaD7RjqXIbMCIU58Cfa3xOJZHbjypZ23+u93cAk=
Subject key identifier: FA:02:3F:11:41:0B:1F:04:09:1C:AA:FD:2D:A4:0E:3B:58:A7:FB:4C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFCC22AA1F1E0F54A0EFF2604BD179ADA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-gI_EUELHwQJHKr9LaQOO1in-0w.roa
Signing time: Wed 04 Oct 2023 22:14:57 +0000
ROA not before: Wed 04 Oct 2023 22:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:c2:2a:a1:f1:e0:f5:4a:0e:ff:26:04:bd:17:9a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 22:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa023f11410b1f04091caafd2da40e3b58a7fb4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:48:d2:85:0b:32:13:4c:28:56:c7:3e:f4:3b:
42:27:f7:74:d3:b9:13:b2:ba:41:ec:84:12:b1:11:
a3:1d:86:35:62:4b:1f:2d:5c:2d:d0:b4:4a:06:03:
eb:6e:5f:ae:ea:80:e4:a4:fc:21:e4:45:9e:38:11:
4c:27:e7:81:23:bc:1d:2c:f1:40:05:04:4d:ca:3d:
e2:0e:af:e2:85:bb:fa:d6:9c:85:dc:90:65:c1:df:
dc:d8:26:bd:c0:86:13:43:bb:59:e7:cd:13:cb:89:
6d:bf:7e:9d:61:56:ba:13:5c:49:5a:95:86:f1:c7:
0f:7f:56:e7:e0:ee:c0:85:fe:c4:ca:8c:27:0e:05:
0f:84:a1:a4:bd:51:4f:66:9f:20:be:cb:d6:f1:34:
32:94:46:66:90:d7:52:91:fb:2f:3d:7b:d7:f9:67:
0d:60:ef:52:29:58:d0:fe:95:c5:b9:27:14:90:33:
9b:22:c0:fc:67:dd:e2:06:a5:f0:10:a3:57:94:b4:
02:b6:08:4e:56:3e:f9:0d:d6:47:96:39:d8:27:67:
68:a0:95:3f:00:0d:4a:ab:7a:ba:87:35:91:2c:4c:
7d:53:9b:77:53:bf:e5:80:d7:f2:44:ad:69:7a:c3:
48:74:b7:6a:b4:4d:25:36:76:a7:28:7a:6e:1f:47:
c3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:02:3F:11:41:0B:1F:04:09:1C:AA:FD:2D:A4:0E:3B:58:A7:FB:4C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-gI_EUELHwQJHKr9LaQOO1in-0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:8a:dd:32:a4:95:9c:26:68:66:68:f2:a1:df:bd:63:5b:b5:
80:97:18:00:d0:68:29:79:73:82:fb:b0:3c:b3:93:e5:a3:b9:
31:21:eb:ad:47:3b:68:fd:7e:a6:e0:c9:a9:b2:35:a0:c5:8c:
6e:75:6c:cf:20:10:cf:95:f1:7d:01:ab:6e:fc:09:0f:b3:a9:
0e:e0:5f:06:18:4e:57:88:3a:cd:5b:93:79:9d:53:4f:b2:2b:
f9:a0:73:0e:7e:09:36:f9:27:ec:c6:de:02:b7:ff:ca:31:29:
dd:26:51:17:32:c3:cf:17:eb:1a:6c:6d:a2:f4:81:6c:63:ec:
85:6f:0c:41:68:5c:60:b0:b6:ab:0d:77:20:bc:35:50:b0:92:
d4:a5:89:a0:a7:b3:20:2b:d3:41:80:fa:45:fd:b1:1a:a3:12:
1c:63:bf:0c:97:1f:86:62:24:50:dc:86:0b:34:66:55:ce:e1:
c7:fb:41:94:e4:a0:97:9e:d9:61:ac:30:48:28:46:1b:86:65:
54:43:eb:7c:3e:dc:55:48:ee:11:e7:36:b2:a9:35:97:23:8d:
9b:3f:82:d3:84:a2:f1:4a:63:e6:22:64:9c:03:df:3d:92:ef:
50:70:03:ac:42:d9:38:f6:e0:a9:95:44:fd:d0:d3:1b:45:c0:
e3:35:70:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr8wiqh8eD1Sg7/JgS9F5raMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MjIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTAyM2YxMTQxMGIxZjA0MDkxY2FhZmQyZGE0MGUzYjU4YTdmYjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEjShQsyE0woVsc+9DtCJ/d007kT
srpB7IQSsRGjHYY1YksfLVwt0LRKBgPrbl+u6oDkpPwh5EWeOBFMJ+eBI7wdLPFA
BQRNyj3iDq/ihbv61pyF3JBlwd/c2Ca9wIYTQ7tZ580Ty4ltv36dYVa6E1xJWpWG
8ccPf1bn4O7Ahf7EyownDgUPhKGkvVFPZp8gvsvW8TQylEZmkNdSkfsvPXvX+WcN
YO9SKVjQ/pXFuScUkDObIsD8Z93iBqXwEKNXlLQCtghOVj75DdZHljnYJ2dooJU/
AA1Kq3q6hzWRLEx9U5t3U7/lgNfyRK1pesNIdLdqtE0lNnanKHpuH0fDywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPoCPxFBCx8ECRyq/S2kDjtYp/tMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1nSV9FVUVMSHdRSkhLcjlMYVFPTzFpbi0wdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQA3it0ypJWcJmhmaPKh
371jW7WAlxgA0GgpeXOC+7A8s5Plo7kxIeutRzto/X6m4MmpsjWgxYxudWzPIBDP
lfF9Aatu/AkPs6kO4F8GGE5XiDrNW5N5nVNPsiv5oHMOfgk2+Sfsxt4Ct//KMSnd
JlEXMsPPF+sabG2i9IFsY+yFbwxBaFxgsLarDXcgvDVQsJLUpYmgp7MgK9NBgPpF
/bEaoxIcY78Mlx+GYiRQ3IYLNGZVzuHH+0GU5KCXntlhrDBIKEYbhmVUQ+t8PtxV
SO4R5zayqTWXI42bP4LThKLxSmPmImScA989ku9QcAOsQtk49uCplUT90NMbRcDj
NXCm
-----END CERTIFICATE-----
Generated at Wed May 14 07:56:13 2025 by rpki-client