Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1gfK3RxkQlJr4JvqwAyQgIUjtvM.roa
File: 1gfK3RxkQlJr4JvqwAyQgIUjtvM.roa (raw, json)
Hash identifier: E7/Iy8UoEM95KEnOSTxLXdl5rAWPLISjF8TGy1+moAY=
Subject key identifier: D6:07:CA:DD:1C:64:42:52:6B:E0:9B:EA:C0:0C:90:80:85:23:B6:F3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C63BFD85C16D16C92B37B99C8E847604C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1gfK3RxkQlJr4JvqwAyQgIUjtvM.roa
Signing time: Wed 13 Dec 2023 15:16:06 +0000
ROA not before: Wed 13 Dec 2023 15:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:bf:d8:5c:16:d1:6c:92:b3:7b:99:c8:e8:47:60:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 15:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d607cadd1c6442526be09beac00c90808523b6f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:fc:cf:52:47:10:32:31:64:9d:64:58:ad:ea:
87:f5:f4:e4:4f:58:4e:04:0f:fb:d3:3a:a0:4b:c4:
cb:6c:a9:69:d4:72:5e:a2:7e:70:8c:0c:25:6e:30:
28:b3:40:e6:66:03:14:82:58:19:8a:76:e0:14:b0:
37:7c:70:37:f7:c8:b0:93:af:7f:66:f7:4a:da:3b:
74:fb:bf:7a:15:83:d4:f5:ef:07:3d:60:07:44:e7:
f4:78:6f:99:ec:6e:66:a2:81:04:04:c2:80:c6:f5:
89:86:d4:1e:14:36:ec:83:f8:65:94:c7:7e:3a:b1:
dc:6a:e7:9c:35:1b:e1:81:46:8a:eb:4c:2b:d7:dc:
ba:20:b1:7c:7c:75:18:a6:7b:44:a3:fb:6c:0a:1f:
8b:c9:aa:48:ce:30:c7:4b:69:66:38:a3:df:c4:21:
2f:11:cc:d8:09:fa:d4:76:b0:a4:bc:79:8d:ac:ab:
b2:44:52:b4:c1:78:9a:77:43:02:29:08:a5:d6:99:
b9:b3:01:f3:37:94:e0:47:72:2c:ec:7a:98:a5:af:
bb:98:1d:dc:ef:a5:7d:37:c9:9a:fd:64:d4:a4:e1:
db:4f:5a:7c:e3:04:36:c6:86:30:32:b1:22:8a:b9:
2d:83:a1:71:48:28:59:df:b6:18:af:75:ae:22:19:
8a:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:07:CA:DD:1C:64:42:52:6B:E0:9B:EA:C0:0C:90:80:85:23:B6:F3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1gfK3RxkQlJr4JvqwAyQgIUjtvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cb:cd:59:d9:91:96:9f:eb:7f:c4:dd:db:bb:22:2a:52:27:5f:
45:20:8e:d4:4e:a7:e9:01:35:2b:97:59:5a:83:ff:e1:f9:3c:
84:26:63:76:7f:db:65:44:58:6d:3e:13:23:e0:1f:7d:7b:42:
62:3b:db:d8:97:4e:02:a9:e2:70:af:22:c1:20:60:60:6d:21:
14:67:9b:c7:f7:23:d5:c6:2a:26:a4:bb:0c:9f:05:bc:60:7e:
43:8f:37:a1:30:29:0f:f9:37:b7:0d:75:57:0d:61:bc:09:c0:
0f:b7:10:fa:ad:3f:19:4a:5d:23:41:97:b9:2b:22:6e:f6:f2:
a6:9e:9b:c4:0f:32:95:6c:6e:e8:a3:18:17:47:81:4d:68:28:
03:34:2b:8e:a5:7b:3a:ca:22:72:6b:af:c9:d0:77:f8:9c:28:
96:e4:74:83:9b:ec:ac:70:ec:db:25:62:c1:85:5e:50:c5:6b:
fb:8d:d4:8e:18:38:de:db:c3:75:6a:be:ac:a0:c8:e9:81:f1:
02:a2:8d:aa:df:32:82:0e:86:a6:24:f2:49:54:aa:56:16:d7:
b1:2d:3b:a4:04:82:2d:a3:59:69:3f:ca:a0:eb:f0:f5:c2:30:
4d:b6:3a:76:f7:e3:07:d9:b9:65:46:c4:57:e3:fc:d9:80:b4:
f0:e3:39:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxjv9hcFtFskrN7mcjoR2BMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMTUxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjA3Y2FkZDFjNjQ0MjUyNmJlMDliZWFjMDBjOTA4MDg1MjNiNmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfzPUkcQMjFknWRYreqH9fTkT1hO
BA/70zqgS8TLbKlp1HJeon5wjAwlbjAos0DmZgMUglgZinbgFLA3fHA398iwk69/
ZvdK2jt0+796FYPU9e8HPWAHROf0eG+Z7G5mooEEBMKAxvWJhtQeFDbsg/hllMd+
OrHcauecNRvhgUaK60wr19y6ILF8fHUYpntEo/tsCh+LyapIzjDHS2lmOKPfxCEv
EczYCfrUdrCkvHmNrKuyRFK0wXiad0MCKQil1pm5swHzN5TgR3Is7HqYpa+7mB3c
76V9N8ma/WTUpOHbT1p84wQ2xoYwMrEiirktg6FxSChZ37YYr3WuIhmKDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNYHyt0cZEJSa+Cb6sAMkICFI7bzMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMWdmSzNSeGtRbEpyNEp2cXdBeVFnSVVqdHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMvNWdmRlp/rf8Td27si
KlInX0UgjtROp+kBNSuXWVqD/+H5PIQmY3Z/22VEWG0+EyPgH317QmI729iXTgKp
4nCvIsEgYGBtIRRnm8f3I9XGKiakuwyfBbxgfkOPN6EwKQ/5N7cNdVcNYbwJwA+3
EPqtPxlKXSNBl7krIm728qaem8QPMpVsbuijGBdHgU1oKAM0K46lezrKInJrr8nQ
d/icKJbkdIOb7Kxw7NslYsGFXlDFa/uN1I4YON7bw3VqvqygyOmB8QKijarfMoIO
hqYk8klUqlYW17EtO6QEgi2jWWk/yqDr8PXCME22Onb34wfZuWVGxFfj/NmAtPDj
OUw=
-----END CERTIFICATE-----
Generated at Sat May 10 11:34:22 2025 by rpki-client