Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5gzsyEvfitbLqhfl1ViQRSkl9yo.roa
File: 5gzsyEvfitbLqhfl1ViQRSkl9yo.roa (raw, json)
Hash identifier: HIxGxKHYb82/PvZIs7oGktMxhBATheh5+LJQT/JbXYw=
Subject key identifier: E6:0C:EC:C8:4B:DF:8A:D6:CB:AA:17:E5:D5:58:90:45:29:25:F7:2A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BF08626800581E934D8924A61218E04E9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5gzsyEvfitbLqhfl1ViQRSkl9yo.roa
Signing time: Tue 21 Nov 2023 06:16:45 +0000
ROA not before: Tue 21 Nov 2023 06:16:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:86:26:80:05:81:e9:34:d8:92:4a:61:21:8e:04:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 21 06:16:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e60cecc84bdf8ad6cbaa17e5d55890452925f72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8d:e5:c6:e2:e9:a9:f4:76:0b:16:3a:9e:a9:
aa:6d:c2:03:59:b7:be:28:4d:f9:42:5e:9c:16:fd:
28:66:89:11:01:e2:c2:33:dd:80:25:98:04:bd:7d:
57:15:0b:2b:36:db:05:ff:36:00:04:5c:80:9e:9f:
8f:9e:7c:80:e9:59:a1:8a:06:bd:77:a1:42:a6:48:
0e:91:54:83:7e:c5:cf:26:8e:87:15:21:74:76:51:
91:8b:22:d8:e3:68:60:53:cd:f0:d8:f6:3b:67:fb:
04:75:06:a1:52:13:d2:53:70:45:af:25:a8:8c:19:
b3:de:ed:1e:5a:b2:49:6b:37:3a:37:cd:2a:12:b8:
bc:98:a8:05:ba:ff:fc:02:2c:a6:9c:42:2b:9f:40:
94:51:52:46:c3:12:bc:00:5b:e4:f7:2e:b2:3c:a5:
2d:66:e4:33:dc:9a:ef:c0:82:dc:e2:0d:f7:0a:e5:
2b:3d:f2:fc:fa:db:13:34:03:a0:bf:5c:56:33:8e:
f3:8b:6f:7a:ae:f3:6d:91:c5:22:a4:a0:93:d6:66:
42:5c:f0:a5:91:58:54:3f:c7:d6:aa:b7:d0:e9:89:
3c:0b:f4:84:d9:ed:95:cd:8e:90:53:23:f8:95:3e:
92:92:33:eb:2c:6d:b1:80:f2:17:a6:00:b3:7d:af:
49:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:0C:EC:C8:4B:DF:8A:D6:CB:AA:17:E5:D5:58:90:45:29:25:F7:2A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5gzsyEvfitbLqhfl1ViQRSkl9yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:32:37:c6:4c:7c:41:c6:33:0c:dd:a6:a4:b7:87:3c:56:40:
77:e6:bb:40:bd:b7:43:c5:4e:7d:35:a3:47:f1:2e:3a:14:07:
03:8c:74:9d:6b:36:77:8f:29:d3:9a:c0:ce:e2:2a:24:fc:8b:
6c:9b:02:2b:da:a2:08:11:8b:fc:14:ed:cb:a3:7f:ec:6d:57:
4d:de:3c:98:76:a8:d0:ef:69:03:f0:b5:c4:66:08:a2:f5:59:
d2:d9:38:4a:c2:0b:5c:c3:04:4c:35:23:44:d1:9e:05:a6:3d:
53:0b:06:eb:cb:39:52:be:5c:13:67:6e:bc:24:a7:36:1b:91:
73:5f:89:c9:ca:5a:82:e0:b2:fa:8a:7c:54:77:e0:86:0a:f8:
79:3e:37:fe:d7:e5:d7:fd:c5:9f:5c:bd:e7:ac:72:a0:0d:7e:
45:e3:d1:43:4c:4d:41:26:b8:1b:30:74:b3:81:b4:26:44:5d:
ef:c9:5b:0f:6b:6e:f0:89:26:da:70:63:02:f1:83:67:8d:0d:
f8:30:e2:16:db:b0:aa:23:62:d0:d6:6a:89:3d:23:b5:0e:45:
72:a1:6e:62:03:b3:53:18:7e:7a:b8:4e:05:14:7e:e2:9b:1b:
c9:b9:c1:3a:c6:4a:a7:7b:4e:eb:ed:e0:c9:13:1d:e1:fe:f5:
7a:5f:77:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvwhiaABYHpNNiSSmEhjgTpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIxMDYxNjQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjBjZWNjODRiZGY4YWQ2Y2JhYTE3ZTVkNTU4OTA0NTI5MjVmNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI3lxuLpqfR2CxY6nqmqbcIDWbe+
KE35Ql6cFv0oZokRAeLCM92AJZgEvX1XFQsrNtsF/zYABFyAnp+PnnyA6Vmhiga9
d6FCpkgOkVSDfsXPJo6HFSF0dlGRiyLY42hgU83w2PY7Z/sEdQahUhPSU3BFryWo
jBmz3u0eWrJJazc6N80qEri8mKgFuv/8AiymnEIrn0CUUVJGwxK8AFvk9y6yPKUt
ZuQz3JrvwILc4g33CuUrPfL8+tsTNAOgv1xWM47zi296rvNtkcUipKCT1mZCXPCl
kVhUP8fWqrfQ6Yk8C/SE2e2VzY6QUyP4lT6SkjPrLG2xgPIXpgCzfa9JIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOYM7MhL34rWy6oX5dVYkEUpJfcqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNWd6c3lFdmZpdGJMcWhmbDFWaVFSU2tsOXlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAgyN8ZMfEHGMwzdpqS3
hzxWQHfmu0C9t0PFTn01o0fxLjoUBwOMdJ1rNnePKdOawM7iKiT8i2ybAivaoggR
i/wU7cujf+xtV03ePJh2qNDvaQPwtcRmCKL1WdLZOErCC1zDBEw1I0TRngWmPVML
BuvLOVK+XBNnbrwkpzYbkXNficnKWoLgsvqKfFR34IYK+Hk+N/7X5df9xZ9cvees
cqANfkXj0UNMTUEmuBswdLOBtCZEXe/JWw9rbvCJJtpwYwLxg2eNDfgw4hbbsKoj
YtDWaok9I7UORXKhbmIDs1MYfnq4TgUUfuKbG8m5wTrGSqd7Tuvt4MkTHeH+9Xpf
d6o=
-----END CERTIFICATE-----
Generated at Tue May 13 19:53:26 2025 by rpki-client