Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GlGwHNCk3B8j5Ns4h0cuFyrnLGg.roa
File: GlGwHNCk3B8j5Ns4h0cuFyrnLGg.roa (raw, json)
Hash identifier: 29nCH7exuYkX/WLCmnZASuppEhplxV9GFiRFXeW1chA=
Subject key identifier: 1A:51:B0:1C:D0:A4:DC:1F:23:E4:DB:38:87:47:2E:17:2A:E7:2C:68
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B92F2052FE7C94BA9D2199DC51BE19ED6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GlGwHNCk3B8j5Ns4h0cuFyrnLGg.roa
Signing time: Fri 03 Nov 2023 02:10:16 +0000
ROA not before: Fri 03 Nov 2023 02:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:92:f2:05:2f:e7:c9:4b:a9:d2:19:9d:c5:1b:e1:9e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 02:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a51b01cd0a4dc1f23e4db3887472e172ae72c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:25:53:30:07:00:f2:9f:25:37:de:68:0b:3c:
de:e8:ef:15:a8:16:65:72:27:0b:94:c7:25:44:db:
ce:12:30:67:27:07:11:e5:1e:03:58:e8:dd:ea:28:
1a:db:0b:98:f4:56:44:ab:f8:ab:00:d9:26:f4:d1:
86:ad:23:c1:e0:7c:cf:d1:2a:c7:04:93:a0:37:ca:
c6:1e:44:48:92:d3:83:aa:08:bc:a0:c8:14:ca:e3:
00:af:29:f8:d1:cb:be:49:8b:2b:d9:4f:dd:02:2c:
ea:71:1c:36:d0:88:ab:71:53:5e:e1:b4:c5:56:96:
c0:26:d5:96:90:65:fc:26:47:14:8a:b7:e8:b3:64:
5c:80:a4:29:49:82:f2:25:99:04:bf:38:06:45:b2:
ad:aa:df:8e:a8:e7:1b:a7:92:55:d8:db:9c:02:b0:
6d:5b:ba:f9:d3:a4:b3:0c:ff:d0:72:bd:51:f1:aa:
9a:a8:b4:92:ac:0b:df:f1:7a:33:56:e5:9c:1a:b2:
d1:12:77:fa:3d:f1:02:cf:2b:66:dd:bd:88:56:c2:
56:4a:50:1b:c0:b2:ba:c7:17:28:15:3a:64:3a:df:
fd:28:b5:ef:7d:0a:c9:07:93:8e:cd:98:68:75:95:
34:63:29:c9:23:b2:92:9c:b7:b6:13:28:e8:38:82:
56:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:51:B0:1C:D0:A4:DC:1F:23:E4:DB:38:87:47:2E:17:2A:E7:2C:68
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/GlGwHNCk3B8j5Ns4h0cuFyrnLGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:05:ed:df:46:12:b3:f7:87:58:39:21:a6:28:cd:f1:07:16:
27:ca:22:f5:b4:25:52:c1:24:2a:be:2f:d3:2f:d7:53:b4:65:
8e:f2:3d:7f:c7:79:6b:3e:c5:3b:c1:f7:29:ff:45:02:f3:3b:
fc:82:22:a8:b0:d1:9b:64:46:0d:db:be:86:e3:17:11:ad:75:
d7:ff:29:f6:3a:60:14:6e:42:3f:bf:01:e6:70:4f:0b:97:b3:
71:04:a0:8a:b9:ae:c3:5e:3c:42:fb:42:b7:46:03:9d:4c:eb:
76:94:92:eb:9f:50:e7:f8:d0:ae:a5:a3:3a:a7:9f:18:3a:62:
5b:df:24:c2:16:13:3e:d1:fa:dd:dc:dd:d8:6d:dd:79:6c:da:
5c:46:9f:db:1a:a1:1b:52:b2:16:d2:6a:ba:ab:0f:f3:f5:81:
90:e9:07:3f:e7:d6:cd:80:4e:cf:1c:c2:97:07:0b:e2:5a:c9:
35:39:1d:ac:c4:3c:4c:fc:f8:49:42:83:2b:30:42:7e:f2:0f:
63:b6:15:84:f2:e6:7a:40:4f:f4:1a:11:5a:ab:59:39:9a:ce:
f5:27:7c:52:aa:71:5b:56:cb:81:9b:76:47:40:9f:1f:8a:ae:
3c:65:39:45:09:9a:ce:73:e7:79:8f:f0:18:5b:89:84:c0:7e:
57:13:d2:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuS8gUv58lLqdIZncUb4Z7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMDIxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTUxYjAxY2QwYTRkYzFmMjNlNGRiMzg4NzQ3MmUxNzJhZTcyYzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiVTMAcA8p8lN95oCzze6O8VqBZl
cicLlMclRNvOEjBnJwcR5R4DWOjd6iga2wuY9FZEq/irANkm9NGGrSPB4HzP0SrH
BJOgN8rGHkRIktODqgi8oMgUyuMAryn40cu+SYsr2U/dAizqcRw20IircVNe4bTF
VpbAJtWWkGX8JkcUirfos2RcgKQpSYLyJZkEvzgGRbKtqt+OqOcbp5JV2NucArBt
W7r506SzDP/Qcr1R8aqaqLSSrAvf8XozVuWcGrLREnf6PfECzytm3b2IVsJWSlAb
wLK6xxcoFTpkOt/9KLXvfQrJB5OOzZhodZU0YynJI7KSnLe2EyjoOIJWSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBpRsBzQpNwfI+TbOIdHLhcq5yxoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvR2xHd0hOQ2szQjhqNU5zNGgwY3VGeXJuTEdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKYF7d9GErP3h1g5IaYo
zfEHFifKIvW0JVLBJCq+L9Mv11O0ZY7yPX/HeWs+xTvB9yn/RQLzO/yCIqiw0Ztk
Rg3bvobjFxGtddf/KfY6YBRuQj+/AeZwTwuXs3EEoIq5rsNePEL7QrdGA51M63aU
kuufUOf40K6lozqnnxg6YlvfJMIWEz7R+t3c3dht3Xls2lxGn9saoRtSshbSarqr
D/P1gZDpBz/n1s2ATs8cwpcHC+JayTU5HazEPEz8+ElCgyswQn7yD2O2FYTy5npA
T/QaEVqrWTmazvUnfFKqcVtWy4GbdkdAnx+KrjxlOUUJms5z53mP8BhbiYTAflcT
0mY=
-----END CERTIFICATE-----
Generated at Tue May 13 04:51:15 2025 by rpki-client