Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WGdc2JnZvVpcr9gUqr5-ZTIvXGs.roa
File: WGdc2JnZvVpcr9gUqr5-ZTIvXGs.roa (raw, json)
Hash identifier: TSxVBIoGcp6xJoJQv99xeykthZpD37l9YoML4+Ouejs=
Subject key identifier: 58:67:5C:D8:99:D9:BD:5A:5C:AF:D8:14:AA:BE:7E:65:32:2F:5C:6B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3B6796F967445487C165D8F7FC00863C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WGdc2JnZvVpcr9gUqr5-ZTIvXGs.roa
Signing time: Tue 17 Oct 2023 02:12:06 +0000
ROA not before: Tue 17 Oct 2023 02:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3b:67:96:f9:67:44:54:87:c1:65:d8:f7:fc:00:86:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 17 02:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58675cd899d9bd5a5cafd814aabe7e65322f5c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:2b:e6:cb:78:2d:38:d8:f4:9c:8d:27:6b:
0f:ba:bb:1c:2f:98:d7:5a:79:3d:cf:bc:ba:3c:3a:
d3:77:72:3f:de:0d:80:a8:44:a8:2e:b4:a2:54:f9:
81:d0:89:03:b8:38:3f:5c:97:d6:e2:c5:31:57:e6:
62:2b:82:35:78:ac:4b:7c:ca:d6:90:5c:80:a4:ce:
46:af:a4:c8:40:80:ff:e6:91:99:4e:15:3c:fd:11:
6c:90:72:41:6d:d6:c5:fb:67:cc:22:41:ea:97:87:
f1:88:a6:ce:86:be:81:1b:9c:db:db:3e:15:dd:ce:
9f:dc:aa:05:ff:29:0f:44:81:66:8f:69:4c:dd:ca:
05:ed:a5:3e:c4:fd:20:5e:67:7f:f2:1f:20:18:a6:
68:d0:af:cb:4e:1e:14:cb:36:96:37:40:cd:70:1b:
4c:39:b4:f5:a1:fe:09:2d:94:db:ad:64:77:ff:91:
50:0d:04:f8:e3:fb:c2:7d:94:8d:7f:bb:24:6d:c8:
74:30:c0:7b:72:29:c0:0d:65:ed:50:8e:bc:05:c8:
7b:63:f2:59:84:e8:04:a8:ae:a6:97:a7:4a:8f:fb:
fa:96:7f:4f:bd:e7:1b:a6:63:d5:d4:4c:7c:c7:18:
b8:b7:2b:e8:ef:3f:e7:55:a5:0a:c5:3b:2c:c4:60:
af:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:67:5C:D8:99:D9:BD:5A:5C:AF:D8:14:AA:BE:7E:65:32:2F:5C:6B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/WGdc2JnZvVpcr9gUqr5-ZTIvXGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:35:34:bd:59:55:a2:c1:89:eb:e2:63:e8:5f:f5:67:e4:27:
02:cd:7f:10:da:9b:98:14:01:c1:f6:5f:5c:01:d7:4a:4b:a7:
a5:8e:cd:58:1d:0b:29:39:14:39:be:b0:38:5d:4d:76:6b:1c:
b3:63:7d:d0:46:e9:b7:52:f9:93:35:07:18:17:87:a9:99:01:
8e:50:26:45:00:f5:fb:05:ed:1d:5c:24:7a:d1:e6:81:46:bf:
42:ac:3c:02:66:2e:c6:52:6d:19:38:82:95:90:71:d3:c9:ca:
eb:44:a8:49:e5:e6:5b:34:dc:18:8e:33:05:83:ea:b0:c9:e2:
0d:31:09:99:4a:70:73:82:eb:c4:40:0e:28:02:74:c1:c4:7f:
5a:3e:c1:16:bc:2e:02:ee:28:c0:77:60:5e:67:b0:23:19:a0:
5b:3a:5c:07:40:44:9b:10:1d:cc:e0:4a:b0:67:88:3e:80:d1:
70:70:73:dd:2b:d6:1b:8a:dd:fe:3a:2f:86:f1:9d:3f:81:ad:
09:69:a2:c9:9c:6a:e0:d9:c2:e1:f1:25:37:83:4c:7f:2f:f3:
5d:dd:ec:8d:6c:89:62:38:7e:46:d0:b4:2c:6b:1f:04:5d:e3:
a1:b0:27:8d:da:66:38:8b:3c:f0:78:83:69:64:bd:38:e3:c0:
d9:23:e6:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs7Z5b5Z0RUh8Fl2Pf8AIY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE3MDIxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODY3NWNkODk5ZDliZDVhNWNhZmQ4MTRhYWJlN2U2NTMyMmY1YzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfcr5st4LTjY9JyNJ2sPurscL5jX
Wnk9z7y6PDrTd3I/3g2AqESoLrSiVPmB0IkDuDg/XJfW4sUxV+ZiK4I1eKxLfMrW
kFyApM5Gr6TIQID/5pGZThU8/RFskHJBbdbF+2fMIkHql4fxiKbOhr6BG5zb2z4V
3c6f3KoF/ykPRIFmj2lM3coF7aU+xP0gXmd/8h8gGKZo0K/LTh4UyzaWN0DNcBtM
ObT1of4JLZTbrWR3/5FQDQT44/vCfZSNf7skbch0MMB7cinADWXtUI68Bch7Y/JZ
hOgEqK6ml6dKj/v6ln9PvecbpmPV1Ex8xxi4tyvo7z/nVaUKxTssxGCvIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFhnXNiZ2b1aXK/YFKq+fmUyL1xrMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvV0dkYzJKblp2VnBjcjlnVXFyNS1aVEl2WEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJg1NL1ZVaLBieviY+hf
9WfkJwLNfxDam5gUAcH2X1wB10pLp6WOzVgdCyk5FDm+sDhdTXZrHLNjfdBG6bdS
+ZM1BxgXh6mZAY5QJkUA9fsF7R1cJHrR5oFGv0KsPAJmLsZSbRk4gpWQcdPJyutE
qEnl5ls03BiOMwWD6rDJ4g0xCZlKcHOC68RADigCdMHEf1o+wRa8LgLuKMB3YF5n
sCMZoFs6XAdARJsQHczgSrBniD6A0XBwc90r1huK3f46L4bxnT+BrQlposmcauDZ
wuHxJTeDTH8v813d7I1siWI4fkbQtCxrHwRd46GwJ43aZjiLPPB4g2lkvTjjwNkj
5rg=
-----END CERTIFICATE-----
Generated at Mon May 12 21:57:13 2025 by rpki-client