Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/g1JsuLFTv7U0cJQxBuOC_gqJWQk.roa
File: g1JsuLFTv7U0cJQxBuOC_gqJWQk.roa (raw, json)
Hash identifier: hNbDv9yQeZLNidWFbmWLxqd4oa963CCmd71hlh7gvhM=
Subject key identifier: 83:52:6C:B8:B1:53:BF:B5:34:70:94:31:06:E3:82:FE:0A:89:59:09
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6CC02DEC211F8A92A8C835AD0F047C80
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/g1JsuLFTv7U0cJQxBuOC_gqJWQk.roa
Signing time: Thu 26 Oct 2023 16:10:15 +0000
ROA not before: Thu 26 Oct 2023 16:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6c:c0:2d:ec:21:1f:8a:92:a8:c8:35:ad:0f:04:7c:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 26 16:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83526cb8b153bfb53470943106e382fe0a895909
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2f:e9:45:4e:0b:ce:27:b3:30:e0:b9:8e:1f:
d8:c1:29:fb:6c:c9:d5:1c:45:60:e7:23:4d:e7:ca:
3c:76:f2:05:a9:25:3d:1b:77:ce:06:3c:12:42:ef:
f3:bd:f8:1b:b0:22:f3:99:aa:f8:38:de:93:94:4a:
af:d0:fd:d7:81:cd:49:36:c0:7d:20:de:69:ad:aa:
91:f5:22:81:ea:86:50:1c:7b:93:26:66:eb:88:80:
69:24:31:f8:44:13:17:04:4c:ba:42:aa:6c:1d:d4:
6d:2d:df:cf:f6:06:13:12:07:13:b0:b2:19:c0:c7:
1a:06:62:6e:0b:c6:4d:21:c8:a1:10:0a:9c:82:e6:
bb:4f:01:29:ff:34:55:71:22:f3:21:5b:3e:b8:f8:
04:20:6f:db:f5:e2:1b:a8:41:49:01:ac:bb:42:b9:
02:84:b9:1f:4c:3a:f1:5a:b6:c1:40:cc:66:0f:88:
c9:25:3e:a3:c0:ed:df:c2:eb:b8:e9:bc:08:c3:b2:
dd:32:26:d9:97:7e:37:a9:62:73:1c:1d:4e:1f:36:
be:b4:2a:f2:6d:7f:cc:a6:3c:d8:d0:33:31:86:bf:
5a:35:87:74:bb:f8:32:f4:e0:fe:f9:33:1a:89:82:
5a:f1:92:94:36:bc:56:2f:39:e1:06:bc:08:4f:ba:
f3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:52:6C:B8:B1:53:BF:B5:34:70:94:31:06:E3:82:FE:0A:89:59:09
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/g1JsuLFTv7U0cJQxBuOC_gqJWQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:8d:14:c8:f2:01:18:6c:eb:63:e3:08:09:8b:0e:ac:0b:d3:
12:6c:5d:0a:8b:e0:bb:cc:54:9b:da:f0:5d:d8:f3:27:17:81:
2e:4b:05:2f:02:72:82:7c:89:ef:b6:bd:f9:d9:3b:59:f1:2e:
f8:98:8a:e5:2e:37:e0:58:c1:f4:eb:d9:40:1d:63:34:ef:2f:
7d:c3:49:38:ed:5f:c4:64:b5:23:cd:27:24:06:ba:e1:f9:17:
95:9a:12:b9:d1:f1:fc:b4:01:c4:39:cf:8d:54:c5:9e:ac:79:
21:af:8c:66:7e:e5:90:bd:a0:c8:f2:fb:f6:5a:77:7c:69:db:
d2:3b:44:29:26:63:39:a0:c7:cb:7f:a5:59:5a:db:02:f6:ab:
f7:60:f8:22:81:68:34:d7:88:81:77:fc:b0:f1:73:1c:09:50:
53:6f:a8:b3:3b:0c:f5:49:d6:fe:43:c3:8d:db:b4:b0:9d:8d:
93:d6:a4:f1:56:7a:1c:60:32:d5:85:05:a1:e1:3c:93:bf:55:
61:87:29:48:c7:11:58:9f:ec:c5:cf:03:8b:8d:a7:21:5a:64:
9e:0b:70:82:0b:75:f9:95:26:eb:7d:67:d7:4e:4b:72:57:a2:
b2:35:e7:60:4c:c8:be:3a:bc:5b:3d:a9:49:9d:b3:bd:c3:2c:
7e:db:05:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtswC3sIR+KkqjINa0PBHyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI2MTYxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzUyNmNiOGIxNTNiZmI1MzQ3MDk0MzEwNmUzODJmZTBhODk1OTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgy/pRU4LziezMOC5jh/YwSn7bMnV
HEVg5yNN58o8dvIFqSU9G3fOBjwSQu/zvfgbsCLzmar4ON6TlEqv0P3Xgc1JNsB9
IN5praqR9SKB6oZQHHuTJmbriIBpJDH4RBMXBEy6QqpsHdRtLd/P9gYTEgcTsLIZ
wMcaBmJuC8ZNIcihEAqcgua7TwEp/zRVcSLzIVs+uPgEIG/b9eIbqEFJAay7QrkC
hLkfTDrxWrbBQMxmD4jJJT6jwO3fwuu46bwIw7LdMibZl343qWJzHB1OHza+tCry
bX/MpjzY0DMxhr9aNYd0u/gy9OD++TMaiYJa8ZKUNrxWLznhBrwIT7rz5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFINSbLixU7+1NHCUMQbjgv4KiVkJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZzFKc3VMRlR2N1UwY0pReEJ1T0NfZ3FKV1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEyNFMjyARhs62PjCAmL
DqwL0xJsXQqL4LvMVJva8F3Y8ycXgS5LBS8CcoJ8ie+2vfnZO1nxLviYiuUuN+BY
wfTr2UAdYzTvL33DSTjtX8RktSPNJyQGuuH5F5WaErnR8fy0AcQ5z41UxZ6seSGv
jGZ+5ZC9oMjy+/Zad3xp29I7RCkmYzmgx8t/pVla2wL2q/dg+CKBaDTXiIF3/LDx
cxwJUFNvqLM7DPVJ1v5Dw43btLCdjZPWpPFWehxgMtWFBaHhPJO/VWGHKUjHEVif
7MXPA4uNpyFaZJ4LcIILdfmVJut9Z9dOS3JXorI152BMyL46vFs9qUmds73DLH7b
BZE=
-----END CERTIFICATE-----
Generated at Sun May 11 15:56:56 2025 by rpki-client