Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gSy9Lv1mY8QoGlz7i3ygfGFxAW8.roa
File: gSy9Lv1mY8QoGlz7i3ygfGFxAW8.roa (raw, json)
Hash identifier: 8cSh13LdwfexuSGXCFUDvurFTJ+feqAZi+IyE1VSA3o=
Subject key identifier: 81:2C:BD:2E:FD:66:63:C4:28:1A:5C:FB:8B:7C:A0:7C:61:71:01:6F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF4FF6130AE92D1F144B761B414339EC7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gSy9Lv1mY8QoGlz7i3ygfGFxAW8.roa
Signing time: Tue 03 Oct 2023 10:04:51 +0000
ROA not before: Tue 03 Oct 2023 10:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:f4fe:cf32/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:ff:61:30:ae:92:d1:f1:44:b7:61:b4:14:33:9e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 10:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=812cbd2efd6663c4281a5cfb8b7ca07c6171016f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d7:64:af:24:16:01:83:07:d7:50:34:7d:94:
55:5b:af:a3:75:09:78:42:52:52:6d:02:53:62:9f:
5c:84:35:57:6a:78:d2:24:fc:e7:93:95:76:01:f0:
49:63:dd:26:a3:b5:7a:c4:8f:67:ce:44:3f:a4:95:
3b:d5:10:2d:13:a4:8c:8e:71:e0:fe:39:e5:e3:37:
bd:98:15:52:57:66:1b:bf:10:f7:6d:2e:9d:53:66:
70:fd:58:58:5f:a0:e9:c3:77:9b:33:b3:eb:cd:0b:
e4:e0:61:99:5c:f2:02:80:c8:45:a6:52:88:a2:ba:
dd:f0:97:9a:7b:9b:e9:58:ec:50:40:23:02:17:2e:
f7:e4:d3:5d:b4:fa:bb:71:ff:73:04:0c:78:91:fc:
2d:9d:58:13:43:d9:1b:a8:89:98:ba:86:0e:55:eb:
0c:ef:88:80:9d:d1:74:c3:ae:64:f2:96:01:94:3c:
db:ee:ad:42:e9:e7:5b:18:7f:f9:f7:6d:4c:e3:37:
40:f1:a7:2b:de:1d:42:5f:c4:4b:41:a4:ac:87:6b:
a2:5c:39:e8:f8:1d:15:46:f3:36:e8:dd:32:82:28:
99:5c:43:61:d8:01:92:21:47:7f:2f:7b:a1:76:15:
26:e1:14:07:d5:ec:19:4d:77:36:f6:d0:9b:38:f1:
3b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2C:BD:2E:FD:66:63:C4:28:1A:5C:FB:8B:7C:A0:7C:61:71:01:6F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gSy9Lv1mY8QoGlz7i3ygfGFxAW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:7d:2c:45:e0:08:84:02:62:79:93:5c:e0:b4:09:5f:0a:3d:
b2:ff:1f:7c:8f:79:dd:6c:60:15:d9:84:4f:25:ce:3c:8d:bd:
75:36:ab:aa:f4:30:f2:ea:2a:31:b7:ec:c7:b4:f8:af:96:d2:
89:bf:28:f2:f2:bf:9b:5f:9f:e8:8d:f6:44:e8:5a:c2:04:2e:
d0:b0:e6:28:f1:12:e4:3a:0b:f3:c6:a2:8c:f3:e2:3a:5b:d1:
6a:d1:a9:cb:47:f5:59:04:b0:f9:dc:8e:d9:23:f0:29:a0:88:
ca:cb:50:19:19:17:b4:04:82:71:ca:32:b5:40:72:41:40:97:
9d:d4:d2:51:3c:29:cc:24:c3:61:39:d9:d0:ca:70:fb:61:90:
59:1c:8a:e0:31:fe:75:67:dc:4f:02:b6:1f:8b:e5:cd:f3:1a:
ce:69:f1:31:ce:d8:e3:f5:33:59:eb:0b:65:50:49:ef:22:1e:
aa:88:bd:1b:d6:01:08:48:3e:ee:be:0b:17:8d:03:16:58:ac:
35:53:0d:1c:a8:80:0c:65:aa:7f:db:32:4c:c4:dd:a9:e4:d2:
38:51:bf:9f:51:4c:ea:42:b8:06:14:28:6a:69:ae:bd:f0:d2:
fd:03:91:b9:52:cf:3a:4a:62:22:83:f4:3f:44:2b:ae:e9:33:
3b:06:f1:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr0/2EwrpLR8US3YbQUM57HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMTAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTJjYmQyZWZkNjY2M2M0MjgxYTVjZmI4YjdjYTA3YzYxNzEwMTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstdkryQWAYMH11A0fZRVW6+jdQl4
QlJSbQJTYp9chDVXanjSJPznk5V2AfBJY90mo7V6xI9nzkQ/pJU71RAtE6SMjnHg
/jnl4ze9mBVSV2YbvxD3bS6dU2Zw/VhYX6Dpw3ebM7PrzQvk4GGZXPICgMhFplKI
orrd8Jeae5vpWOxQQCMCFy735NNdtPq7cf9zBAx4kfwtnVgTQ9kbqImYuoYOVesM
74iAndF0w65k8pYBlDzb7q1C6edbGH/5921M4zdA8acr3h1CX8RLQaSsh2uiXDno
+B0VRvM26N0ygiiZXENh2AGSIUd/L3uhdhUm4RQH1ewZTXc29tCbOPE7rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIEsvS79ZmPEKBpc+4t8oHxhcQFvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ1N5OUx2MW1ZOFFvR2x6N2kzeWdmR0Z4QVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADB9LEXgCIQCYnmTXOC0
CV8KPbL/H3yPed1sYBXZhE8lzjyNvXU2q6r0MPLqKjG37Me0+K+W0om/KPLyv5tf
n+iN9kToWsIELtCw5ijxEuQ6C/PGoozz4jpb0WrRqctH9VkEsPncjtkj8CmgiMrL
UBkZF7QEgnHKMrVAckFAl53U0lE8Kcwkw2E52dDKcPthkFkciuAx/nVn3E8Cth+L
5c3zGs5p8THO2OP1M1nrC2VQSe8iHqqIvRvWAQhIPu6+CxeNAxZYrDVTDRyogAxl
qn/bMkzE3ank0jhRv59RTOpCuAYUKGpprr3w0v0DkblSzzpKYiKD9D9EK67pMzsG
8cA=
-----END CERTIFICATE-----
Generated at Tue May 13 02:35:59 2025 by rpki-client