Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/grRtKDn7vuEFYroiNzRCe4rMaaM.roa
File: grRtKDn7vuEFYroiNzRCe4rMaaM.roa (raw, json)
Hash identifier: ENFDQtOKR8LA7ivU+pCzPo0Y2Iw/TRn/PVCfx0HWHN4=
Subject key identifier: 82:B4:6D:28:39:FB:BE:E1:05:62:BA:22:37:34:42:7B:8A:CC:69:A3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1EA02D75E44AB229E863C1D6567747A5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/grRtKDn7vuEFYroiNzRCe4rMaaM.roa
Signing time: Wed 11 Oct 2023 12:04:55 +0000
ROA not before: Wed 11 Oct 2023 12:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:1e9f:f605/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:a0:2d:75:e4:4a:b2:29:e8:63:c1:d6:56:77:47:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 11 12:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82b46d2839fbbee10562ba223734427b8acc69a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:42:04:96:a2:44:df:bb:7f:5a:04:68:18:1b:
1b:24:43:47:f8:2f:39:3d:4d:3d:02:c9:31:28:c8:
46:a1:91:fe:72:7b:88:21:04:ac:ed:55:26:17:26:
d6:94:ea:7a:bb:25:08:bc:73:bf:70:91:cf:0f:72:
e3:82:5d:7e:39:09:5a:93:9e:c0:30:79:45:51:6c:
3f:2f:22:7d:a5:18:cd:46:04:1d:f3:7b:e3:7d:94:
06:8d:c2:33:f8:08:be:c4:95:8f:bc:57:56:7d:16:
36:d7:f8:b9:d6:69:b5:bc:36:33:11:2b:eb:6d:8d:
d7:85:f6:f2:ad:ff:d2:d3:22:9f:67:ab:df:86:55:
fe:a9:b2:64:e2:6f:e4:30:cd:82:69:a7:71:4d:f8:
d9:12:2a:1f:d2:60:3f:58:17:09:d9:7e:ab:51:74:
97:b1:b2:62:12:64:91:1e:c9:c8:7e:4e:63:58:e5:
90:0d:f5:47:a3:48:36:13:b2:e9:4b:59:54:70:f7:
94:06:f9:9e:6d:6b:16:06:02:eb:27:04:2e:98:f8:
9f:c9:10:52:ae:72:d2:60:77:9f:09:91:13:89:6e:
ab:86:5d:d2:f2:69:5c:f0:c2:cd:4e:78:04:27:04:
28:67:47:86:be:d8:86:fa:d6:6c:93:03:95:d3:a5:
1a:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:B4:6D:28:39:FB:BE:E1:05:62:BA:22:37:34:42:7B:8A:CC:69:A3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/grRtKDn7vuEFYroiNzRCe4rMaaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:2d:2e:4a:ba:15:8b:70:ae:48:de:08:97:f2:31:1d:21:15:
bc:71:0e:36:41:6d:ac:e9:c5:aa:06:37:09:b7:61:bc:fb:e2:
51:6c:70:b3:13:e7:7d:b8:9e:d2:ed:13:a5:d8:a6:be:3b:63:
ca:e3:ff:23:80:2e:f4:c8:47:2a:c5:46:cf:98:4c:ea:5d:30:
9a:1f:3f:fd:a9:0e:2d:e5:18:fe:84:16:dc:44:d0:2e:1b:33:
8e:e5:cf:20:f5:83:bd:70:e6:80:b1:42:ff:ee:b2:c6:22:24:
1f:70:77:e8:97:cf:75:70:76:3c:d4:7e:7e:d3:ba:d0:bb:15:
40:db:27:e5:4b:9e:65:66:24:76:2d:f7:74:9e:88:fe:4c:e9:
e2:71:9d:fc:42:aa:1e:4e:f0:21:a2:cc:bc:b7:3a:1e:d4:f8:
7d:1d:2b:fd:fc:33:c7:1a:12:a7:12:e0:cc:74:fa:0d:cb:21:
9d:96:ba:bd:61:93:57:c9:2f:a2:79:71:74:27:f9:6f:6c:fd:
8d:45:4b:65:c1:a9:5a:53:f9:09:59:62:46:d6:a9:c1:66:6a:
ed:60:d4:6b:cd:5e:cc:f8:83:5f:bc:00:75:90:24:af:a3:21:
66:23:58:33:9b:ea:1d:c6:bf:ef:52:ff:8d:a0:6f:c6:d2:13:
be:44:fc:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYseoC115EqyKehjwdZWd0elMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDExMTIwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmI0NmQyODM5ZmJiZWUxMDU2MmJhMjIzNzM0NDI3YjhhY2M2OWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEIElqJE37t/WgRoGBsbJENH+C85
PU09AskxKMhGoZH+cnuIIQSs7VUmFybWlOp6uyUIvHO/cJHPD3Ljgl1+OQlak57A
MHlFUWw/LyJ9pRjNRgQd83vjfZQGjcIz+Ai+xJWPvFdWfRY21/i51mm1vDYzESvr
bY3Xhfbyrf/S0yKfZ6vfhlX+qbJk4m/kMM2CaadxTfjZEiof0mA/WBcJ2X6rUXSX
sbJiEmSRHsnIfk5jWOWQDfVHo0g2E7LpS1lUcPeUBvmebWsWBgLrJwQumPifyRBS
rnLSYHefCZETiW6rhl3S8mlc8MLNTngEJwQoZ0eGvtiG+tZskwOV06UagQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIK0bSg5+77hBWK6Ijc0QnuKzGmjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ3JSdEtEbjd2dUVGWXJvaU56UkNlNHJNYWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ8tLkq6FYtwrkjeCJfy
MR0hFbxxDjZBbazpxaoGNwm3Ybz74lFscLMT5324ntLtE6XYpr47Y8rj/yOALvTI
RyrFRs+YTOpdMJofP/2pDi3lGP6EFtxE0C4bM47lzyD1g71w5oCxQv/ussYiJB9w
d+iXz3VwdjzUfn7TutC7FUDbJ+VLnmVmJHYt93SeiP5M6eJxnfxCqh5O8CGizLy3
Oh7U+H0dK/38M8caEqcS4Mx0+g3LIZ2Wur1hk1fJL6J5cXQn+W9s/Y1FS2XBqVpT
+QlZYkbWqcFmau1g1GvNXsz4g1+8AHWQJK+jIWYjWDOb6h3Gv+9S/42gb8bSE75E
/I4=
-----END CERTIFICATE-----
Generated at Mon May 12 07:21:41 2025 by rpki-client