Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vEGIL7Lg9CCBsvwAXqFE2T_gySA.roa
File: vEGIL7Lg9CCBsvwAXqFE2T_gySA.roa (raw, json)
Hash identifier: Nuf+nJpziKVby9aG27H9EagCnms2cJQjF3q3AJgN92o=
Subject key identifier: BC:41:88:2F:B2:E0:F4:20:81:B2:FC:00:5E:A1:44:D9:3F:E0:C9:20
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8A2B50E5A85DB94C379CECA9267D27E0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vEGIL7Lg9CCBsvwAXqFE2T_gySA.roa
Signing time: Wed 01 Nov 2023 09:16:16 +0000
ROA not before: Wed 01 Nov 2023 09:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8a:2b:50:e5:a8:5d:b9:4c:37:9c:ec:a9:26:7d:27:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 09:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc41882fb2e0f42081b2fc005ea144d93fe0c920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ea:76:6b:11:0f:4f:55:99:04:0a:6f:de:74:
4d:73:2e:0a:97:a2:50:a7:7f:a0:48:eb:ae:be:30:
d1:e5:cf:2a:2f:1a:d1:bb:16:1f:6e:c7:4a:e8:86:
93:d1:65:cc:d4:cc:fb:4b:57:e4:90:4f:7f:1c:ba:
84:6e:e9:00:cf:d4:3d:f3:ca:ed:b9:2f:d6:a5:7b:
48:ba:d9:17:09:40:74:b2:2c:3f:d8:de:20:15:40:
68:e3:84:f0:b3:33:fd:3f:a4:32:c8:33:95:f8:0e:
7d:80:64:a1:00:8f:48:a9:bb:25:3d:ff:c0:63:71:
cf:76:30:c7:dc:c6:c3:7a:65:55:47:15:48:55:35:
9d:63:57:d4:d1:01:c3:3f:7c:ee:66:3f:8b:61:c7:
64:ad:4c:d4:be:0b:60:22:ef:67:4b:d7:65:81:b3:
53:6d:e0:b1:cb:cf:fa:c6:63:08:ff:8e:94:bb:c6:
86:10:cd:12:98:43:10:51:10:9d:47:b5:1d:d6:88:
f7:ed:8b:f4:43:30:c0:c3:aa:a8:14:b7:6a:8b:20:
13:c0:e3:24:fd:97:68:92:25:71:c8:76:15:d0:4a:
15:35:08:84:d7:2a:dd:28:5b:05:2e:7b:9c:57:f2:
4f:d6:94:45:1e:09:39:ec:28:e8:b9:18:5b:b6:cd:
7a:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:41:88:2F:B2:E0:F4:20:81:B2:FC:00:5E:A1:44:D9:3F:E0:C9:20
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vEGIL7Lg9CCBsvwAXqFE2T_gySA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:55:76:bc:96:12:98:40:9e:42:55:28:c9:9e:dd:2f:1c:f7:
f4:fa:0c:3b:ba:5e:31:d2:3d:63:0b:c9:9b:4f:4e:be:ab:3b:
d2:e0:a6:15:30:7f:3c:fd:cb:1c:33:de:b0:94:28:31:1e:d3:
ff:a5:d2:d4:51:8d:92:33:c2:08:de:9b:ba:56:ee:36:31:4f:
fc:8d:3a:48:cf:a8:45:da:f9:47:e1:c1:0b:b8:28:05:92:d7:
90:6a:ae:4a:21:6f:6b:46:f8:7b:68:32:35:e2:96:e2:eb:e0:
57:a9:3a:f0:d2:55:3b:53:1f:74:b9:a3:b7:0b:ef:69:49:39:
f8:5d:e6:df:06:20:0b:64:4e:fe:33:07:b9:f0:b2:a5:5b:aa:
50:a7:70:40:17:fd:fb:ae:a9:51:a0:4c:bd:73:29:3f:b6:80:
b6:e4:39:82:24:71:9b:f3:27:a6:c2:40:97:07:bc:ef:20:a1:
38:70:49:2e:4a:84:d0:70:fd:c8:c9:a1:75:81:9e:80:0d:17:
76:a4:cd:f2:57:86:a7:27:42:f7:7c:17:fc:c9:af:5d:bb:a1:
cd:39:67:a7:53:37:4b:65:58:a3:95:bb:aa:fb:dc:1f:38:a7:
cb:8a:2b:96:0b:23:53:9e:ad:24:4d:82:f6:03:f6:0d:67:b3:
57:a5:84:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuKK1DlqF25TDec7KkmfSfgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMDkxNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQxODgyZmIyZTBmNDIwODFiMmZjMDA1ZWExNDRkOTNmZTBjOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+p2axEPT1WZBApv3nRNcy4Kl6JQ
p3+gSOuuvjDR5c8qLxrRuxYfbsdK6IaT0WXM1Mz7S1fkkE9/HLqEbukAz9Q988rt
uS/WpXtIutkXCUB0siw/2N4gFUBo44TwszP9P6QyyDOV+A59gGShAI9IqbslPf/A
Y3HPdjDH3MbDemVVRxVIVTWdY1fU0QHDP3zuZj+LYcdkrUzUvgtgIu9nS9dlgbNT
beCxy8/6xmMI/46Uu8aGEM0SmEMQURCdR7Ud1oj37Yv0QzDAw6qoFLdqiyATwOMk
/ZdokiVxyHYV0EoVNQiE1yrdKFsFLnucV/JP1pRFHgk57CjouRhbts16KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLxBiC+y4PQggbL8AF6hRNk/4MkgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdkVHSUw3TGc5Q0NCc3Z3QVhxRkUyVF9neVNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMlVdryWEphAnkJVKMme
3S8c9/T6DDu6XjHSPWMLyZtPTr6rO9LgphUwfzz9yxwz3rCUKDEe0/+l0tRRjZIz
wgjem7pW7jYxT/yNOkjPqEXa+UfhwQu4KAWS15Bqrkohb2tG+HtoMjXiluLr4Fep
OvDSVTtTH3S5o7cL72lJOfhd5t8GIAtkTv4zB7nwsqVbqlCncEAX/fuuqVGgTL1z
KT+2gLbkOYIkcZvzJ6bCQJcHvO8goThwSS5KhNBw/cjJoXWBnoANF3akzfJXhqcn
Qvd8F/zJr127oc05Z6dTN0tlWKOVu6r73B84p8uKK5YLI1OerSRNgvYD9g1ns1el
hMs=
-----END CERTIFICATE-----
Generated at Sun May 11 22:18:21 2025 by rpki-client