Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gH1zATbJisoYUmdQANOZGH87zrs.roa
File: gH1zATbJisoYUmdQANOZGH87zrs.roa (raw, json)
Hash identifier: lg0PIbKhCsDAkLmvZHQfMVhUHx+ovLcYumhqQzCYTto=
Subject key identifier: 80:7D:73:01:36:C9:8A:CA:18:52:67:50:00:D3:99:18:7F:3B:CE:BB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5C34F400C71F7D61F8B1003E37A9C4D6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gH1zATbJisoYUmdQANOZGH87zrs.roa
Signing time: Mon 23 Oct 2023 11:04:16 +0000
ROA not before: Mon 23 Oct 2023 11:04:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:5c34:d7ba/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5c:34:f4:00:c7:1f:7d:61:f8:b1:00:3e:37:a9:c4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 23 11:04:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=807d730136c98aca1852675000d399187f3bcebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:3e:7b:aa:d5:79:e0:48:40:82:25:7b:d5:7d:
e1:28:aa:d1:7d:59:49:51:fc:bf:ab:ad:b2:09:04:
64:30:ef:cb:91:63:88:15:a9:66:b8:60:3c:33:df:
bd:8d:a1:a1:7f:34:8c:69:5d:dc:30:07:3a:d2:fd:
2a:00:73:11:dd:d2:3a:74:12:77:d0:af:e2:63:a8:
a3:cf:12:20:63:b3:a2:ab:52:a5:0b:19:16:0f:52:
d7:79:9b:55:14:f9:83:81:12:13:92:38:63:6c:21:
4e:16:86:f6:4e:5d:81:93:8a:80:40:59:73:a9:76:
72:14:ad:67:20:d8:6a:cb:7f:8f:3d:3c:79:5a:37:
28:32:30:37:32:5c:11:1e:ee:48:59:37:0c:c6:fb:
71:55:f8:03:9f:80:24:b5:3c:45:5d:2c:1f:b4:4b:
93:e6:c1:bd:77:b2:4d:a2:19:b5:a3:72:50:07:6a:
71:6b:3d:c8:56:24:0d:57:4e:7d:00:e1:b9:5a:bb:
cc:08:b3:a9:86:19:4c:03:00:a5:60:85:9d:cf:71:
7d:1f:8f:8b:2d:1f:e6:26:33:34:5d:d9:69:0a:c9:
63:2e:f6:d2:7e:77:0c:49:76:8f:ff:b5:62:e9:02:
a1:14:ac:6a:a6:50:05:28:44:49:76:91:ef:3a:4e:
c8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:7D:73:01:36:C9:8A:CA:18:52:67:50:00:D3:99:18:7F:3B:CE:BB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gH1zATbJisoYUmdQANOZGH87zrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:7a:d0:4e:43:2b:82:38:90:d0:fd:8e:44:29:28:39:eb:e1:
ab:c8:67:ea:c5:16:4b:2d:8e:a7:75:a4:69:b4:7f:75:ec:0d:
98:37:2f:9f:01:ec:64:fc:f7:0a:b7:d4:3c:cc:43:18:22:c9:
17:b6:ac:a3:03:d4:cd:3d:0e:55:e2:9b:67:3e:bd:28:ca:3b:
7f:da:e0:04:4a:ea:7a:cb:43:b6:6b:d8:ad:fb:3e:f9:7b:bc:
49:02:81:dc:a3:b9:7e:da:9f:b3:99:2e:d6:c6:f9:cf:f7:1d:
20:df:43:ef:13:1a:a5:1d:a3:3e:37:c3:28:fc:46:a3:de:d0:
3d:52:45:e2:0e:1a:7d:43:85:b9:e3:5b:d9:93:56:96:7a:ca:
3f:0c:75:72:42:15:e7:82:46:02:cf:ed:0c:2b:9d:a6:db:92:
5c:fc:98:8b:60:1f:48:2f:8a:79:bd:27:c2:55:22:99:e9:a9:
08:3a:47:e5:c1:15:12:b6:14:30:57:de:55:64:e8:27:c4:0b:
11:61:2e:e0:c2:a6:e2:1c:15:74:8d:cf:76:83:66:81:7e:a9:
f0:43:da:bb:50:13:17:0f:c0:63:4f:23:79:66:6c:f2:ae:65:
00:52:e1:69:9a:ee:8a:b6:1f:9e:77:a0:c2:9e:c4:06:c1:5f:
74:cb:a5:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtcNPQAxx99YfixAD43qcTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIzMTEwNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDdkNzMwMTM2Yzk4YWNhMTg1MjY3NTAwMGQzOTkxODdmM2JjZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuT57qtV54EhAgiV71X3hKKrRfVlJ
Ufy/q62yCQRkMO/LkWOIFalmuGA8M9+9jaGhfzSMaV3cMAc60v0qAHMR3dI6dBJ3
0K/iY6ijzxIgY7Oiq1KlCxkWD1LXeZtVFPmDgRITkjhjbCFOFob2Tl2Bk4qAQFlz
qXZyFK1nINhqy3+PPTx5WjcoMjA3MlwRHu5IWTcMxvtxVfgDn4AktTxFXSwftEuT
5sG9d7JNohm1o3JQB2pxaz3IViQNV059AOG5WrvMCLOphhlMAwClYIWdz3F9H4+L
LR/mJjM0XdlpCsljLvbSfncMSXaP/7Vi6QKhFKxqplAFKERJdpHvOk7ItwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIB9cwE2yYrKGFJnUADTmRh/O867MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ0gxekFUYkppc29ZVW1kUUFOT1pHSDg3enJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHx60E5DK4I4kND9jkQp
KDnr4avIZ+rFFkstjqd1pGm0f3XsDZg3L58B7GT89wq31DzMQxgiyRe2rKMD1M09
DlXim2c+vSjKO3/a4ARK6nrLQ7Zr2K37Pvl7vEkCgdyjuX7an7OZLtbG+c/3HSDf
Q+8TGqUdoz43wyj8RqPe0D1SReIOGn1DhbnjW9mTVpZ6yj8MdXJCFeeCRgLP7Qwr
nabbklz8mItgH0gvinm9J8JVIpnpqQg6R+XBFRK2FDBX3lVk6CfECxFhLuDCpuIc
FXSNz3aDZoF+qfBD2rtQExcPwGNPI3lmbPKuZQBS4Wma7oq2H553oMKexAbBX3TL
pT4=
-----END CERTIFICATE-----
Generated at Wed Jun 18 08:21:19 2025 by rpki-client