Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gMqZ2WNjeOFAAscEXAqVNG1cEC8.roa
File: gMqZ2WNjeOFAAscEXAqVNG1cEC8.roa (raw, json)
Hash identifier: b8G7e3eyess5B+8vI7ZK8gFfCx0FMZzajJimlRrJfKU=
Subject key identifier: 80:CA:99:D9:63:63:78:E1:40:02:C7:04:5C:0A:95:34:6D:5C:10:2F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACDBAAAC961C97AB82B103E9ACFCD1429
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gMqZ2WNjeOFAAscEXAqVNG1cEC8.roa
Signing time: Mon 25 Sep 2023 19:04:37 +0000
ROA not before: Mon 25 Sep 2023 19:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:cdba:6362/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:ba:aa:c9:61:c9:7a:b8:2b:10:3e:9a:cf:cd:14:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 19:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ca99d9636378e14002c7045c0a95346d5c102f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:30:97:10:e7:b5:8b:48:c5:32:d8:bf:6c:d9:
83:13:62:cf:89:86:0e:e2:41:5c:ef:67:65:af:28:
16:8a:88:b0:7e:ef:fe:58:19:6c:d6:6b:5c:9e:2e:
59:c0:07:63:e5:6e:0c:6a:1a:53:91:9c:59:3b:63:
84:06:50:38:d1:48:9c:cc:0d:3e:d0:7e:6e:3c:6b:
2e:a8:10:9d:14:a9:64:5f:22:45:de:db:38:c2:2a:
bf:7a:b1:e0:ad:a3:79:07:db:20:26:2b:ee:01:1f:
64:1d:32:fa:b2:79:e3:60:e8:a1:77:ea:e8:1e:07:
fc:2f:df:a4:06:29:97:f7:c8:c3:dc:df:98:8b:62:
14:0f:f8:37:27:6d:13:3f:69:8e:50:07:d6:0f:57:
ee:78:57:95:57:b6:40:8e:58:c7:57:4f:bd:aa:ed:
f5:ba:14:e4:37:11:16:f9:7b:74:b2:5b:16:d4:30:
07:38:7e:07:72:0a:9b:7c:4a:fd:e9:ae:86:43:50:
bf:1c:c1:3e:8e:ff:f4:48:bd:d9:49:85:28:2e:94:
9c:f2:a7:0c:c0:bf:25:ec:53:f8:7a:75:13:84:07:
66:21:b9:d1:ad:42:8c:33:c0:83:41:b8:29:47:01:
83:c5:84:e1:52:1a:6f:fb:e7:85:58:ed:24:7a:71:
29:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:CA:99:D9:63:63:78:E1:40:02:C7:04:5C:0A:95:34:6D:5C:10:2F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/gMqZ2WNjeOFAAscEXAqVNG1cEC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:2b:f2:a6:e2:ff:10:8a:f5:14:fb:75:1d:90:a2:c7:2f:96:
d9:57:9d:f3:38:fc:cf:10:65:5a:69:ed:8e:0e:10:a5:e3:df:
ac:b7:03:e2:55:5e:c5:b2:08:41:1a:18:a2:02:36:59:10:f1:
9f:cb:c8:f9:ae:e5:79:d9:8c:32:7d:47:ea:7f:33:6a:d0:11:
47:23:11:d2:29:96:07:fe:99:1f:99:16:dc:34:6f:fa:3a:44:
b7:ef:8e:85:a8:1d:8a:5f:b9:d3:a5:85:e4:b9:4f:00:e1:c9:
86:9a:13:ca:5c:a1:b6:b8:59:47:99:f3:f7:a1:44:e3:0b:66:
37:99:46:b5:c2:3f:1b:53:29:ce:f8:9f:ad:31:08:33:26:a7:
c8:7f:9a:23:f0:34:61:4d:ca:16:5e:0b:3f:e6:c4:ea:81:7f:
a9:e3:71:80:51:b2:43:3c:5f:80:a6:7d:4d:4b:6a:ac:23:d2:
62:dd:16:64:aa:06:ad:4d:28:31:f5:3f:ed:91:66:4c:55:8f:
16:14:6a:2c:b7:0b:1c:50:38:8a:4d:bb:63:04:65:bb:47:f0:
15:f3:0a:36:05:f3:1c:69:bd:f4:12:28:1c:6c:8d:12:5e:21:
29:c4:0f:25:b0:af:26:b1:5d:30:54:dd:4d:7b:51:da:9f:e3:
14:3c:7a:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrNuqrJYcl6uCsQPprPzRQpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MTkwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGNhOTlkOTYzNjM3OGUxNDAwMmM3MDQ1YzBhOTUzNDZkNWMxMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTCXEOe1i0jFMti/bNmDE2LPiYYO
4kFc72dlrygWioiwfu/+WBls1mtcni5ZwAdj5W4MahpTkZxZO2OEBlA40UiczA0+
0H5uPGsuqBCdFKlkXyJF3ts4wiq/erHgraN5B9sgJivuAR9kHTL6snnjYOihd+ro
Hgf8L9+kBimX98jD3N+Yi2IUD/g3J20TP2mOUAfWD1fueFeVV7ZAjljHV0+9qu31
uhTkNxEW+Xt0slsW1DAHOH4HcgqbfEr96a6GQ1C/HME+jv/0SL3ZSYUoLpSc8qcM
wL8l7FP4enUThAdmIbnRrUKMM8CDQbgpRwGDxYThUhpv++eFWO0kenEpxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIDKmdljY3jhQALHBFwKlTRtXBAvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZ01xWjJXTmplT0ZBQXNjRVhBcVZORzFjRUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHUr8qbi/xCK9RT7dR2Q
oscvltlXnfM4/M8QZVpp7Y4OEKXj36y3A+JVXsWyCEEaGKICNlkQ8Z/LyPmu5XnZ
jDJ9R+p/M2rQEUcjEdIplgf+mR+ZFtw0b/o6RLfvjoWoHYpfudOlheS5TwDhyYaa
E8pcoba4WUeZ8/ehROMLZjeZRrXCPxtTKc74n60xCDMmp8h/miPwNGFNyhZeCz/m
xOqBf6njcYBRskM8X4CmfU1Laqwj0mLdFmSqBq1NKDH1P+2RZkxVjxYUaiy3CxxQ
OIpNu2MEZbtH8BXzCjYF8xxpvfQSKBxsjRJeISnEDyWwryaxXTBU3U17Udqf4xQ8
ehw=
-----END CERTIFICATE-----
Generated at Tue Jun 17 05:27:20 2025 by rpki-client