Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kGnO0gglrvpHBf5XPffJdtqtHm0.roa
File: kGnO0gglrvpHBf5XPffJdtqtHm0.roa (raw, json)
Hash identifier: YALc/5MuTBZo4FTXLTH+br3M5Gr9lal0q8326nG494U=
Subject key identifier: 90:69:CE:D2:08:25:AE:FA:47:05:FE:57:3D:F7:C9:76:DA:AD:1E:6D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAAF5CF09208A9AAA17148E8C6E4A611E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kGnO0gglrvpHBf5XPffJdtqtHm0.roa
Signing time: Tue 07 Nov 2023 18:05:17 +0000
ROA not before: Tue 07 Nov 2023 18:05:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:aaf5:52a5/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:aa:f5:cf:09:20:8a:9a:aa:17:14:8e:8c:6e:4a:61:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 18:05:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9069ced20825aefa4705fe573df7c976daad1e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:78:82:a4:f0:72:60:d4:9c:48:04:40:fa:e6:
39:cc:4b:97:e7:53:be:c8:3c:ca:07:97:49:f6:65:
c0:2f:33:16:05:f7:4b:b0:56:4e:5c:d4:c4:f9:2b:
af:f1:41:80:4a:4a:34:e3:dd:3f:18:c3:26:80:36:
35:79:f4:4f:62:39:68:30:e0:ac:94:12:9b:11:ae:
24:1d:db:f6:8c:5c:8c:6d:68:08:70:80:a7:eb:ed:
55:94:75:ac:8b:26:9b:fe:e2:c5:84:10:1a:a7:79:
5b:0c:b4:b4:4b:4a:ce:a3:85:bc:1c:80:70:e8:f5:
d2:43:87:63:25:59:72:80:1d:3b:a6:9e:58:1d:28:
87:c7:a2:11:72:98:66:e9:ce:25:5b:4e:67:a5:4b:
f1:20:53:38:9b:d2:4f:4b:b1:80:ec:ba:e5:c6:08:
1c:6d:e9:69:d5:87:b8:3c:e2:89:45:5e:e1:46:4b:
5a:3f:1b:ea:ec:6b:cf:59:26:0a:f8:a4:18:cc:ca:
48:8d:1d:ce:11:2c:a5:33:da:e4:15:cd:06:52:d5:
fb:de:74:ee:6b:4f:f3:b0:ea:56:c7:8f:ed:a3:21:
c8:03:a5:b7:72:01:c8:04:48:33:69:d9:b5:07:22:
06:c2:9a:7d:3e:4c:10:cb:4f:14:86:3e:c6:f8:41:
90:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:69:CE:D2:08:25:AE:FA:47:05:FE:57:3D:F7:C9:76:DA:AD:1E:6D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kGnO0gglrvpHBf5XPffJdtqtHm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:2d:98:cd:23:d4:7b:c8:0a:00:bd:4c:75:a3:72:51:63:ca:
c7:3e:93:cd:63:b2:df:41:de:3f:84:91:be:b2:52:31:d4:65:
3c:8e:cd:1d:31:35:27:2d:da:5a:76:96:a0:17:e6:2e:76:c6:
56:17:c1:2d:e8:29:b6:b1:cf:31:4c:a6:71:1b:f2:f1:04:21:
8b:63:2a:ba:f3:c5:55:ca:65:06:44:52:bb:45:06:03:c4:72:
78:10:03:d6:1d:26:4c:a7:60:cb:04:ab:62:79:1c:46:c2:00:
d1:ed:00:74:15:f3:f8:9d:50:2b:69:7d:56:d6:3f:a8:1f:2f:
b8:fc:05:cb:9e:cb:89:fc:e4:5e:8f:23:21:96:af:8c:0c:29:
9c:39:08:20:84:ce:99:67:88:88:2f:32:b4:00:60:80:3a:cd:
5a:cc:e8:b2:e5:ba:25:ce:38:6a:16:98:0b:f4:1f:8f:66:8e:
58:a7:d8:3c:1f:48:bb:b3:20:47:db:a7:e1:c5:7a:48:8b:f8:
a8:5e:87:5c:8e:19:87:40:9e:f5:5d:23:e0:29:6f:94:54:a5:
42:97:ad:d5:e6:20:06:ea:68:a4:a6:2f:41:76:a2:81:07:8f:
4a:f2:04:e9:82:55:d9:fe:75:bc:75:ba:a6:e0:0b:36:bb:88:
41:99:46:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuq9c8JIIqaqhcUjoxuSmEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MTgwNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDY5Y2VkMjA4MjVhZWZhNDcwNWZlNTczZGY3Yzk3NmRhYWQxZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HiCpPByYNScSARA+uY5zEuX51O+
yDzKB5dJ9mXALzMWBfdLsFZOXNTE+Suv8UGASko0490/GMMmgDY1efRPYjloMOCs
lBKbEa4kHdv2jFyMbWgIcICn6+1VlHWsiyab/uLFhBAap3lbDLS0S0rOo4W8HIBw
6PXSQ4djJVlygB07pp5YHSiHx6IRcphm6c4lW05npUvxIFM4m9JPS7GA7Lrlxggc
belp1Ye4POKJRV7hRktaPxvq7GvPWSYK+KQYzMpIjR3OESylM9rkFc0GUtX73nTu
a0/zsOpWx4/toyHIA6W3cgHIBEgzadm1ByIGwpp9PkwQy08Uhj7G+EGQAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJBpztIIJa76RwX+Vz33yXbarR5tMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva0duTzBnZ2xydnBIQmY1WFBmZkpkdHF0SG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD8tmM0j1HvICgC9THWj
clFjysc+k81jst9B3j+Ekb6yUjHUZTyOzR0xNSct2lp2lqAX5i52xlYXwS3oKbax
zzFMpnEb8vEEIYtjKrrzxVXKZQZEUrtFBgPEcngQA9YdJkynYMsEq2J5HEbCANHt
AHQV8/idUCtpfVbWP6gfL7j8Bcuey4n85F6PIyGWr4wMKZw5CCCEzplniIgvMrQA
YIA6zVrM6LLluiXOOGoWmAv0H49mjlin2DwfSLuzIEfbp+HFekiL+Kheh1yOGYdA
nvVdI+Apb5RUpUKXrdXmIAbqaKSmL0F2ooEHj0ryBOmCVdn+dbx1uqbgCza7iEGZ
RqU=
-----END CERTIFICATE-----
Generated at Thu Jun 19 11:10:54 2025 by rpki-client