Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sgAgLIcrPFaMQSJ8MmoBY1h9NuM.roa
File: sgAgLIcrPFaMQSJ8MmoBY1h9NuM.roa (raw, json)
Hash identifier: GnEd0ctsEpOvCWm5vifHxxfL33LbjVp/VdQlkXhR3cw=
Subject key identifier: B2:00:20:2C:87:2B:3C:56:8C:41:22:7C:32:6A:01:63:58:7D:36:E3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B15661D8C942D5D084C710784E288C7BA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sgAgLIcrPFaMQSJ8MmoBY1h9NuM.roa
Signing time: Mon 09 Oct 2023 17:04:55 +0000
ROA not before: Mon 09 Oct 2023 17:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:1565:ad0c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:15:66:1d:8c:94:2d:5d:08:4c:71:07:84:e2:88:c7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 17:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b200202c872b3c568c41227c326a0163587d36e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c9:07:e2:0c:06:77:ee:ca:33:de:12:65:f7:
89:25:96:97:22:ef:7a:12:7d:f9:da:f0:84:83:bd:
0e:41:5c:3d:06:d6:cd:0d:8b:2b:a3:18:ea:ce:b1:
55:2d:04:83:1d:3d:e5:2a:4a:6b:a4:04:a2:ea:04:
5f:51:03:1b:d6:a4:5d:f2:c3:72:89:c5:81:6a:4c:
1b:30:95:29:77:67:bf:e5:5d:ab:33:ac:6d:01:e2:
c9:85:d1:c5:90:18:66:43:82:0f:41:96:4d:d4:92:
22:b8:c5:5b:33:e0:c4:8e:ac:4d:76:e7:31:63:47:
b5:87:d8:4a:05:56:88:93:f3:96:fd:12:19:59:53:
42:4e:4d:2d:fc:73:54:88:93:bf:62:9e:95:56:fd:
8e:58:bf:39:b0:ed:28:f3:6d:a3:f2:c9:72:8e:70:
67:fe:a7:42:c3:ed:03:66:ed:00:40:89:6b:97:31:
14:16:92:31:e4:99:ee:5a:00:dd:5f:1d:88:94:0a:
7b:68:01:47:eb:a2:7f:5d:13:78:2b:d9:0d:41:4f:
7c:8b:33:70:b4:8e:b7:c7:4c:fa:51:aa:45:cb:45:
18:5d:19:18:4d:9f:91:e7:29:ad:3c:f6:80:25:93:
53:b0:9f:dc:50:be:0f:bb:02:55:5f:b8:2d:5a:b8:
d0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:00:20:2C:87:2B:3C:56:8C:41:22:7C:32:6A:01:63:58:7D:36:E3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/sgAgLIcrPFaMQSJ8MmoBY1h9NuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:d9:9d:4f:bd:d4:d6:a2:23:d3:f3:e5:e6:bc:33:a1:f8:ce:
ba:4d:48:2c:be:d8:98:95:cc:a5:84:5a:82:93:49:43:51:39:
95:7b:a8:0d:5b:2e:8d:37:38:b7:17:e0:d1:84:f9:fa:ae:9d:
f2:17:55:dd:19:17:06:95:d9:fc:df:d7:d9:cb:f6:7a:31:4c:
72:26:33:98:c4:97:9f:e2:12:f5:68:db:88:2d:3e:2c:89:39:
10:e7:70:a4:98:ad:73:b6:86:96:8d:d3:99:d7:8c:5c:f7:56:
de:f8:75:cc:aa:d1:e7:1d:34:ac:e9:fe:d6:41:d9:46:a0:68:
47:65:82:20:d2:9a:4d:8f:ef:a9:e5:cb:0d:6e:83:7a:51:aa:
d6:d5:d5:3f:7d:c9:b3:46:a4:c7:07:9e:dd:35:97:7a:94:1c:
20:6b:24:cc:58:c1:3d:d6:9a:33:fc:db:aa:86:92:9a:66:87:
fd:b1:79:b4:13:54:4e:c4:c1:ca:3f:c3:b8:80:57:a0:76:3c:
9b:57:d6:c4:d9:db:d3:fb:56:cb:52:ca:ee:bf:14:be:e5:68:
88:78:0c:65:9d:6d:16:a4:cb:67:53:b1:a8:43:cc:7d:c5:ae:
39:ba:80:7a:89:e9:a3:01:4a:40:33:88:c5:05:46:a9:bc:c8:
cc:78:cd:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsVZh2MlC1dCExxB4TiiMe6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MTcwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjAwMjAyYzg3MmIzYzU2OGM0MTIyN2MzMjZhMDE2MzU4N2QzNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18kH4gwGd+7KM94SZfeJJZaXIu96
En352vCEg70OQVw9BtbNDYsroxjqzrFVLQSDHT3lKkprpASi6gRfUQMb1qRd8sNy
icWBakwbMJUpd2e/5V2rM6xtAeLJhdHFkBhmQ4IPQZZN1JIiuMVbM+DEjqxNducx
Y0e1h9hKBVaIk/OW/RIZWVNCTk0t/HNUiJO/Yp6VVv2OWL85sO0o822j8slyjnBn
/qdCw+0DZu0AQIlrlzEUFpIx5JnuWgDdXx2IlAp7aAFH66J/XRN4K9kNQU98izNw
tI63x0z6UapFy0UYXRkYTZ+R5ymtPPaAJZNTsJ/cUL4PuwJVX7gtWrjQuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLIAICyHKzxWjEEifDJqAWNYfTbjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc2dBZ0xJY3JQRmFNUVNKOE1tb0JZMWg5TnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACfZnU+91NaiI9Pz5ea8
M6H4zrpNSCy+2JiVzKWEWoKTSUNROZV7qA1bLo03OLcX4NGE+fqunfIXVd0ZFwaV
2fzf19nL9noxTHImM5jEl5/iEvVo24gtPiyJORDncKSYrXO2hpaN05nXjFz3Vt74
dcyq0ecdNKzp/tZB2UagaEdlgiDSmk2P76nlyw1ug3pRqtbV1T99ybNGpMcHnt01
l3qUHCBrJMxYwT3WmjP826qGkppmh/2xebQTVE7Ewco/w7iAV6B2PJtX1sTZ29P7
VstSyu6/FL7laIh4DGWdbRaky2dTsahDzH3Frjm6gHqJ6aMBSkAziMUFRqm8yMx4
zXA=
-----END CERTIFICATE-----
Generated at Wed Jun 18 08:23:30 2025 by rpki-client