Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/g0W9_YfOgM8y5ONqtV2rhNSAN4Q.roa
File: g0W9_YfOgM8y5ONqtV2rhNSAN4Q.roa (raw, json)
Hash identifier: UZhiwLXqa4EGa91KOFfkckiCGF55sQAmgH4qb7T0cQU=
Subject key identifier: 83:45:BD:FD:87:CE:80:CF:32:E4:E3:6A:B5:5D:AB:84:D4:80:37:84
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EED797E5B318CB5D2CAAA10597105495C
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/g0W9_YfOgM8y5ONqtV2rhNSAN4Q.roa
Signing time: Wed 17 Apr 2024 19:12:26 +0000
ROA not before: Wed 17 Apr 2024 19:12:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ed:79:7e:5b:31:8c:b5:d2:ca:aa:10:59:71:05:49:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 17 19:12:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8345bdfd87ce80cf32e4e36ab55dab84d4803784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ed:52:da:0b:f6:1f:2e:1d:69:e3:e9:49:7e:
b1:03:bb:59:5e:ab:76:c3:ea:e3:27:95:5b:39:ea:
dd:38:69:d6:d5:64:92:1b:70:f7:8a:01:7b:2c:84:
74:28:9e:7f:24:35:7c:91:dc:ce:0a:3b:5a:d7:ea:
9c:0c:ec:e2:1b:cb:5a:6a:5a:c2:d7:8a:cd:4b:75:
c8:95:33:d1:c6:6f:69:dc:08:b9:9d:18:73:1b:0a:
f1:9b:fb:b2:a7:0b:c0:f9:77:b3:28:de:e4:83:01:
48:b4:9d:63:84:a1:59:8c:1d:1e:7d:ad:cb:23:9d:
40:db:d1:2b:4a:1e:00:8b:1d:3b:b5:6c:4c:d4:e4:
60:cf:d7:63:50:e7:3c:e6:4f:bc:70:98:11:05:60:
13:eb:58:b2:aa:ac:b1:f1:29:a6:20:2f:8e:b4:0a:
84:53:ff:d0:9b:f9:72:bf:26:f0:06:96:ba:6b:c5:
54:b9:6c:e4:44:5c:36:81:2a:ae:6b:3c:44:66:b6:
fc:45:62:20:39:2b:d2:47:0e:54:fe:73:a1:3b:c9:
42:d8:f0:61:cd:5f:48:00:dc:60:ab:eb:d4:68:2a:
2f:83:84:34:a7:18:b1:7c:76:6f:dc:a5:8e:12:0a:
14:5d:d1:a5:30:e2:6d:28:57:d4:61:82:8f:b5:27:
39:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:45:BD:FD:87:CE:80:CF:32:E4:E3:6A:B5:5D:AB:84:D4:80:37:84
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/g0W9_YfOgM8y5ONqtV2rhNSAN4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:5d:9e:3b:79:b0:18:af:2c:e0:38:d4:80:60:d2:cf:45:de:
47:34:c2:25:76:80:06:f4:8d:04:5b:b5:53:3b:45:60:c0:d7:
19:47:05:7e:13:8a:d3:b9:ea:a1:f3:23:5d:36:8f:df:09:9d:
32:9b:c8:99:24:4f:ce:a7:44:fc:a7:00:f9:dd:29:0b:bf:f7:
e8:64:30:3e:50:75:7c:2e:de:b2:e8:e5:16:5e:87:ec:b8:ef:
89:03:7a:b4:60:eb:54:fe:ee:6a:77:57:28:04:87:a0:61:a7:
66:be:55:63:39:59:16:63:93:35:ec:3a:38:f3:f9:aa:43:a5:
06:28:23:e4:04:2a:e5:c6:a7:8a:32:82:68:57:bd:ed:a9:8a:
df:01:f0:9f:bc:8a:5d:ff:13:52:8e:a1:70:01:8a:91:63:32:
39:cd:09:1b:72:b2:e9:2b:ab:86:35:c7:7c:03:4f:3f:73:80:
58:da:de:f2:39:36:c9:bb:ba:74:8d:d3:85:86:2e:d2:82:0c:
ef:16:6f:1c:ee:cd:e5:e6:5f:f9:50:f8:97:fc:b1:df:c9:f1:
b2:c6:81:0c:8f:e9:7b:40:1e:e4:7f:31:dd:c4:5e:ef:aa:70:
5d:98:b3:f5:5d:dc:20:02:2e:a0:10:b5:c0:23:db:81:41:9d:
07:aa:ce:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7teX5bMYy10sqqEFlxBUlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE3MTkxMjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzQ1YmRmZDg3Y2U4MGNmMzJlNGUzNmFiNTVkYWI4NGQ0ODAzNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxO1S2gv2Hy4daePpSX6xA7tZXqt2
w+rjJ5VbOerdOGnW1WSSG3D3igF7LIR0KJ5/JDV8kdzOCjta1+qcDOziG8taalrC
14rNS3XIlTPRxm9p3Ai5nRhzGwrxm/uypwvA+XezKN7kgwFItJ1jhKFZjB0efa3L
I51A29ErSh4Aix07tWxM1ORgz9djUOc85k+8cJgRBWAT61iyqqyx8SmmIC+OtAqE
U//Qm/lyvybwBpa6a8VUuWzkRFw2gSquazxEZrb8RWIgOSvSRw5U/nOhO8lC2PBh
zV9IANxgq+vUaCovg4Q0pxixfHZv3KWOEgoUXdGlMOJtKFfUYYKPtSc54wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFINFvf2HzoDPMuTjarVdq4TUgDeEMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvZzBXOV9ZZk9nTTh5NU9OcXRWMnJoTlNBTjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB5dnjt5sBivLOA41IBg
0s9F3kc0wiV2gAb0jQRbtVM7RWDA1xlHBX4TitO56qHzI102j98JnTKbyJkkT86n
RPynAPndKQu/9+hkMD5QdXwu3rLo5RZeh+y474kDerRg61T+7mp3VygEh6Bhp2a+
VWM5WRZjkzXsOjjz+apDpQYoI+QEKuXGp4oygmhXve2pit8B8J+8il3/E1KOoXAB
ipFjMjnNCRtysukrq4Y1x3wDTz9zgFja3vI5Nsm7unSN04WGLtKCDO8WbxzuzeXm
X/lQ+Jf8sd/J8bLGgQyP6XtAHuR/Md3EXu+qcF2Ys/Vd3CACLqAQtcAj24FBnQeq
zhA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:33:22 2025 by rpki-client