Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/dgxByH4pLvOs5LBRahFgWMV_DNA.roa
File: dgxByH4pLvOs5LBRahFgWMV_DNA.roa (raw, json)
Hash identifier: ABnO6EFqaONEFn+EZFaUZCJoWAmxAtvuS0+hiO0RqEg=
Subject key identifier: 76:0C:41:C8:7E:29:2E:F3:AC:E4:B0:51:6A:11:60:58:C5:7F:0C:D0
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 0189500415361B492ED599DC9991C0D94ADA
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/dgxByH4pLvOs5LBRahFgWMV_DNA.roa
Signing time: Thu 13 Jul 2023 16:09:52 +0000
ROA not before: Thu 13 Jul 2023 16:09:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.19.224.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:50:04:15:36:1b:49:2e:d5:99:dc:99:91:c0:d9:4a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Jul 13 16:09:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=760c41c87e292ef3ace4b0516a116058c57f0cd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:52:24:be:cf:65:e9:63:10:a2:af:78:29:91:
cf:00:f8:dc:2c:04:6b:41:8b:d9:44:ca:18:82:4f:
da:a3:89:23:58:96:f8:49:2b:ba:85:33:1d:6a:4e:
8e:bc:81:93:10:15:87:0a:52:e8:9c:fe:41:66:10:
17:5d:93:77:10:e2:b5:b0:de:74:da:23:52:77:c5:
0b:94:9c:fa:61:3c:88:59:12:8c:ac:26:d6:09:b5:
7b:7a:93:56:24:3a:06:8a:dd:4e:1d:23:56:23:ff:
29:57:51:75:35:b7:08:a7:cc:7a:8e:b8:3c:3e:99:
b7:c7:ca:c2:f4:44:21:34:bf:6d:41:ee:f1:8a:a5:
95:5f:26:75:a3:d7:b9:9a:28:28:33:b5:9b:14:dd:
1a:65:ef:10:b4:17:7b:bd:ef:4c:40:2c:bf:86:c0:
52:94:5a:3d:a0:9c:2b:3c:b2:8a:c1:c0:75:93:38:
22:f9:4b:50:4b:15:6d:32:7c:c3:6b:22:36:f4:03:
d3:93:8f:3f:39:ee:f2:71:e1:8f:4f:4e:cb:88:17:
87:01:e1:95:a0:8f:78:ee:6c:92:3c:43:52:01:e0:
9d:63:15:1a:42:85:1e:82:91:9e:c6:1b:13:4f:76:
39:34:66:42:f5:b1:f6:32:62:19:c0:b1:32:df:9e:
92:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:0C:41:C8:7E:29:2E:F3:AC:E4:B0:51:6A:11:60:58:C5:7F:0C:D0
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/dgxByH4pLvOs5LBRahFgWMV_DNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.224.0/22
Signature Algorithm: sha256WithRSAEncryption
88:cd:a0:a9:25:74:03:b9:a0:08:f7:52:ef:12:c1:4c:9b:60:
47:11:22:c1:31:c8:ca:a1:22:53:e3:1a:e3:4a:bc:4f:5c:e2:
ac:5b:c4:e1:90:25:12:14:a0:be:bb:15:34:cd:c8:13:a6:f0:
36:61:82:8b:f8:fc:d5:e7:73:1a:6f:27:c9:6b:87:d8:18:c7:
fa:5c:6d:72:4b:b4:e4:d8:ff:f3:69:0b:46:0d:be:07:2b:63:
51:89:af:12:35:84:c3:94:26:4e:71:32:bc:c3:48:11:08:17:
b8:f5:3d:c2:eb:2c:73:6f:13:28:6f:73:e0:75:cc:9a:80:51:
b2:30:69:97:5e:89:02:cb:2b:9a:08:3d:59:23:58:71:4b:33:
1b:ee:ba:d2:8c:0b:16:c0:85:fa:9a:b1:86:8c:36:44:fa:9e:
22:87:a8:4a:5f:6e:48:de:5c:66:a3:eb:fa:fe:13:bc:5e:e7:
a6:5c:ac:1b:9d:31:f5:a8:01:33:58:ce:27:37:2f:23:48:d3:
7c:5b:86:18:27:d3:d1:ba:72:24:03:d7:5a:da:44:b3:39:3b:
ea:6e:f0:77:82:ed:92:9e:10:cd:5d:df:9a:e4:43:c0:1a:fe:
1a:5b:a5:a3:82:6f:a4:f1:c9:09:71:a5:58:e2:f0:82:a9:39:
4d:88:ac:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlQBBU2G0ku1ZncmZHA2UraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjMwNzEzMTYwOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjBjNDFjODdlMjkyZWYzYWNlNGIwNTE2YTExNjA1OGM1N2YwY2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFIkvs9l6WMQoq94KZHPAPjcLARr
QYvZRMoYgk/ao4kjWJb4SSu6hTMdak6OvIGTEBWHClLonP5BZhAXXZN3EOK1sN50
2iNSd8ULlJz6YTyIWRKMrCbWCbV7epNWJDoGit1OHSNWI/8pV1F1NbcIp8x6jrg8
Ppm3x8rC9EQhNL9tQe7xiqWVXyZ1o9e5migoM7WbFN0aZe8QtBd7ve9MQCy/hsBS
lFo9oJwrPLKKwcB1kzgi+UtQSxVtMnzDayI29APTk48/Oe7yceGPT07LiBeHAeGV
oI947mySPENSAeCdYxUaQoUegpGexhsTT3Y5NGZC9bH2MmIZwLEy356SAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHYMQch+KS7zrOSwUWoRYFjFfwzQMB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvZGd4QnlINHBMdk9zNUxCUmFoRmdXTVZfRE5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwRPgMA0G
CSqGSIb3DQEBCwUAA4IBAQCIzaCpJXQDuaAI91LvEsFMm2BHESLBMcjKoSJT4xrj
SrxPXOKsW8ThkCUSFKC+uxU0zcgTpvA2YYKL+PzV53MabyfJa4fYGMf6XG1yS7Tk
2P/zaQtGDb4HK2NRia8SNYTDlCZOcTK8w0gRCBe49T3C6yxzbxMob3PgdcyagFGy
MGmXXokCyyuaCD1ZI1hxSzMb7rrSjAsWwIX6mrGGjDZE+p4ih6hKX25I3lxmo+v6
/hO8XuemXKwbnTH1qAEzWM4nNy8jSNN8W4YYJ9PRunIkA9da2kSzOTvqbvB3gu2S
nhDNXd+a5EPAGv4aW6Wjgm+k8ckJcaVY4vCCqTlNiKw4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:57:55 2025 by rpki-client