Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/dU99F7zZRN7ERJfu37HJ61joP2g.roa
File: dU99F7zZRN7ERJfu37HJ61joP2g.roa (raw, json)
Hash identifier: yTDd3NQ8UvopcYxUEmjue351weAa7WV+YbDHDLg29r0=
Subject key identifier: 75:4F:7D:17:BC:D9:44:DE:C4:44:97:EE:DF:B1:C9:EB:58:E8:3F:68
Certificate issuer: /CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Certificate serial: 01856F429364F5EDA1CF4B9077200D84AFEF
Authority key identifier: DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/dU99F7zZRN7ERJfu37HJ61joP2g.roa
Signing time: Sun 01 Jan 2023 21:35:12 +0000
ROA not before: Sun 01 Jan 2023 21:35:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206092
IP address blocks: 192.109.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:93:64:f5:ed:a1:cf:4b:90:77:20:0d:84:af:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbe8cc8f5af1e7362d454f3dd91a82952919db61
Validity
Not Before: Jan 1 21:35:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=754f7d17bcd944dec44497eedfb1c9eb58e83f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e7:bf:a4:5e:60:be:3d:5a:3d:5c:da:7a:f4:
0d:c9:16:a0:3e:56:5a:2a:31:ac:f5:cb:26:e2:91:
8e:fd:94:b0:4d:37:0f:d9:5b:97:e2:66:65:0b:96:
55:1d:67:a9:a5:1e:6b:f7:a4:af:01:6c:50:9d:05:
60:6c:0a:73:be:3c:48:44:34:44:a4:46:c7:68:62:
e4:dc:a8:7f:b7:f5:4b:9b:7d:08:a7:e0:96:84:3f:
c5:62:fa:a8:af:5e:3b:71:23:02:6b:f5:4c:99:b1:
f1:71:97:33:0f:5c:19:66:13:2d:6a:70:f8:19:18:
f1:6b:3f:2a:34:d7:5d:8a:bc:c2:8f:b1:64:8b:a7:
05:8e:8b:ac:cc:1a:9c:be:5d:02:73:e6:5a:5a:65:
51:7d:d1:13:c9:33:17:ed:b8:50:15:54:55:27:c1:
87:59:c0:c0:b0:e6:07:4b:a8:34:b6:38:4b:ee:db:
ce:90:c9:7d:2c:46:13:f5:34:93:9f:47:ed:b2:a9:
fc:d8:7d:f3:6a:f0:62:2a:e0:fb:83:c0:47:2c:4b:
46:70:94:83:86:25:96:6e:9b:02:8e:c5:aa:34:07:
08:0f:3a:c5:90:b9:b0:6f:cc:a0:5b:66:11:8f:19:
3e:02:bc:d6:ac:49:94:9c:a1:15:b9:97:5a:af:a4:
b6:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:4F:7D:17:BC:D9:44:DE:C4:44:97:EE:DF:B1:C9:EB:58:E8:3F:68
X509v3 Authority Key Identifier:
keyid:DB:E8:CC:8F:5A:F1:E7:36:2D:45:4F:3D:D9:1A:82:95:29:19:DB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2-jMj1rx5zYtRU892RqClSkZ22E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/dU99F7zZRN7ERJfu37HJ61joP2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a573fe-6e0e-4bff-99fc-2621d5c99cab/1/2-jMj1rx5zYtRU892RqClSkZ22E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.205.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ba:4d:40:7d:24:f3:f2:05:ef:9b:c7:7c:e7:bd:b2:9a:b5:
05:59:59:93:8b:bd:33:ac:83:65:05:f6:cf:ee:96:1c:66:68:
88:48:06:d1:96:a9:48:6c:47:c0:1f:21:a0:a0:78:14:8e:8b:
23:fc:ff:a0:44:76:18:a5:eb:24:45:34:bd:78:0e:0c:26:4b:
33:f4:da:02:95:f7:d4:d6:87:a8:0f:8e:49:20:6c:e8:45:51:
09:6d:97:ad:37:aa:d4:43:df:f5:54:ff:e8:46:e3:ef:c6:95:
10:8b:e3:cd:0b:35:22:0b:c3:2e:41:1a:79:0d:ac:3d:5a:e9:
8f:5a:13:4f:f4:32:04:14:88:47:23:c2:32:31:67:f3:4a:df:
f2:c7:bf:5a:98:31:9d:d5:2c:40:5c:3f:0e:4f:ec:80:50:07:
17:e5:3c:d0:72:d9:06:a5:4d:48:3c:9b:66:4d:6f:aa:16:22:
87:bc:d2:ac:bc:9b:33:d4:dc:0e:2e:7f:9b:dc:ca:96:01:c6:
d1:c7:cc:1d:8a:d8:03:04:4b:3c:ab:ea:9f:c0:e5:99:7b:be:
8c:37:30:1c:13:e9:38:86:95:e0:cd:bd:32:2e:2b:ab:6e:bd:
73:4d:c6:36:09:88:d6:72:91:bf:82:de:67:94:5a:21:cc:ad:
02:95:68:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQpNk9e2hz0uQdyANhK/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiZThjYzhmNWFmMWU3MzYyZDQ1NGYzZGQ5MWE4Mjk1Mjkx
OWRiNjEwHhcNMjMwMTAxMjEzNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTRmN2QxN2JjZDk0NGRlYzQ0NDk3ZWVkZmIxYzllYjU4ZTgzZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+e/pF5gvj1aPVzaevQNyRagPlZa
KjGs9csm4pGO/ZSwTTcP2VuX4mZlC5ZVHWeppR5r96SvAWxQnQVgbApzvjxIRDRE
pEbHaGLk3Kh/t/VLm30Ip+CWhD/FYvqor147cSMCa/VMmbHxcZczD1wZZhMtanD4
GRjxaz8qNNddirzCj7Fki6cFjouszBqcvl0Cc+ZaWmVRfdETyTMX7bhQFVRVJ8GH
WcDAsOYHS6g0tjhL7tvOkMl9LEYT9TSTn0ftsqn82H3zavBiKuD7g8BHLEtGcJSD
hiWWbpsCjsWqNAcIDzrFkLmwb8ygW2YRjxk+ArzWrEmUnKEVuZdar6S23wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHVPfRe82UTexESX7t+xyetY6D9oMB8GA1UdIwQY
MBaAFNvozI9a8ec2LUVPPdkagpUpGdthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMt
MjYyMWQ1Yzk5Y2FiLzEvZFU5OUY3elpSTjdFUkpmdTM3SEo2MWpvUDJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9hNTczZmUtNmUwZS00YmZmLTk5ZmMtMjYyMWQ1Yzk5Y2Fi
LzEvMi1qTWoxcng1ell0UlU4OTJScUNsU2taMjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3NMA0G
CSqGSIb3DQEBCwUAA4IBAQAhuk1AfSTz8gXvm8d8572ymrUFWVmTi70zrINlBfbP
7pYcZmiISAbRlqlIbEfAHyGgoHgUjosj/P+gRHYYpeskRTS9eA4MJksz9NoClffU
1oeoD45JIGzoRVEJbZetN6rUQ9/1VP/oRuPvxpUQi+PNCzUiC8MuQRp5Daw9WumP
WhNP9DIEFIhHI8IyMWfzSt/yx79amDGd1SxAXD8OT+yAUAcX5TzQctkGpU1IPJtm
TW+qFiKHvNKsvJsz1NwOLn+b3MqWAcbRx8wditgDBEs8q+qfwOWZe76MNzAcE+k4
hpXgzb0yLiurbr1zTcY2CYjWcpG/gt5nlFohzK0ClWjB
-----END CERTIFICATE-----
Generated at Mon May 12 13:24:11 2025 by rpki-client