Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DJhHWAD0UUwOFh26AtOqK9o-1co.roa
File: DJhHWAD0UUwOFh26AtOqK9o-1co.roa (raw, json)
Hash identifier: 6sWxmaiWWzernl7ykK+zW0uaGVrT4nRP0WskyEVmJjI=
Subject key identifier: 0C:98:47:58:00:F4:51:4C:0E:16:1D:BA:02:D3:AA:2B:DA:3E:D5:CA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C91E031180720CECD499062972F6AA23E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DJhHWAD0UUwOFh26AtOqK9o-1co.roa
Signing time: Fri 22 Dec 2023 14:13:58 +0000
ROA not before: Fri 22 Dec 2023 14:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:e0:31:18:07:20:ce:cd:49:90:62:97:2f:6a:a2:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 14:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c98475800f4514c0e161dba02d3aa2bda3ed5ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:41:28:94:db:52:65:fc:a8:c9:08:1b:7c:92:
e1:50:fa:83:d9:e6:37:0f:08:d1:6e:c3:cc:e9:0e:
97:88:aa:2d:4e:38:90:a3:dd:83:ba:dc:52:fe:27:
18:ed:9d:18:12:4b:7c:cc:d2:fa:82:2e:54:30:64:
3e:47:4f:a4:62:a8:27:eb:8c:3e:e4:de:70:92:9c:
91:b0:3e:54:9b:d9:ab:7d:44:3f:ec:d5:ff:32:02:
5d:40:71:52:65:e8:c3:58:d8:58:b9:33:8f:e1:fa:
93:68:8a:24:e8:95:bd:b1:83:e5:84:87:bd:90:01:
7d:87:c6:b3:97:a1:30:03:c5:ff:f6:57:32:ee:c6:
9f:a2:ad:3f:b9:34:2a:7f:ef:a4:b2:d9:71:22:3b:
99:b5:f5:ab:8d:e8:00:14:68:a7:2e:91:5b:56:7b:
a9:53:f0:ca:12:47:c0:97:24:4f:c5:34:51:a9:49:
79:af:f3:d4:6d:8f:10:1a:ed:b8:b9:5c:54:af:ad:
27:03:8f:e1:2e:94:64:f5:40:9f:47:70:e8:c1:2f:
bf:c1:19:e7:52:bc:70:06:6f:45:45:15:29:bb:51:
c2:82:b5:62:e5:43:7a:de:f9:37:cf:0a:3c:0f:11:
e9:07:f2:6e:b7:e9:f8:88:0f:7e:5f:50:44:4a:91:
47:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:98:47:58:00:F4:51:4C:0E:16:1D:BA:02:D3:AA:2B:DA:3E:D5:CA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DJhHWAD0UUwOFh26AtOqK9o-1co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:d9:b7:7a:55:52:2f:6f:a6:70:29:a5:4a:b6:41:2f:74:4e:
2e:5d:13:24:eb:c0:e2:06:bb:15:ef:37:1d:5a:eb:98:db:b7:
3d:bc:bd:85:51:7d:25:ca:83:09:30:a3:38:db:da:1d:17:5d:
dc:55:6e:b2:59:bf:51:cb:9c:d8:39:06:7c:2c:82:c5:d5:45:
b5:80:f9:9d:72:a1:75:c3:09:e2:31:f9:cd:31:4f:3b:fe:60:
de:4c:14:af:84:99:46:1e:56:62:97:0e:fe:21:9d:3c:a5:20:
0d:9f:ee:a6:0d:c5:3d:9e:ab:1a:fb:5c:05:fe:4f:f6:79:ca:
49:31:1e:96:a4:c5:86:ef:bc:54:49:31:3a:9b:5d:c0:dd:76:
51:b4:38:45:97:43:08:76:58:6a:07:45:94:06:dc:28:52:50:
d5:af:c0:6b:54:3e:26:f6:20:81:0e:4e:e3:d0:f9:3b:c0:bc:
2b:04:f7:30:88:32:41:ff:f2:cf:af:97:23:f5:ad:67:2f:13:
fe:9b:c5:57:14:af:df:85:03:eb:d1:58:1a:89:fd:0d:2c:8b:
8a:f1:93:96:09:6a:62:ff:dc:07:8c:cc:07:04:20:1e:1a:33:
2c:9a:72:4c:df:bc:9a:2a:f2:5e:7a:75:81:aa:f8:c9:95:d9:
0e:1a:8a:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyR4DEYByDOzUmQYpcvaqI+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMTQxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk4NDc1ODAwZjQ1MTRjMGUxNjFkYmEwMmQzYWEyYmRhM2VkNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UEolNtSZfyoyQgbfJLhUPqD2eY3
DwjRbsPM6Q6XiKotTjiQo92DutxS/icY7Z0YEkt8zNL6gi5UMGQ+R0+kYqgn64w+
5N5wkpyRsD5Um9mrfUQ/7NX/MgJdQHFSZejDWNhYuTOP4fqTaIok6JW9sYPlhIe9
kAF9h8azl6EwA8X/9lcy7safoq0/uTQqf++kstlxIjuZtfWrjegAFGinLpFbVnup
U/DKEkfAlyRPxTRRqUl5r/PUbY8QGu24uVxUr60nA4/hLpRk9UCfR3DowS+/wRnn
UrxwBm9FRRUpu1HCgrVi5UN63vk3zwo8DxHpB/Jut+n4iA9+X1BESpFHsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAyYR1gA9FFMDhYdugLTqivaPtXKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvREpoSFdBRDBVVXdPRmgyNkF0T3FLOW8tMWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGPZt3pVUi9vpnAppUq2
QS90Ti5dEyTrwOIGuxXvNx1a65jbtz28vYVRfSXKgwkwozjb2h0XXdxVbrJZv1HL
nNg5BnwsgsXVRbWA+Z1yoXXDCeIx+c0xTzv+YN5MFK+EmUYeVmKXDv4hnTylIA2f
7qYNxT2eqxr7XAX+T/Z5ykkxHpakxYbvvFRJMTqbXcDddlG0OEWXQwh2WGoHRZQG
3ChSUNWvwGtUPib2IIEOTuPQ+TvAvCsE9zCIMkH/8s+vlyP1rWcvE/6bxVcUr9+F
A+vRWBqJ/Q0si4rxk5YJamL/3AeMzAcEIB4aMyyackzfvJoq8l56dYGq+MmV2Q4a
ikE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:02:32 2025 by rpki-client