Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3OneVtLVqDLjPDFgXPVPtPWrPA4.roa
File: 3OneVtLVqDLjPDFgXPVPtPWrPA4.roa (raw, json)
Hash identifier: W0UOxDR8cgi+iBC6RSN/JjnAiJssCAnZunrgMBW4/VM=
Subject key identifier: DC:E9:DE:56:D2:D5:A8:32:E3:3C:31:60:5C:F5:4F:B4:F5:AB:3C:0E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8F5295E958DB7D7254843A2B1227B067
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3OneVtLVqDLjPDFgXPVPtPWrPA4.roa
Signing time: Thu 02 Nov 2023 09:17:16 +0000
ROA not before: Thu 02 Nov 2023 09:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:52:95:e9:58:db:7d:72:54:84:3a:2b:12:27:b0:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 2 09:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dce9de56d2d5a832e33c31605cf54fb4f5ab3c0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:56:6b:84:f3:d6:92:dc:48:44:30:50:93:53:
89:ad:09:59:19:2b:9b:63:50:76:b7:12:20:2a:13:
9a:1b:d9:fd:77:3b:72:5f:cb:f6:f0:70:c2:77:b8:
3f:fb:27:52:ac:99:d2:e3:97:9b:3e:f1:27:ae:5e:
11:db:c0:dd:88:4c:dc:80:aa:0e:bd:16:e7:05:98:
a8:b3:3d:af:86:a7:4f:c0:a5:90:11:5d:ab:9d:65:
22:b8:4a:08:44:4d:14:c4:00:8e:ca:7b:75:06:c0:
bc:60:b7:d0:71:e4:14:ec:b5:53:22:51:49:bc:0e:
25:31:33:d0:73:20:26:5f:82:16:5c:34:df:f1:71:
67:37:52:9a:68:f4:60:82:37:2e:ae:34:d7:3d:52:
42:6d:72:78:96:49:26:a8:48:67:d1:ba:e2:de:b1:
a8:1c:b9:7d:2a:3a:ac:df:a6:6c:58:ac:02:67:7e:
c9:1c:b9:34:3e:e7:f0:f0:c9:93:6e:81:d3:8f:04:
54:46:b2:92:a6:53:10:a5:79:61:a1:b9:38:ac:dd:
ef:2d:60:29:c9:18:42:7e:37:9b:36:27:a4:f9:e8:
07:5d:cf:40:cf:e6:f9:d9:80:78:b8:ad:bb:7f:57:
53:21:c4:62:12:54:f3:a3:50:da:e9:60:aa:40:86:
ef:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E9:DE:56:D2:D5:A8:32:E3:3C:31:60:5C:F5:4F:B4:F5:AB:3C:0E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3OneVtLVqDLjPDFgXPVPtPWrPA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:24:40:b9:11:9d:21:04:b6:da:8f:9c:92:8c:d5:b3:bf:f2:
f5:6f:a3:45:c5:97:0a:a4:a6:b5:7a:f7:ef:28:2e:3e:42:6d:
64:16:4f:20:42:12:c7:20:03:12:27:41:74:93:ab:1e:8c:12:
24:08:b6:65:eb:3b:03:50:4c:a6:27:31:3d:ce:57:26:ae:72:
ee:de:b7:e2:11:3d:e2:7e:1c:ee:6e:ed:ef:9c:0e:04:3e:66:
18:c5:45:56:a6:0f:47:f2:f0:19:d5:c6:e7:73:9b:3d:96:eb:
03:f0:d3:e1:b4:5a:69:d3:5f:da:74:8d:11:97:6f:f3:44:b1:
9f:3d:54:9c:e8:94:7d:3a:56:95:84:e2:9c:41:c5:c3:0c:1e:
83:d5:a4:fb:5f:64:41:e0:8a:8b:d4:4d:2b:45:a7:02:02:ff:
29:10:4e:d5:a3:63:a4:1e:e0:b2:3b:39:fc:1a:d9:bc:a5:90:
13:82:d9:82:cc:d3:95:be:04:ad:fc:6e:d3:c8:7c:3b:56:8c:
6f:6d:e2:5d:03:c8:04:55:a5:8c:a4:90:59:33:15:6e:e1:83:
ea:21:17:d2:b7:36:82:b0:e0:f8:3b:e7:77:ce:b4:46:8a:ce:
c8:35:04:2c:e0:29:04:f0:eb:62:ad:d0:bc:1a:45:f3:6f:6b:
49:f7:30:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuPUpXpWNt9clSEOisSJ7BnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAyMDkxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2U5ZGU1NmQyZDVhODMyZTMzYzMxNjA1Y2Y1NGZiNGY1YWIzYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlZrhPPWktxIRDBQk1OJrQlZGSub
Y1B2txIgKhOaG9n9dztyX8v28HDCd7g/+ydSrJnS45ebPvEnrl4R28DdiEzcgKoO
vRbnBZiosz2vhqdPwKWQEV2rnWUiuEoIRE0UxACOynt1BsC8YLfQceQU7LVTIlFJ
vA4lMTPQcyAmX4IWXDTf8XFnN1KaaPRggjcurjTXPVJCbXJ4lkkmqEhn0bri3rGo
HLl9Kjqs36ZsWKwCZ37JHLk0Pufw8MmTboHTjwRURrKSplMQpXlhobk4rN3vLWAp
yRhCfjebNiek+egHXc9Az+b52YB4uK27f1dTIcRiElTzo1Da6WCqQIbv3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNzp3lbS1agy4zwxYFz1T7T1qzwOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM09uZVZ0TFZxRExqUERGZ1hQVlB0UFdyUEE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFckQLkRnSEEttqPnJKM
1bO/8vVvo0XFlwqkprV69+8oLj5CbWQWTyBCEscgAxInQXSTqx6MEiQItmXrOwNQ
TKYnMT3OVyaucu7et+IRPeJ+HO5u7e+cDgQ+ZhjFRVamD0fy8BnVxudzmz2W6wPw
0+G0WmnTX9p0jRGXb/NEsZ89VJzolH06VpWE4pxBxcMMHoPVpPtfZEHgiovUTStF
pwIC/ykQTtWjY6Qe4LI7Ofwa2bylkBOC2YLM05W+BK38btPIfDtWjG9t4l0DyARV
pYykkFkzFW7hg+ohF9K3NoKw4Pg753fOtEaKzsg1BCzgKQTw62Kt0LwaRfNva0n3
MBc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:20:58 2025 by rpki-client