Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3exbPL6qdUXuabfDGZqoO43S7n8.roa
File: 3exbPL6qdUXuabfDGZqoO43S7n8.roa (raw, json)
Hash identifier: DhqD0sL5Dyc+pZedOK2O4TrHlp7xm7z/Z685pRm82Wc=
Subject key identifier: DD:EC:5B:3C:BE:AA:75:45:EE:69:B7:C3:19:9A:A8:3B:8D:D2:EE:7F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B10EBB1A837746E98A21688628DE4FB8E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3exbPL6qdUXuabfDGZqoO43S7n8.roa
Signing time: Sun 08 Oct 2023 20:12:43 +0000
ROA not before: Sun 08 Oct 2023 20:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:10:eb:b1:a8:37:74:6e:98:a2:16:88:62:8d:e4:fb:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 20:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddec5b3cbeaa7545ee69b7c3199aa83b8dd2ee7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:50:cd:fe:84:28:59:fc:01:ab:7b:a9:d4:ae:
86:c4:b4:87:5e:19:b6:60:76:25:11:4d:27:d8:68:
52:52:11:4a:39:2a:63:a9:3c:8f:20:df:12:2d:a5:
05:35:1b:81:fa:c9:3b:d8:16:80:07:7f:db:f9:d7:
0d:c3:93:29:d7:c7:99:cf:3a:d5:44:11:b1:1e:db:
46:16:51:c1:0e:f4:82:b9:52:1f:6e:3f:a6:41:f6:
e6:ac:e8:6a:d1:cf:12:0c:13:e8:6f:6c:5f:8b:ee:
a2:6e:74:4f:af:36:b2:40:d2:ca:ce:e7:7b:96:a6:
fb:c7:db:e9:32:bb:48:62:ab:2d:71:29:b2:6b:21:
3e:1f:d2:e1:79:61:d3:42:a9:70:56:10:ed:58:a1:
e2:c0:ca:60:e1:68:e9:bb:89:41:ce:25:89:75:6f:
25:20:9e:54:ca:02:00:f9:26:51:0d:4e:90:67:2c:
c0:bb:26:dc:4a:9c:38:46:89:dd:f4:a2:b9:15:e1:
8f:f1:a6:a2:8d:08:58:23:40:17:e6:b6:0d:3b:b4:
ec:23:cc:fb:74:48:1d:e2:4d:d0:12:16:b1:4b:77:
56:fe:bc:61:7a:fb:b7:fa:39:09:4c:e0:22:fd:76:
c1:73:99:bd:05:a8:c8:fe:18:0a:7f:c2:f7:82:23:
71:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:EC:5B:3C:BE:AA:75:45:EE:69:B7:C3:19:9A:A8:3B:8D:D2:EE:7F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3exbPL6qdUXuabfDGZqoO43S7n8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:a8:8b:5a:ae:2e:6e:94:3f:08:da:87:a5:3a:cf:09:6c:f6:
7e:be:77:d1:33:af:06:7d:ae:26:bf:0b:bb:89:52:04:00:5c:
1d:89:7c:4f:26:55:63:14:a8:f7:af:03:cd:3b:ca:9e:24:f2:
75:45:99:d2:f8:15:81:d3:a9:3e:1f:80:b3:4f:05:84:c5:f5:
38:64:8d:3d:6a:51:76:b4:f6:a7:dd:56:15:c8:f0:a6:48:31:
11:1e:99:8e:3e:3c:84:ee:62:c7:82:d8:36:f2:8f:76:01:a4:
19:81:53:a1:c7:78:e6:31:f5:68:4e:f3:87:56:17:49:e8:c8:
42:49:1d:d9:ff:74:d1:86:aa:d5:63:f9:15:57:ab:2f:ba:16:
a3:02:f9:4b:c9:4d:59:b1:5b:30:a4:4f:1c:bd:dc:03:6f:bb:
06:9d:54:50:d2:64:c0:17:4a:91:bd:88:84:4a:7f:8c:38:c9:
11:dc:7f:a6:73:77:c6:6c:96:c7:fb:8b:00:ca:ad:19:96:18:
c1:8d:e6:ad:80:17:ab:9e:dd:5d:80:40:12:95:9b:f4:2f:a7:
41:18:a4:30:ec:b3:9d:ed:68:aa:0e:2f:15:ce:7b:ff:5a:ad:
1b:b3:15:1a:28:a1:f4:4f:7f:b3:49:45:1f:0c:6a:2a:59:12:
fc:3c:04:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsQ67GoN3RumKIWiGKN5PuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MjAxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGVjNWIzY2JlYWE3NTQ1ZWU2OWI3YzMxOTlhYTgzYjhkZDJlZTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVDN/oQoWfwBq3up1K6GxLSHXhm2
YHYlEU0n2GhSUhFKOSpjqTyPIN8SLaUFNRuB+sk72BaAB3/b+dcNw5Mp18eZzzrV
RBGxHttGFlHBDvSCuVIfbj+mQfbmrOhq0c8SDBPob2xfi+6ibnRPrzayQNLKzud7
lqb7x9vpMrtIYqstcSmyayE+H9LheWHTQqlwVhDtWKHiwMpg4Wjpu4lBziWJdW8l
IJ5UygIA+SZRDU6QZyzAuybcSpw4Rond9KK5FeGP8aaijQhYI0AX5rYNO7TsI8z7
dEgd4k3QEhaxS3dW/rxhevu3+jkJTOAi/XbBc5m9BajI/hgKf8L3giNx8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN3sWzy+qnVF7mm3wxmaqDuN0u5/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM2V4YlBMNnFkVVh1YWJmREdacW9PNDNTN244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJaoi1quLm6UPwjah6U6
zwls9n6+d9EzrwZ9ria/C7uJUgQAXB2JfE8mVWMUqPevA807yp4k8nVFmdL4FYHT
qT4fgLNPBYTF9ThkjT1qUXa09qfdVhXI8KZIMREemY4+PITuYseC2Dbyj3YBpBmB
U6HHeOYx9WhO84dWF0noyEJJHdn/dNGGqtVj+RVXqy+6FqMC+UvJTVmxWzCkTxy9
3ANvuwadVFDSZMAXSpG9iIRKf4w4yRHcf6Zzd8Zslsf7iwDKrRmWGMGN5q2AF6ue
3V2AQBKVm/Qvp0EYpDDss53taKoOLxXOe/9arRuzFRooofRPf7NJRR8MaipZEvw8
BHs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:02:17 2025 by rpki-client