Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3fXf9SnqMmvMGu81VTeMAczAXXA.roa
File: 3fXf9SnqMmvMGu81VTeMAczAXXA.roa (raw, json)
Hash identifier: qYQIfA5anzP30SSxb1L0SXI1JyhB1gf8LZA88ZVpEJc=
Subject key identifier: DD:F5:DF:F5:29:EA:32:6B:CC:1A:EF:35:55:37:8C:01:CC:C0:5D:70
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B2DACB791A032B03206220BFBF45C62D2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3fXf9SnqMmvMGu81VTeMAczAXXA.roa
Signing time: Sat 14 Oct 2023 10:12:55 +0000
ROA not before: Sat 14 Oct 2023 10:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:2d:ac:b7:91:a0:32:b0:32:06:22:0b:fb:f4:5c:62:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 14 10:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ddf5dff529ea326bcc1aef3555378c01ccc05d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:92:94:a1:46:b9:38:be:72:bc:ba:72:c2:68:
50:0b:bc:69:ce:fe:cd:2a:f7:74:81:06:a0:83:c7:
34:8b:11:7f:d2:68:8a:f3:51:be:0b:c4:af:54:15:
6d:4f:5c:04:37:da:fb:1c:69:89:67:fc:b5:4c:a7:
90:9c:c9:83:3c:5d:be:d3:18:9e:d4:96:8b:50:2d:
6c:32:d9:f4:de:22:0d:50:5e:34:f1:ea:52:15:9b:
a9:18:07:c2:1f:d6:ee:e7:f7:fb:3f:25:6a:97:60:
1e:78:85:21:66:41:a8:1b:a5:d1:54:27:bc:a5:ed:
d0:13:0e:c0:5a:b2:57:26:f5:a5:0a:bf:b6:2e:78:
39:21:c0:0b:45:10:ed:15:4a:1c:f3:6a:91:41:9d:
2b:06:07:76:bc:a1:43:0d:b2:a1:27:a4:30:60:e9:
d5:21:57:0c:dd:99:74:8d:27:70:54:2b:d3:97:53:
32:27:28:39:27:6d:9c:fd:b5:18:29:d0:f5:32:62:
f2:ae:81:e1:c7:1b:54:3f:02:dd:69:6b:19:be:25:
f2:d0:62:5f:a7:76:86:f7:53:78:1a:57:47:43:12:
6f:f7:6f:b3:fd:ce:78:47:28:f0:9e:ec:b7:8b:2f:
d1:52:ba:5e:40:a2:6d:23:d3:6d:be:f2:19:3a:f1:
da:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:F5:DF:F5:29:EA:32:6B:CC:1A:EF:35:55:37:8C:01:CC:C0:5D:70
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3fXf9SnqMmvMGu81VTeMAczAXXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:5d:30:2c:aa:17:66:ce:6d:59:72:64:ac:c2:a0:55:eb:7f:
1d:f6:76:53:fa:db:ea:f8:ec:4f:b7:84:aa:eb:74:c0:5a:ba:
ff:6b:59:97:ee:f0:6e:79:a2:50:45:33:45:b0:7d:f2:29:b4:
99:c8:02:fa:08:a4:8f:71:58:85:3b:c5:8b:81:d6:84:3f:48:
d8:71:73:f0:4e:b5:7d:91:5c:5c:6d:ea:06:30:5a:98:14:35:
c2:b8:de:fa:0a:37:ae:78:5d:db:7c:a6:a5:ac:bf:d9:94:61:
ac:b1:cd:e0:9e:14:7e:4f:c2:6c:ea:77:e0:77:91:47:66:f7:
87:e8:43:e9:4a:c5:10:55:57:a8:7f:cf:ad:cc:81:2c:10:dd:
ce:e3:45:76:11:43:ad:5e:88:2c:7b:89:21:e5:8f:7a:e9:80:
99:da:19:db:67:53:71:7b:8d:a8:c1:b9:fc:d5:3a:48:a0:32:
46:91:3d:e7:90:fc:9a:50:02:fc:09:bc:d9:22:cc:28:09:0f:
20:14:98:ca:59:ea:16:bd:de:ca:37:4c:b4:9d:cc:c3:cd:85:
92:be:c2:83:f9:8b:9d:13:0c:8e:41:7c:c9:70:c1:59:da:5e:
d2:b3:bc:ab:d5:12:17:d3:f9:55:db:c4:0e:03:51:d5:a3:1a:
91:27:0b:88
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYstrLeRoDKwMgYiC/v0XGLSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE0MTAxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGY1ZGZmNTI5ZWEzMjZiY2MxYWVmMzU1NTM3OGMwMWNjYzA1ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopKUoUa5OL5yvLpywmhQC7xpzv7N
Kvd0gQagg8c0ixF/0miK81G+C8SvVBVtT1wEN9r7HGmJZ/y1TKeQnMmDPF2+0xie
1JaLUC1sMtn03iINUF408epSFZupGAfCH9bu5/f7PyVql2AeeIUhZkGoG6XRVCe8
pe3QEw7AWrJXJvWlCr+2Lng5IcALRRDtFUoc82qRQZ0rBgd2vKFDDbKhJ6QwYOnV
IVcM3Zl0jSdwVCvTl1MyJyg5J22c/bUYKdD1MmLyroHhxxtUPwLdaWsZviXy0GJf
p3aG91N4GldHQxJv92+z/c54Ryjwnuy3iy/RUrpeQKJtI9NtvvIZOvHamwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN313/Up6jJrzBrvNVU3jAHMwF1wMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM2ZYZjlTbnFNbXZNR3U4MVZUZU1BY3pBWFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAJdMCyqF2bObVlyZKzC
oFXrfx32dlP62+r47E+3hKrrdMBauv9rWZfu8G55olBFM0WwffIptJnIAvoIpI9x
WIU7xYuB1oQ/SNhxc/BOtX2RXFxt6gYwWpgUNcK43voKN654Xdt8pqWsv9mUYayx
zeCeFH5Pwmzqd+B3kUdm94foQ+lKxRBVV6h/z63MgSwQ3c7jRXYRQ61eiCx7iSHl
j3rpgJnaGdtnU3F7jajBufzVOkigMkaRPeeQ/JpQAvwJvNkizCgJDyAUmMpZ6ha9
3so3TLSdzMPNhZK+woP5i50TDI5BfMlwwVnaXtKzvKvVEhfT+VXbxA4DUdWjGpEn
C4g=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:23:32 2025 by rpki-client