Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3y69YSQr84UXEgjAmgHx-eMnDiY.roa
File: 3y69YSQr84UXEgjAmgHx-eMnDiY.roa (raw, json)
Hash identifier: OwmZ1gIrymfjFZ/3Ozepr4MaXLJwC5RxrK/sbkL4jx4=
Subject key identifier: DF:2E:BD:61:24:2B:F3:85:17:12:08:C0:9A:01:F1:F9:E3:27:0E:26
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBF9557596341160BED81CC775EEC3BD7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3y69YSQr84UXEgjAmgHx-eMnDiY.roa
Signing time: Sat 11 Nov 2023 18:11:57 +0000
ROA not before: Sat 11 Nov 2023 18:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bf:95:57:59:63:41:16:0b:ed:81:cc:77:5e:ec:3b:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 18:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df2ebd61242bf385171208c09a01f1f9e3270e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6f:09:7b:0f:43:e1:c1:39:f3:45:53:d6:77:
6b:b4:14:2d:54:69:8d:b8:03:c0:cc:6a:b4:8d:66:
d2:d9:02:98:76:7c:dc:58:31:eb:66:bf:3d:86:50:
4c:18:10:51:96:1f:04:46:fa:92:57:87:ba:4e:ec:
96:50:97:9a:aa:1a:eb:08:10:7a:90:95:92:2c:06:
ea:bd:bf:21:a4:8e:bc:86:b4:81:19:ef:15:bf:48:
82:9e:ac:c8:16:bf:8b:85:c5:8f:af:c3:af:b1:1e:
46:99:2f:9c:63:2d:23:61:d2:30:7f:04:36:84:48:
20:e2:ad:ac:db:80:96:a1:94:70:e4:e3:6a:dd:fe:
67:74:8a:fb:b2:a7:17:3b:42:32:9e:2c:4a:63:b5:
57:b1:19:22:9e:c7:78:44:47:87:3c:44:ad:98:78:
c2:75:42:79:0e:a0:3c:d7:2a:37:43:9d:0d:4f:d4:
fc:f4:ee:ee:b2:fe:e4:19:ca:2b:fb:6a:0c:97:4a:
f8:f1:7a:8f:23:01:a8:b9:fe:e0:07:3e:f5:b9:a4:
b8:a6:72:3a:51:87:e2:29:6a:d1:e6:80:10:fd:4b:
8e:99:6b:84:49:32:c8:e8:74:cc:69:f6:bc:45:df:
88:31:d4:dd:b8:08:a3:d8:d4:fb:23:f9:49:0b:6d:
41:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:2E:BD:61:24:2B:F3:85:17:12:08:C0:9A:01:F1:F9:E3:27:0E:26
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3y69YSQr84UXEgjAmgHx-eMnDiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:84:cc:25:14:99:d0:d8:be:59:51:6d:fd:0b:22:e2:80:33:
a0:0a:1b:a5:86:1e:f3:be:3b:6f:4b:09:b7:0f:5e:7f:ac:a8:
39:9e:f4:38:b8:c0:65:6d:f2:18:7d:48:fa:c6:bc:64:d6:eb:
33:d4:79:38:1f:a8:9c:76:5c:06:2e:e3:10:99:26:8f:2b:58:
84:77:a8:9d:25:11:14:41:84:70:c2:e5:7b:0e:e3:2f:22:25:
dc:73:84:f0:5e:ac:44:fe:5b:93:c2:82:32:35:45:31:e1:ec:
ba:cb:26:1c:24:38:dc:97:b7:6c:50:51:aa:40:9e:90:96:3b:
42:17:36:72:c3:4e:b7:4a:66:58:e0:49:f8:8d:62:34:c3:86:
d3:ba:3f:ff:b0:85:2b:54:41:ed:20:17:f1:59:7a:e4:52:86:
6f:af:b9:dc:1c:3e:94:0a:1d:18:e6:bc:d0:08:dd:09:b2:0c:
ba:60:81:98:8f:d1:d8:aa:c8:f9:34:12:39:da:11:db:ff:68:
05:c7:f3:24:a3:28:f0:63:10:b4:5d:c7:ca:59:d5:05:d9:f3:
e9:3d:ba:51:2b:71:19:33:c7:8b:1a:86:83:cf:b6:10:b1:77:
14:41:88:dc:f9:8c:a1:47:d3:89:f8:2e:23:6e:da:ae:0c:85:
e2:9d:e1:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu/lVdZY0EWC+2BzHde7DvXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMTgxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjJlYmQ2MTI0MmJmMzg1MTcxMjA4YzA5YTAxZjFmOWUzMjcwZTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW8Jew9D4cE580VT1ndrtBQtVGmN
uAPAzGq0jWbS2QKYdnzcWDHrZr89hlBMGBBRlh8ERvqSV4e6TuyWUJeaqhrrCBB6
kJWSLAbqvb8hpI68hrSBGe8Vv0iCnqzIFr+LhcWPr8OvsR5GmS+cYy0jYdIwfwQ2
hEgg4q2s24CWoZRw5ONq3f5ndIr7sqcXO0IynixKY7VXsRkinsd4REeHPEStmHjC
dUJ5DqA81yo3Q50NT9T89O7usv7kGcor+2oMl0r48XqPIwGouf7gBz71uaS4pnI6
UYfiKWrR5oAQ/UuOmWuESTLI6HTMafa8Rd+IMdTduAij2NT7I/lJC21BXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN8uvWEkK/OFFxIIwJoB8fnjJw4mMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM3k2OVlTUXI4NFVYRWdqQW1nSHgtZU1uRGlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJqEzCUUmdDYvllRbf0L
IuKAM6AKG6WGHvO+O29LCbcPXn+sqDme9Di4wGVt8hh9SPrGvGTW6zPUeTgfqJx2
XAYu4xCZJo8rWIR3qJ0lERRBhHDC5XsO4y8iJdxzhPBerET+W5PCgjI1RTHh7LrL
JhwkONyXt2xQUapAnpCWO0IXNnLDTrdKZljgSfiNYjTDhtO6P/+whStUQe0gF/FZ
euRShm+vudwcPpQKHRjmvNAI3QmyDLpggZiP0diqyPk0EjnaEdv/aAXH8ySjKPBj
ELRdx8pZ1QXZ8+k9ulErcRkzx4sahoPPthCxdxRBiNz5jKFH04n4LiNu2q4MheKd
4Sg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:58:00 2025 by rpki-client