Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3zNMfICVPudF36mfR8j28fRKgOg.roa
File: 3zNMfICVPudF36mfR8j28fRKgOg.roa (raw, json)
Hash identifier: gQHL/Yp20k8BZ27BZ6Cp6YtC9LShwY5r7hKkGx0d9HU=
Subject key identifier: DF:33:4C:7C:80:95:3E:E7:45:DF:A9:9F:47:C8:F6:F1:F4:4A:80:E8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B710AD04F1BE81861693FC373268C2B40
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3zNMfICVPudF36mfR8j28fRKgOg.roa
Signing time: Fri 27 Oct 2023 12:10:15 +0000
ROA not before: Fri 27 Oct 2023 12:10:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:71:0a:d0:4f:1b:e8:18:61:69:3f:c3:73:26:8c:2b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 12:10:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df334c7c80953ee745dfa99f47c8f6f1f44a80e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:90:7f:24:32:aa:d9:b7:e8:66:89:07:27:fd:
67:d9:80:f5:df:d6:ce:16:bd:eb:81:0b:04:bb:7d:
b9:a2:cc:f7:e8:2a:4f:d0:88:20:6f:47:12:7f:42:
b2:f7:e8:be:cf:b0:99:15:4b:71:5c:56:7c:c9:1e:
f0:73:f0:82:a8:59:b8:4c:1f:d3:0e:61:95:53:b4:
cc:79:84:bc:a6:5d:45:58:c2:29:3e:f3:5d:bb:4e:
61:99:01:f4:62:70:11:8c:0e:d1:7a:1e:70:a5:9d:
d8:c0:bd:2d:29:f9:4b:d3:e2:62:7a:b0:eb:8a:9d:
9b:54:9a:76:65:48:70:38:54:a0:32:9b:b8:70:f8:
7a:a4:11:67:86:74:39:9d:2e:c7:b3:ce:74:d4:37:
20:45:12:15:67:95:8a:8f:42:0d:51:d6:ff:59:eb:
fc:bf:c0:25:61:32:04:b8:e1:a4:4e:5e:24:24:c1:
85:49:4d:2b:e7:4e:bb:68:0f:47:49:ea:74:5e:84:
63:45:8a:69:65:e4:65:44:07:12:41:85:1d:98:e4:
ee:2e:42:b8:b6:7d:8f:f9:14:7f:83:dc:8c:04:18:
57:17:f3:f8:cc:05:3e:65:25:4a:a2:f9:cc:50:09:
2b:98:3e:19:21:32:7c:ea:c5:29:b8:67:7b:8d:d1:
1c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:33:4C:7C:80:95:3E:E7:45:DF:A9:9F:47:C8:F6:F1:F4:4A:80:E8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3zNMfICVPudF36mfR8j28fRKgOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:56:6d:56:6a:18:37:b2:f3:c4:ec:4b:9d:80:51:d4:b8:86:
fb:a9:5d:a6:20:63:73:1d:1b:b2:46:f3:f6:81:7f:4e:cc:12:
d0:0a:1f:ac:2a:41:a4:5b:db:b5:a6:a4:04:ce:6e:08:70:98:
6d:20:3a:e0:61:a2:ec:f7:a4:ba:2f:b6:7e:86:44:01:de:6a:
32:77:ad:26:e2:ff:c8:d5:6c:d8:3f:d7:1f:92:82:26:16:af:
2a:3f:bd:7a:39:48:cf:d4:3e:44:fe:18:12:e7:95:67:5e:05:
fa:b8:c9:37:fa:2d:8a:67:52:64:be:66:8e:c6:02:ac:70:ff:
cb:79:4e:5a:4a:31:b0:3d:da:74:3d:a9:1b:c1:57:b5:68:87:
fa:58:8b:ea:b3:ea:82:91:d1:49:0b:04:6a:ee:61:90:ed:b1:
84:be:29:40:4c:54:a4:4a:a0:07:8e:6e:e7:47:94:56:7f:96:
6c:db:60:3a:f7:32:78:6c:5c:cf:9f:a6:b3:73:88:bc:09:2a:
d6:ff:ec:3b:b0:cb:50:22:fc:2f:8f:33:0c:06:22:a2:27:52:
7f:79:eb:04:a0:d1:8f:82:d8:ed:02:9d:43:bc:41:0b:00:a6:
9c:b7:cf:44:6d:82:7e:e2:31:a0:2d:91:46:25:ee:5c:a4:93:
94:80:8a:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtxCtBPG+gYYWk/w3MmjCtAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MTIxMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjMzNGM3YzgwOTUzZWU3NDVkZmE5OWY0N2M4ZjZmMWY0NGE4MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5B/JDKq2bfoZokHJ/1n2YD139bO
Fr3rgQsEu325osz36CpP0Iggb0cSf0Ky9+i+z7CZFUtxXFZ8yR7wc/CCqFm4TB/T
DmGVU7TMeYS8pl1FWMIpPvNdu05hmQH0YnARjA7Reh5wpZ3YwL0tKflL0+JierDr
ip2bVJp2ZUhwOFSgMpu4cPh6pBFnhnQ5nS7Hs8501DcgRRIVZ5WKj0INUdb/Wev8
v8AlYTIEuOGkTl4kJMGFSU0r5067aA9HSep0XoRjRYppZeRlRAcSQYUdmOTuLkK4
tn2P+RR/g9yMBBhXF/P4zAU+ZSVKovnMUAkrmD4ZITJ86sUpuGd7jdEcrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN8zTHyAlT7nRd+pn0fI9vH0SoDoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM3pOTWZJQ1ZQdWRGMzZtZlI4ajI4ZlJLZ09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADFWbVZqGDey88TsS52A
UdS4hvupXaYgY3MdG7JG8/aBf07MEtAKH6wqQaRb27WmpATObghwmG0gOuBhouz3
pLovtn6GRAHeajJ3rSbi/8jVbNg/1x+SgiYWryo/vXo5SM/UPkT+GBLnlWdeBfq4
yTf6LYpnUmS+Zo7GAqxw/8t5TlpKMbA92nQ9qRvBV7Voh/pYi+qz6oKR0UkLBGru
YZDtsYS+KUBMVKRKoAeObudHlFZ/lmzbYDr3MnhsXM+fprNziLwJKtb/7Duwy1Ai
/C+PMwwGIqInUn956wSg0Y+C2O0CnUO8QQsAppy3z0Rtgn7iMaAtkUYl7lykk5SA
ihM=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:16:40 2025 by rpki-client