Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D1eOCmIdH_ny_vog4u55NtGxPd4.roa
File: D1eOCmIdH_ny_vog4u55NtGxPd4.roa (raw, json)
Hash identifier: 8jYEzPGW+7SW/mXGS0t/OhyVxbSX7RVsTebehoGWe9c=
Subject key identifier: 0F:57:8E:0A:62:1D:1F:F9:F2:FE:FA:20:E2:EE:79:36:D1:B1:3D:DE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3C0A9235A7A209043EDE762C7DC2BA19
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D1eOCmIdH_ny_vog4u55NtGxPd4.roa
Signing time: Tue 05 Dec 2023 22:12:54 +0000
ROA not before: Tue 05 Dec 2023 22:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3c:0a:92:35:a7:a2:09:04:3e:de:76:2c:7d:c2:ba:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 22:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f578e0a621d1ff9f2fefa20e2ee7936d1b13dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:24:66:f1:da:e5:75:8d:c6:cb:e2:5d:e3:3b:
09:7e:f5:fd:f5:28:7d:5f:69:c4:d3:e0:01:28:45:
69:53:60:a0:a8:b1:86:2d:4a:2f:bf:b9:08:35:3a:
a6:a4:a3:40:c7:51:5f:57:9b:1a:b5:f8:b5:e7:ee:
f7:02:61:3c:c6:59:31:ab:0d:45:cd:42:23:f3:c3:
6e:26:3b:b7:35:62:8a:36:53:6f:c3:48:18:eb:72:
37:7f:a0:5f:4e:54:53:45:3a:1e:4f:3c:54:ef:e5:
46:04:2a:7a:23:cb:27:60:fa:02:2d:da:59:f6:ae:
37:3f:21:5c:0a:17:fa:a6:d6:34:6d:4c:02:a4:65:
6a:6b:09:9d:f0:6a:ab:4b:14:cf:55:60:3f:91:83:
a3:6f:73:e5:c4:14:0e:cd:3a:a0:46:17:85:22:b5:
e7:ff:e9:84:de:64:67:02:ca:5e:cb:74:6c:c1:80:
e4:9a:90:b3:91:2f:4b:bf:7a:b3:d2:21:91:9e:79:
69:5d:c0:7f:6f:4e:83:f5:35:cf:66:a9:61:ec:01:
a2:94:cf:73:91:36:07:4f:42:8f:07:a4:0b:c4:ed:
9b:2e:20:f8:e1:a8:2b:fd:02:06:80:84:34:50:b9:
71:f5:11:9b:aa:e1:b8:e2:fb:65:a8:9d:1e:72:17:
da:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:57:8E:0A:62:1D:1F:F9:F2:FE:FA:20:E2:EE:79:36:D1:B1:3D:DE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D1eOCmIdH_ny_vog4u55NtGxPd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
05:6d:a2:91:1f:e0:f9:91:dc:ae:d9:62:ea:e1:fd:e5:78:ef:
7c:7b:89:c8:0c:45:cb:4d:d7:bc:52:4f:1b:b4:70:f0:86:9a:
e3:c2:ca:ac:71:30:99:1b:7b:b6:da:5b:60:ef:d6:7c:9d:fe:
3b:11:a0:c4:e3:9f:07:42:6a:cc:c9:1b:d5:d7:94:6c:bc:9c:
b4:f2:d4:4f:ec:12:2f:89:99:f2:ee:7c:0b:2a:84:a3:e4:d1:
33:ef:5d:0b:65:95:a1:34:2e:f4:26:35:d4:df:5e:19:41:77:
ae:ef:95:48:6e:8e:ae:28:77:80:1d:56:ad:3a:e5:11:23:38:
fc:b6:99:9f:2a:64:32:f1:44:20:6e:84:a8:b2:c6:05:b9:14:
f9:b4:87:af:99:70:2f:5f:44:ef:7f:a9:a2:a8:ba:ea:a5:ee:
13:c3:f7:75:0e:01:41:d2:e5:c0:50:b5:99:70:90:1b:7d:e8:
bd:dc:55:fd:bc:c5:d0:a7:0d:ae:e2:1f:c0:96:66:b8:eb:dd:
23:c6:5d:ec:d7:6d:8d:11:42:19:df:94:95:b6:4e:8e:5b:1d:
86:80:17:f2:ab:3b:ad:35:99:af:ac:12:55:9d:93:58:93:64:
0b:0e:6e:1e:39:2d:06:28:b5:73:8d:ba:6d:27:e6:d5:34:94:
62:03:aa:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw8CpI1p6IJBD7edix9wroZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MjIxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU3OGUwYTYyMWQxZmY5ZjJmZWZhMjBlMmVlNzkzNmQxYjEzZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3SRm8drldY3Gy+Jd4zsJfvX99Sh9
X2nE0+ABKEVpU2CgqLGGLUovv7kINTqmpKNAx1FfV5satfi15+73AmE8xlkxqw1F
zUIj88NuJju3NWKKNlNvw0gY63I3f6BfTlRTRToeTzxU7+VGBCp6I8snYPoCLdpZ
9q43PyFcChf6ptY0bUwCpGVqawmd8GqrSxTPVWA/kYOjb3PlxBQOzTqgRheFIrXn
/+mE3mRnAspey3RswYDkmpCzkS9Lv3qz0iGRnnlpXcB/b06D9TXPZqlh7AGilM9z
kTYHT0KPB6QLxO2bLiD44agr/QIGgIQ0ULlx9RGbquG44vtlqJ0echfaFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA9XjgpiHR/58v76IOLueTbRsT3eMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRDFlT0NtSWRIX255X3ZvZzR1NTVOdEd4UGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAVtopEf4PmR3K7ZYurh
/eV473x7icgMRctN17xSTxu0cPCGmuPCyqxxMJkbe7baW2Dv1nyd/jsRoMTjnwdC
aszJG9XXlGy8nLTy1E/sEi+JmfLufAsqhKPk0TPvXQtllaE0LvQmNdTfXhlBd67v
lUhujq4od4AdVq065REjOPy2mZ8qZDLxRCBuhKiyxgW5FPm0h6+ZcC9fRO9/qaKo
uuql7hPD93UOAUHS5cBQtZlwkBt96L3cVf28xdCnDa7iH8CWZrjr3SPGXezXbY0R
QhnflJW2To5bHYaAF/KrO601ma+sElWdk1iTZAsObh45LQYotXONum0n5tU0lGID
qo8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:55:44 2025 by rpki-client