Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DDBnZZ5PeX4xRM1-sxOFX5SW60I.roa
File: DDBnZZ5PeX4xRM1-sxOFX5SW60I.roa (raw, json)
Hash identifier: N4ZubP22NSuPEq4Jf0s01lwV6c5v5ETWbVm87ykWeYg=
Subject key identifier: 0C:30:67:65:9E:4F:79:7E:31:44:CD:7E:B3:13:85:5F:94:96:EB:42
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B02C4F3EE9DC1D32E72A579345727D830
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DDBnZZ5PeX4xRM1-sxOFX5SW60I.roa
Signing time: Fri 06 Oct 2023 02:15:43 +0000
ROA not before: Fri 06 Oct 2023 02:15:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:02:c4:f3:ee:9d:c1:d3:2e:72:a5:79:34:57:27:d8:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 02:15:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c3067659e4f797e3144cd7eb313855f9496eb42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ca:a0:b0:81:94:e7:02:01:5a:ad:de:7e:59:
b4:c7:ca:e1:3d:3d:5f:b0:3b:37:c8:9a:50:05:6b:
85:d9:24:8b:0f:f6:1a:0f:46:14:74:fa:01:74:c6:
fe:1f:27:55:87:96:a4:d8:90:e8:2d:72:b8:bb:ff:
73:5b:fa:6a:4f:76:73:55:e2:5e:15:67:57:a8:b6:
68:c1:cd:35:d4:8a:71:6e:44:84:ad:a1:9a:49:48:
d1:f0:86:da:da:cc:1b:fa:4f:15:e9:02:f6:d9:cb:
83:26:13:ef:f3:7c:d0:bf:59:2e:77:b6:2d:e0:04:
5f:e8:2a:ce:0b:35:f7:a8:83:dd:59:41:bc:3e:0c:
67:c0:02:eb:3f:82:b8:6c:82:7e:5c:47:4b:3e:1d:
41:3e:75:3f:ea:8a:06:72:7b:bc:ff:9a:e7:b3:d4:
22:a9:07:b7:97:cc:98:bd:14:bb:69:f0:7b:7a:17:
fa:e5:84:3d:76:4f:86:1f:5d:b9:cf:16:f0:d4:0c:
de:89:ce:d5:c9:01:99:57:99:4c:b0:0a:08:ef:a0:
44:9f:08:9d:18:6f:5d:7c:ef:6d:b1:e2:5e:34:5e:
aa:60:24:ba:87:91:08:c2:c5:76:88:3a:74:4a:00:
7a:27:1a:52:80:63:41:ea:06:73:52:7d:72:3f:e4:
15:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:30:67:65:9E:4F:79:7E:31:44:CD:7E:B3:13:85:5F:94:96:EB:42
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DDBnZZ5PeX4xRM1-sxOFX5SW60I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:58:54:23:3b:43:f4:4a:bd:c4:8e:58:8d:52:a0:50:44:34:
42:58:53:2b:c0:b1:c2:32:cc:fa:95:49:6b:f2:fe:ac:3f:cf:
b8:fa:d3:78:cd:21:83:64:41:10:d2:e4:40:4e:83:53:3d:af:
8b:ee:b0:a2:7a:42:95:62:2f:b4:5a:f5:60:48:64:82:f5:54:
80:3e:21:dc:b4:cb:92:be:42:66:95:d9:45:05:71:34:b3:c5:
2c:9c:cd:42:60:bb:e0:db:3c:0b:e0:64:cf:a1:5c:79:1c:7c:
33:6b:02:b8:05:71:6b:d7:2f:9a:45:0e:82:9f:a8:20:90:1b:
60:78:ab:7e:e4:3a:1f:51:ce:de:07:63:0a:00:9f:a5:56:9c:
0d:42:c4:8f:eb:61:a5:05:3d:16:e7:8b:dc:0a:c4:bb:7e:93:
ad:bd:80:ea:66:c3:22:f9:ba:46:91:4d:57:12:6a:a1:3d:f6:
ce:f3:0a:7f:73:36:3b:ce:53:91:8a:ff:dc:6e:38:0a:bc:12:
20:ed:95:71:27:d4:3a:17:fa:88:90:da:9f:ad:06:a2:75:dd:
c6:f5:17:60:0e:66:53:46:99:a7:cf:aa:18:1e:3d:d3:0a:73:
6f:44:5b:57:1d:54:0f:ff:72:49:f6:04:96:4e:57:a4:d8:18:
5b:c4:a5:36
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsCxPPuncHTLnKleTRXJ9gwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MDIxNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzMwNjc2NTllNGY3OTdlMzE0NGNkN2ViMzEzODU1Zjk0OTZlYjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcqgsIGU5wIBWq3eflm0x8rhPT1f
sDs3yJpQBWuF2SSLD/YaD0YUdPoBdMb+HydVh5ak2JDoLXK4u/9zW/pqT3ZzVeJe
FWdXqLZowc011IpxbkSEraGaSUjR8Iba2swb+k8V6QL22cuDJhPv83zQv1kud7Yt
4ARf6CrOCzX3qIPdWUG8PgxnwALrP4K4bIJ+XEdLPh1BPnU/6ooGcnu8/5rns9Qi
qQe3l8yYvRS7afB7ehf65YQ9dk+GH125zxbw1Azeic7VyQGZV5lMsAoI76BEnwid
GG9dfO9tseJeNF6qYCS6h5EIwsV2iDp0SgB6JxpSgGNB6gZzUn1yP+QVAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAwwZ2WeT3l+MUTNfrMThV+UlutCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRERCblpaNVBlWDR4Uk0xLXN4T0ZYNVNXNjBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJtYVCM7Q/RKvcSOWI1S
oFBENEJYUyvAscIyzPqVSWvy/qw/z7j603jNIYNkQRDS5EBOg1M9r4vusKJ6QpVi
L7Ra9WBIZIL1VIA+Idy0y5K+QmaV2UUFcTSzxSyczUJgu+DbPAvgZM+hXHkcfDNr
ArgFcWvXL5pFDoKfqCCQG2B4q37kOh9Rzt4HYwoAn6VWnA1CxI/rYaUFPRbni9wK
xLt+k629gOpmwyL5ukaRTVcSaqE99s7zCn9zNjvOU5GK/9xuOAq8EiDtlXEn1DoX
+oiQ2p+tBqJ13cb1F2AOZlNGmafPqhgePdMKc29EW1cdVA//ckn2BJZOV6TYGFvE
pTY=
-----END CERTIFICATE-----
Generated at Tue May 6 00:16:50 2025 by rpki-client