Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DYgS8wuCn-XOib304tnqimIKPNg.roa
File: DYgS8wuCn-XOib304tnqimIKPNg.roa (raw, json)
Hash identifier: qbdg3NwlJTtXq5AmmzBPQSSrnOA/Pa7euF861rL3Lio=
Subject key identifier: 0D:88:12:F3:0B:82:9F:E5:CE:89:BD:F4:E2:D9:EA:8A:62:0A:3C:D8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD1CF2237A396C4A1979668026E8E0DB4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DYgS8wuCn-XOib304tnqimIKPNg.roa
Signing time: Tue 26 Sep 2023 14:05:27 +0000
ROA not before: Tue 26 Sep 2023 14:05:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:d1ce:9e81/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:cf:22:37:a3:96:c4:a1:97:96:68:02:6e:8e:0d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 14:05:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d8812f30b829fe5ce89bdf4e2d9ea8a620a3cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:11:f2:30:b1:90:37:e5:ab:e2:97:10:34:7e:
a2:39:93:a4:c9:5c:b8:2e:cc:06:cb:67:b5:fb:59:
74:28:a3:5b:d0:e0:5f:41:a8:c8:d9:f0:1d:d1:2b:
4f:0c:20:9b:fe:49:11:c3:e0:c1:c7:38:e8:d0:8d:
2c:90:d6:67:98:67:2f:23:6d:0b:15:7a:00:58:33:
dc:53:9f:1b:1b:fd:84:9c:be:3d:d6:ff:bb:b1:06:
ff:ee:67:e3:4e:eb:07:22:72:f9:64:f8:8a:9e:12:
92:f5:7d:ac:78:e8:ef:1c:d3:4c:82:a6:f4:20:3b:
a3:3f:b1:6c:ff:17:79:3f:b1:56:7e:ae:65:e8:43:
a0:e9:85:7b:f7:ec:09:ea:97:51:3d:61:1d:c7:5e:
a3:8a:84:23:02:9c:b3:fe:1c:94:03:d9:34:0e:13:
2a:95:ed:29:5b:d0:03:df:85:ce:3d:46:d1:43:5a:
bb:6a:36:62:b5:45:2e:60:0b:45:67:2e:64:c7:1c:
f2:c8:00:f0:e7:82:66:2b:30:49:ba:ce:53:e4:61:
9c:08:22:d8:b9:e4:50:b9:4a:c6:09:6b:f8:64:55:
dc:c8:2e:ff:7c:85:cc:aa:1f:fb:1b:02:3a:0c:62:
2a:e3:96:0a:ad:fb:b7:92:3f:7b:cd:d0:e9:8f:8c:
ea:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:88:12:F3:0B:82:9F:E5:CE:89:BD:F4:E2:D9:EA:8A:62:0A:3C:D8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DYgS8wuCn-XOib304tnqimIKPNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:d2:3f:76:7d:0e:b5:71:20:ee:5b:76:30:bd:9b:15:3e:ee:
a6:3c:10:ce:b8:56:73:7e:cb:70:a0:e6:f8:36:74:99:67:77:
d4:c7:e4:ed:66:3a:9c:7c:3e:ee:8f:6c:f4:f8:80:15:4a:6c:
84:29:32:61:f8:6d:ee:12:79:b9:f9:60:08:2a:b1:ef:c1:e2:
40:af:3b:60:86:67:49:98:19:ee:ef:79:aa:c5:c1:e8:a4:ae:
cd:e7:37:25:07:e0:2a:bb:0c:1d:f2:fa:ec:b8:be:8e:04:b6:
50:78:67:5e:4f:f6:c7:42:34:d8:df:cf:35:ec:ee:30:5b:53:
bc:92:09:02:b5:83:ac:7b:bd:bc:e0:0f:65:ff:12:a2:00:c7:
56:23:dd:8d:cb:42:34:8d:b8:ca:4e:d3:53:8f:72:b3:c2:95:
6f:e8:4f:96:2b:e0:cb:9c:3a:35:63:a7:c8:88:e0:67:dc:93:
bb:d5:67:71:72:77:d8:98:9b:34:69:3f:25:68:32:35:a7:1e:
9b:63:fd:31:95:75:a7:c8:7b:45:8c:10:63:a2:81:b0:1b:f1:
44:cf:13:4b:4a:dd:f9:9d:85:3f:7f:ed:3a:03:fa:3f:0b:16:
5e:d2:9d:86:31:56:73:74:97:66:21:8d:8d:77:76:32:2a:84:
75:43:1b:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrRzyI3o5bEoZeWaAJujg20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MTQwNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDg4MTJmMzBiODI5ZmU1Y2U4OWJkZjRlMmQ5ZWE4YTYyMGEzY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBHyMLGQN+Wr4pcQNH6iOZOkyVy4
LswGy2e1+1l0KKNb0OBfQajI2fAd0StPDCCb/kkRw+DBxzjo0I0skNZnmGcvI20L
FXoAWDPcU58bG/2EnL491v+7sQb/7mfjTusHInL5ZPiKnhKS9X2seOjvHNNMgqb0
IDujP7Fs/xd5P7FWfq5l6EOg6YV79+wJ6pdRPWEdx16jioQjApyz/hyUA9k0DhMq
le0pW9AD34XOPUbRQ1q7ajZitUUuYAtFZy5kxxzyyADw54JmKzBJus5T5GGcCCLY
ueRQuUrGCWv4ZFXcyC7/fIXMqh/7GwI6DGIq45YKrfu3kj97zdDpj4zqqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA2IEvMLgp/lzom99OLZ6opiCjzYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRFlnUzh3dUNuLVhPaWIzMDR0bnFpbUlLUE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACDSP3Z9DrVxIO5bdjC9
mxU+7qY8EM64VnN+y3Cg5vg2dJlnd9TH5O1mOpx8Pu6PbPT4gBVKbIQpMmH4be4S
ebn5YAgqse/B4kCvO2CGZ0mYGe7vearFweikrs3nNyUH4Cq7DB3y+uy4vo4EtlB4
Z15P9sdCNNjfzzXs7jBbU7ySCQK1g6x7vbzgD2X/EqIAx1Yj3Y3LQjSNuMpO01OP
crPClW/oT5Yr4MucOjVjp8iI4Gfck7vVZ3Fyd9iYmzRpPyVoMjWnHptj/TGVdafI
e0WMEGOigbAb8UTPE0tK3fmdhT9/7ToD+j8LFl7SnYYxVnN0l2YhjY13djIqhHVD
G5Y=
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:26:18 2025 by rpki-client