Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DZOEMosE7CLjUQKfHO6hQdcWwVs.roa
File: DZOEMosE7CLjUQKfHO6hQdcWwVs.roa (raw, json)
Hash identifier: yr6p5qxpI/30nYb0DboM7bkWc7smUW4ejmqiWppdFpA=
Subject key identifier: 0D:93:84:32:8B:04:EC:22:E3:51:02:9F:1C:EE:A1:41:D7:16:C1:5B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B311C8A1A1940EF324473BFF82BE6E8E3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DZOEMosE7CLjUQKfHO6hQdcWwVs.roa
Signing time: Sun 15 Oct 2023 02:13:55 +0000
ROA not before: Sun 15 Oct 2023 02:13:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:31:1c:8a:1a:19:40:ef:32:44:73:bf:f8:2b:e6:e8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 02:13:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d9384328b04ec22e351029f1ceea141d716c15b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:27:9a:f0:25:b3:a7:3f:3b:6f:70:27:60:7e:
cb:82:be:94:59:62:29:db:d7:9c:7c:81:57:0c:85:
2c:8e:8c:14:b7:88:62:7f:1a:5a:b6:5f:7a:bb:5c:
27:6d:2f:f3:23:46:1b:9c:63:e2:07:a7:54:7a:e5:
ed:ee:91:bc:bc:7e:4a:9c:a8:31:74:1f:81:c6:49:
c9:73:b4:2b:34:94:c6:f3:df:09:2e:b8:f5:c3:e5:
70:e3:69:d8:53:09:89:24:b5:3c:58:8a:ad:19:37:
fc:03:96:ec:43:39:de:8a:e9:9d:5f:f1:db:b2:e5:
45:dd:de:cd:cc:64:83:c9:a2:3c:2f:62:39:53:31:
11:fe:2a:bc:7f:0e:78:24:76:b1:4a:31:5b:66:6d:
cc:05:4f:eb:28:1c:c1:d6:c3:29:b4:90:6a:7f:83:
c0:23:2d:28:7f:94:4b:19:a2:bd:e4:5b:8c:bc:18:
c9:80:2d:70:be:21:11:da:76:bc:43:eb:2c:da:50:
4e:31:c8:c1:8d:76:5e:dc:fe:58:cc:72:59:3d:ac:
64:c3:f1:e5:4d:89:ab:b2:2d:f8:e0:af:f7:e9:7e:
cd:af:ac:49:ea:4b:08:91:90:9c:a9:a6:06:df:e8:
51:74:fe:89:65:07:9e:0b:5a:98:5e:f6:69:37:fe:
e3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:93:84:32:8B:04:EC:22:E3:51:02:9F:1C:EE:A1:41:D7:16:C1:5B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DZOEMosE7CLjUQKfHO6hQdcWwVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c2:62:ba:fb:6f:ee:e1:f3:c4:c8:4e:6c:fe:13:c9:72:6b:3a:
9b:9f:c6:75:41:b6:7e:11:2c:7d:24:95:f0:2b:51:54:00:6f:
63:0a:5e:81:9f:8c:25:c4:a0:23:51:09:23:a9:4e:82:e5:b0:
76:05:03:94:7e:d0:96:56:6a:d8:98:5f:4b:ec:c1:a3:8c:09:
e9:00:17:d9:58:37:81:55:4c:08:b3:0a:f7:32:19:08:05:a6:
e5:20:50:88:e9:64:ee:e3:df:8b:26:a8:ef:26:a5:a4:0b:85:
43:e1:6e:f6:8e:37:d6:34:c4:11:7c:6e:51:fb:be:93:70:b6:
93:49:8b:3d:e3:9f:10:c7:85:b8:e8:7f:74:40:17:bf:3f:f3:
e4:5a:a7:a8:73:38:93:c9:ba:31:89:a8:d3:cb:01:6f:0a:36:
8b:89:ec:7b:65:d3:63:fb:3a:3f:41:4e:b5:0c:a6:79:1d:3f:
54:72:86:71:96:a2:9d:01:b6:fb:b2:a8:02:1b:f8:85:e0:f8:
28:03:db:cb:a8:4b:4d:d2:9c:72:7b:c1:7a:95:e0:2a:fc:d0:
98:6c:c9:a4:a2:cc:66:ca:fe:66:66:b2:0f:6f:86:48:29:5f:
4b:95:5a:b3:24:01:57:ba:fc:9b:7b:cb:43:c8:0b:6a:f2:9b:
6c:6a:3a:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsxHIoaGUDvMkRzv/gr5ujjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MDIxMzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDkzODQzMjhiMDRlYzIyZTM1MTAyOWYxY2VlYTE0MWQ3MTZjMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCea8CWzpz87b3AnYH7Lgr6UWWIp
29ecfIFXDIUsjowUt4hifxpatl96u1wnbS/zI0YbnGPiB6dUeuXt7pG8vH5KnKgx
dB+BxknJc7QrNJTG898JLrj1w+Vw42nYUwmJJLU8WIqtGTf8A5bsQzneiumdX/Hb
suVF3d7NzGSDyaI8L2I5UzER/iq8fw54JHaxSjFbZm3MBU/rKBzB1sMptJBqf4PA
Iy0of5RLGaK95FuMvBjJgC1wviER2na8Q+ss2lBOMcjBjXZe3P5YzHJZPaxkw/Hl
TYmrsi344K/36X7Nr6xJ6ksIkZCcqaYG3+hRdP6JZQeeC1qYXvZpN/7jSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA2ThDKLBOwi41ECnxzuoUHXFsFbMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRFpPRU1vc0U3Q0xqVVFLZkhPNmhRZGNXd1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMJiuvtv7uHzxMhObP4T
yXJrOpufxnVBtn4RLH0klfArUVQAb2MKXoGfjCXEoCNRCSOpToLlsHYFA5R+0JZW
atiYX0vswaOMCekAF9lYN4FVTAizCvcyGQgFpuUgUIjpZO7j34smqO8mpaQLhUPh
bvaON9Y0xBF8blH7vpNwtpNJiz3jnxDHhbjof3RAF78/8+Rap6hzOJPJujGJqNPL
AW8KNouJ7Htl02P7Oj9BTrUMpnkdP1RyhnGWop0BtvuyqAIb+IXg+CgD28uoS03S
nHJ7wXqV4Cr80JhsyaSizGbK/mZmsg9vhkgpX0uVWrMkAVe6/Jt7y0PIC2rym2xq
Ono=
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:38:29 2025 by rpki-client