Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Dgn6XvRdG-NA2QkmxWNrH0U6LE4.roa
File: Dgn6XvRdG-NA2QkmxWNrH0U6LE4.roa (raw, json)
Hash identifier: LPfOFcB5Pba47TBXnxwnwbyd6idsj/T8LdvwFVfv6Kk=
Subject key identifier: 0E:09:FA:5E:F4:5D:1B:E3:40:D9:09:26:C5:63:6B:1F:45:3A:2C:4E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C183824173A2828700DCA1C8391CE901B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Dgn6XvRdG-NA2QkmxWNrH0U6LE4.roa
Signing time: Tue 28 Nov 2023 23:16:21 +0000
ROA not before: Tue 28 Nov 2023 23:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:18:38:24:17:3a:28:28:70:0d:ca:1c:83:91:ce:90:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 23:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e09fa5ef45d1be340d90926c5636b1f453a2c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9a:0c:94:d5:42:e1:70:62:bb:5d:33:08:eb:
9f:99:e8:72:04:92:78:e9:55:d8:ca:ed:1d:cc:2e:
b8:3b:7e:14:d6:53:04:75:9d:48:be:21:2f:14:2a:
51:0a:ba:73:18:4b:f6:ed:49:22:21:fb:75:d3:8c:
c2:c7:d3:94:c1:c2:d7:c6:24:ad:1f:2f:56:f5:8d:
66:aa:9b:61:cb:bf:2e:01:cf:07:52:b4:f8:dc:d2:
ab:bd:22:a2:88:6b:d8:57:ef:40:11:35:55:9e:c2:
d8:4a:46:a8:1c:0c:18:9a:57:f2:30:a2:40:a4:da:
f6:93:58:03:e3:f6:78:7b:70:47:34:51:61:3c:72:
1f:f3:5f:06:23:dd:99:07:d5:21:a4:e4:40:d5:a9:
77:14:70:01:d0:1b:e3:66:9c:de:e0:a4:d6:c0:fd:
51:49:1c:c6:e1:6f:3c:4d:e7:da:7d:71:9e:56:35:
7c:0c:b9:21:0d:9e:0e:1f:0c:01:6b:60:e9:ea:31:
c9:ee:c3:44:51:7c:5f:4d:1f:22:17:0d:40:a6:31:
fe:9f:92:39:7d:a6:1d:d9:c1:86:aa:a9:8e:19:05:
e1:96:b2:72:09:00:7a:8a:df:47:0f:43:1f:e5:36:
11:52:fc:ad:4e:c2:7e:f4:25:c1:8f:c1:1d:2d:18:
5e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:09:FA:5E:F4:5D:1B:E3:40:D9:09:26:C5:63:6B:1F:45:3A:2C:4E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Dgn6XvRdG-NA2QkmxWNrH0U6LE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:f8:9b:8b:6a:e5:30:a7:d2:04:a4:2b:11:b8:cc:dc:0d:91:
21:96:59:62:ea:11:a5:04:89:5a:44:60:2d:09:f5:a8:05:80:
11:49:b9:23:6b:f3:47:79:90:18:27:26:ff:6f:83:f5:f4:fc:
57:4c:82:34:52:49:4a:af:2a:40:45:2f:82:34:24:4b:0b:07:
dd:c5:bb:7e:e2:17:30:32:5e:1e:00:3d:b4:a8:50:09:22:a1:
d9:78:f8:17:f8:3e:22:2d:ec:8a:84:1e:37:ff:67:55:ed:4b:
01:28:a0:5c:79:73:a3:15:bf:9f:46:91:a0:b4:f7:39:f8:50:
2f:f2:c1:36:39:53:8b:2b:a3:f3:8d:94:5c:0a:79:86:f5:13:
57:6b:55:75:bf:c5:33:b9:86:2c:de:28:07:84:71:60:3a:c1:
8f:02:76:73:58:fd:41:24:3d:d5:16:31:3e:03:e8:4e:11:c6:
01:c9:79:05:e7:21:4c:51:62:97:d3:7d:77:90:af:6d:82:b4:
4e:b5:6b:01:d9:79:2f:6e:4d:52:17:a6:3b:10:8f:28:f4:22:
c2:29:1e:3b:77:58:a5:a5:80:b4:08:21:63:dc:70:37:95:e6:
9b:2e:f2:81:96:88:b7:a5:05:91:a1:1d:84:cf:3f:91:86:5f:
28:54:aa:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwYOCQXOigocA3KHIORzpAbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MjMxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTA5ZmE1ZWY0NWQxYmUzNDBkOTA5MjZjNTYzNmIxZjQ1M2EyYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15oMlNVC4XBiu10zCOufmehyBJJ4
6VXYyu0dzC64O34U1lMEdZ1IviEvFCpRCrpzGEv27UkiIft104zCx9OUwcLXxiSt
Hy9W9Y1mqpthy78uAc8HUrT43NKrvSKiiGvYV+9AETVVnsLYSkaoHAwYmlfyMKJA
pNr2k1gD4/Z4e3BHNFFhPHIf818GI92ZB9UhpORA1al3FHAB0BvjZpze4KTWwP1R
SRzG4W88TefafXGeVjV8DLkhDZ4OHwwBa2Dp6jHJ7sNEUXxfTR8iFw1ApjH+n5I5
faYd2cGGqqmOGQXhlrJyCQB6it9HD0Mf5TYRUvytTsJ+9CXBj8EdLRhe0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA4J+l70XRvjQNkJJsVjax9FOixOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRGduNlh2UmRHLU5BMlFrbXhXTnJIMFU2TEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGD4m4tq5TCn0gSkKxG4
zNwNkSGWWWLqEaUEiVpEYC0J9agFgBFJuSNr80d5kBgnJv9vg/X0/FdMgjRSSUqv
KkBFL4I0JEsLB93Fu37iFzAyXh4APbSoUAkiodl4+Bf4PiIt7IqEHjf/Z1XtSwEo
oFx5c6MVv59GkaC09zn4UC/ywTY5U4sro/ONlFwKeYb1E1drVXW/xTO5hizeKAeE
cWA6wY8CdnNY/UEkPdUWMT4D6E4RxgHJeQXnIUxRYpfTfXeQr22CtE61awHZeS9u
TVIXpjsQjyj0IsIpHjt3WKWlgLQIIWPccDeV5psu8oGWiLelBZGhHYTPP5GGXyhU
qkA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:58:15 2025 by rpki-client