Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DjwQRRpsMrKVmg27g6_li7h6TYk.roa
File: DjwQRRpsMrKVmg27g6_li7h6TYk.roa (raw, json)
Hash identifier: ZBRShNg2h7N9zugmx2UQu6XIDJlol/pe8heL/lD/PIA=
Subject key identifier: 0E:3C:10:45:1A:6C:32:B2:95:9A:0D:BB:83:AF:E5:8B:B8:7A:4D:89
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B95F4E3571F25043A85BB0A581E61046E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DjwQRRpsMrKVmg27g6_li7h6TYk.roa
Signing time: Fri 03 Nov 2023 16:12:16 +0000
ROA not before: Fri 03 Nov 2023 16:12:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:95:f4:e3:57:1f:25:04:3a:85:bb:0a:58:1e:61:04:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 16:12:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e3c10451a6c32b2959a0dbb83afe58bb87a4d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e9:4b:cc:55:d0:79:81:0f:d0:9a:cb:9e:28:
9d:84:5a:01:54:ef:0d:69:61:3d:ea:df:20:c5:5f:
d7:c7:7b:8e:6c:68:b1:1f:53:ff:5e:60:a0:54:63:
e7:3f:88:e1:85:5b:a6:3b:d6:dc:52:f9:96:16:36:
1b:a9:00:99:d0:08:e1:17:1c:b0:5b:10:1c:86:a2:
45:5b:9e:e5:9b:16:bc:d8:c9:b7:86:54:49:c2:3a:
2e:a8:fa:da:ff:8f:7f:52:e8:2c:4d:95:fc:7b:dc:
5d:4a:63:fe:72:aa:b8:23:89:8e:2b:cd:09:b9:ba:
86:45:a7:53:5e:a9:2e:fb:53:1d:7c:05:58:6e:dd:
b3:e3:e1:0d:48:24:5d:7f:19:97:a3:03:5e:6d:f1:
78:23:73:81:ce:5d:b5:6d:bc:fb:26:49:0e:09:a8:
d3:29:5b:fb:98:cf:09:a7:39:e3:87:99:f2:f0:11:
0b:ef:cc:6a:c0:cc:b6:90:73:2f:af:b4:23:4c:e6:
29:3d:00:e3:33:2a:59:16:7d:77:ed:23:3c:ad:49:
9a:f9:bd:e6:8b:cc:aa:8d:81:78:2c:b1:ae:36:0f:
d9:c2:ff:1d:32:c9:68:29:49:b2:a8:a7:cd:d3:3b:
b4:29:14:a2:92:5b:7a:92:a0:0b:98:74:3b:ff:7c:
81:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:3C:10:45:1A:6C:32:B2:95:9A:0D:BB:83:AF:E5:8B:B8:7A:4D:89
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DjwQRRpsMrKVmg27g6_li7h6TYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:4f:b7:df:fd:7c:1c:eb:c7:3a:b7:bf:1e:d6:5b:0c:f2:50:
a0:34:38:d7:28:b4:7a:f4:ce:0b:ca:cb:79:d6:ab:79:e6:d4:
54:65:f4:d4:f0:66:1b:e7:bf:66:93:c0:38:62:8e:1f:4c:39:
ff:b6:f5:f6:94:2e:1b:0e:96:a4:be:d5:4f:6c:01:2b:39:54:
25:14:71:ab:73:72:64:f6:65:f4:c2:f3:f1:54:3c:0c:8c:f9:
20:9b:28:2b:4f:e3:ec:0e:63:5c:34:e2:62:36:47:8e:82:cf:
94:57:3b:f8:90:4d:42:25:5c:62:8d:ed:e4:2e:82:c8:d2:df:
67:07:f7:25:8a:d9:93:b3:ed:00:e5:1b:09:9a:78:ef:d4:86:
81:54:f8:68:59:51:88:89:b1:9b:f3:c8:81:c4:0d:92:fd:bf:
3f:b8:db:59:9c:3d:be:d0:25:0e:7e:62:fb:58:4a:87:71:c2:
a7:bc:4e:d7:b2:83:a4:7d:9d:24:3f:80:03:b4:40:2b:64:b5:
9f:ec:65:42:38:83:95:83:29:29:5e:fc:48:de:e8:c1:72:d1:
5f:15:27:43:bf:73:aa:38:0b:34:b2:58:e7:21:93:b5:08:e0:
56:f7:b8:ad:6b:4a:98:08:bd:85:ab:dc:01:a4:57:38:a3:2d:
e5:c5:6e:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuV9ONXHyUEOoW7ClgeYQRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMTYxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTNjMTA0NTFhNmMzMmIyOTU5YTBkYmI4M2FmZTU4YmI4N2E0ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArulLzFXQeYEP0JrLniidhFoBVO8N
aWE96t8gxV/Xx3uObGixH1P/XmCgVGPnP4jhhVumO9bcUvmWFjYbqQCZ0AjhFxyw
WxAchqJFW57lmxa82Mm3hlRJwjouqPra/49/UugsTZX8e9xdSmP+cqq4I4mOK80J
ubqGRadTXqku+1MdfAVYbt2z4+ENSCRdfxmXowNebfF4I3OBzl21bbz7JkkOCajT
KVv7mM8Jpznjh5ny8BEL78xqwMy2kHMvr7QjTOYpPQDjMypZFn137SM8rUma+b3m
i8yqjYF4LLGuNg/Zwv8dMsloKUmyqKfN0zu0KRSiklt6kqALmHQ7/3yBqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA48EEUabDKylZoNu4Ov5Yu4ek2JMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRGp3UVJScHNNcktWbWcyN2c2X2xpN2g2VFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMlPt9/9fBzrxzq3vx7W
WwzyUKA0ONcotHr0zgvKy3nWq3nm1FRl9NTwZhvnv2aTwDhijh9MOf+29faULhsO
lqS+1U9sASs5VCUUcatzcmT2ZfTC8/FUPAyM+SCbKCtP4+wOY1w04mI2R46Cz5RX
O/iQTUIlXGKN7eQugsjS32cH9yWK2ZOz7QDlGwmaeO/UhoFU+GhZUYiJsZvzyIHE
DZL9vz+421mcPb7QJQ5+YvtYSodxwqe8Tteyg6R9nSQ/gAO0QCtktZ/sZUI4g5WD
KSle/Eje6MFy0V8VJ0O/c6o4CzSyWOchk7UI4Fb3uK1rSpgIvYWr3AGkVzijLeXF
bhc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:02:16 2025 by rpki-client