Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ddXN2B5fXFlHJMnST8kWd6O4q_c.roa
File: ddXN2B5fXFlHJMnST8kWd6O4q_c.roa (raw, json)
Hash identifier: 6VV0dVDFAyP8O8vNeMm/ByWUVjiLMFF9v8pOC54ee9M=
Subject key identifier: 75:D5:CD:D8:1E:5F:5C:59:47:24:C9:D2:4F:C9:16:77:A3:B8:AB:F7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA8A2B08095584D85F1B85DD0B6DD031B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ddXN2B5fXFlHJMnST8kWd6O4q_c.roa
Signing time: Tue 07 Nov 2023 07:15:16 +0000
ROA not before: Tue 07 Nov 2023 07:15:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a8:a2:b0:80:95:58:4d:85:f1:b8:5d:d0:b6:dd:03:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 07:15:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75d5cdd81e5f5c594724c9d24fc91677a3b8abf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:07:4e:c2:17:ec:67:ae:90:f7:0d:6c:cc:02:
35:c3:e1:54:cf:67:43:1f:04:65:6a:23:c2:e7:2f:
f5:ae:1c:ee:5e:e4:47:7b:0f:ee:ad:4b:8e:c2:ce:
95:35:66:0e:c4:a3:9c:a5:83:55:20:aa:8f:46:53:
3d:94:0a:fc:fd:09:a5:e5:97:9c:bd:33:8f:c6:ef:
db:5a:b6:80:ae:76:bc:eb:dc:1d:5a:74:aa:72:aa:
87:ad:41:93:8b:e3:6e:40:e8:82:e8:82:46:81:2a:
51:3a:49:4b:57:7f:32:e6:83:4a:e9:89:a7:f6:17:
cd:f7:58:99:d2:40:4c:0e:21:a5:4f:b4:2a:a6:09:
ec:26:df:38:17:dd:06:2e:3c:ae:01:b4:79:59:e4:
18:0b:7a:46:4f:2a:6a:32:e7:25:5d:ce:7d:b0:48:
f2:b6:5b:bc:b8:98:ca:a5:9b:ef:21:42:e8:3b:e7:
a8:9a:a6:f5:62:51:96:64:a7:86:3e:3b:f1:4e:05:
50:18:f5:8f:a2:ae:11:54:ab:b0:88:b4:fe:60:9c:
f8:87:dc:6d:2b:47:e6:de:f9:19:3a:5c:4a:f9:71:
6a:7c:c6:5c:8e:18:6f:fd:6d:69:3e:6d:ec:c2:09:
a4:48:0e:73:89:8b:aa:c7:86:96:03:11:24:99:a1:
da:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D5:CD:D8:1E:5F:5C:59:47:24:C9:D2:4F:C9:16:77:A3:B8:AB:F7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ddXN2B5fXFlHJMnST8kWd6O4q_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:e2:61:ae:43:fa:8c:43:75:fb:49:89:c1:49:49:a0:0b:46:
4e:13:8e:5b:01:5f:75:6e:c5:82:bd:bb:a4:fa:22:e6:a4:48:
27:f5:4a:16:91:73:2b:0f:f0:e9:16:cd:a2:ea:a8:2c:7b:78:
83:59:da:6b:cb:bc:e2:7e:09:ab:27:9a:99:11:18:4c:75:6f:
52:8c:0f:fc:78:59:a4:cd:a2:57:26:be:3e:23:fe:1c:ae:ab:
b2:ea:6f:e9:4b:89:8b:f0:f5:f9:0c:2b:a5:18:7c:e2:9a:ad:
99:48:07:5b:d8:e7:db:5b:3e:86:e2:bd:d7:3f:72:25:59:80:
f4:c8:40:1f:3b:f0:c9:a3:3d:70:de:b6:fa:54:88:4f:8a:2d:
62:50:b9:01:90:62:55:86:70:d6:ab:4c:06:3c:c6:6d:85:e3:
a3:45:e9:85:64:43:56:e4:66:9f:49:5b:88:91:f7:7f:64:f3:
85:9f:c2:fd:35:ec:66:76:c6:1a:e3:c5:50:af:e5:88:8f:f6:
ad:9b:87:66:ec:bd:81:5d:c3:42:df:77:15:9d:c6:35:16:b8:
d4:78:e7:b7:dd:38:ab:75:37:91:ed:40:d5:d2:a9:b1:6d:ad:
03:8d:ee:93:8b:bf:c7:92:f7:62:d6:92:c0:7b:89:91:54:90:
ad:30:48:a9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuoorCAlVhNhfG4XdC23QMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MDcxNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWQ1Y2RkODFlNWY1YzU5NDcyNGM5ZDI0ZmM5MTY3N2EzYjhhYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgdOwhfsZ66Q9w1szAI1w+FUz2dD
HwRlaiPC5y/1rhzuXuRHew/urUuOws6VNWYOxKOcpYNVIKqPRlM9lAr8/Qml5Zec
vTOPxu/bWraArna869wdWnSqcqqHrUGTi+NuQOiC6IJGgSpROklLV38y5oNK6Ymn
9hfN91iZ0kBMDiGlT7QqpgnsJt84F90GLjyuAbR5WeQYC3pGTypqMuclXc59sEjy
tlu8uJjKpZvvIULoO+eomqb1YlGWZKeGPjvxTgVQGPWPoq4RVKuwiLT+YJz4h9xt
K0fm3vkZOlxK+XFqfMZcjhhv/W1pPm3swgmkSA5ziYuqx4aWAxEkmaHaSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHXVzdgeX1xZRyTJ0k/JFnejuKv3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZGRYTjJCNWZYRmxISk1uU1Q4a1dkNk80cV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJjiYa5D+oxDdftJicFJ
SaALRk4TjlsBX3VuxYK9u6T6IuakSCf1ShaRcysP8OkWzaLqqCx7eINZ2mvLvOJ+
CasnmpkRGEx1b1KMD/x4WaTNolcmvj4j/hyuq7Lqb+lLiYvw9fkMK6UYfOKarZlI
B1vY59tbPobivdc/ciVZgPTIQB878MmjPXDetvpUiE+KLWJQuQGQYlWGcNarTAY8
xm2F46NF6YVkQ1bkZp9JW4iR939k84Wfwv017GZ2xhrjxVCv5YiP9q2bh2bsvYFd
w0LfdxWdxjUWuNR457fdOKt1N5HtQNXSqbFtrQON7pOLv8eS92LWksB7iZFUkK0w
SKk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:39:34 2025 by rpki-client