Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dkFI0a8Mc25kpibHIpnWrP78SeE.roa
File: dkFI0a8Mc25kpibHIpnWrP78SeE.roa (raw, json)
Hash identifier: rY9SNKVMJshLMfhQJg9jpOqNPGQ8R5M5CSsm6cx0YNM=
Subject key identifier: 76:41:48:D1:AF:0C:73:6E:64:A6:26:C7:22:99:D6:AC:FE:FC:49:E1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B514BAD3BBF62FD2A3027493EA365D715
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dkFI0a8Mc25kpibHIpnWrP78SeE.roa
Signing time: Sat 21 Oct 2023 08:13:15 +0000
ROA not before: Sat 21 Oct 2023 08:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:51:4b:ad:3b:bf:62:fd:2a:30:27:49:3e:a3:65:d7:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 08:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=764148d1af0c736e64a626c72299d6acfefc49e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:00:c4:9a:b5:15:28:c7:c6:f0:60:67:ba:31:
b2:3e:92:aa:8b:bf:d8:b2:c0:f7:1e:ff:00:14:cb:
bf:19:e8:62:ce:0d:44:9d:19:a5:bd:bd:7b:09:20:
4c:ca:f8:a9:81:73:c4:4d:ce:d2:64:6a:dc:06:0d:
58:04:f7:1f:61:00:1f:41:c7:b3:c2:d7:06:d1:d9:
5e:f9:d8:2f:f4:9c:89:88:e8:6c:ab:b1:58:28:60:
c1:6f:c0:3b:39:ab:28:05:cc:3b:8a:d6:2a:0c:76:
c4:cd:57:2b:1e:6c:6d:f8:f9:15:90:bd:d2:44:93:
96:22:32:cd:fc:6c:9c:80:34:e1:e7:9c:eb:57:6d:
e6:8d:95:2a:96:68:40:16:3e:7d:c2:b1:47:ee:ac:
b7:1d:6f:f1:e3:70:12:e7:4a:e4:01:54:ce:3b:ca:
a9:d9:65:cb:e9:33:e0:99:a1:47:4b:44:c8:d0:8e:
69:b3:c6:02:00:ca:66:22:92:24:d9:2c:84:22:ed:
5d:6b:2f:9b:94:1e:0a:13:2d:79:8f:0f:24:67:f0:
da:a1:5d:46:99:a9:4f:03:9a:fc:fa:51:d2:4a:65:
6c:4d:a5:0d:49:c2:1e:de:9b:a2:f0:18:20:5c:0b:
95:59:91:98:4c:c8:f0:0c:92:4a:9f:02:5f:e9:b4:
e3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:41:48:D1:AF:0C:73:6E:64:A6:26:C7:22:99:D6:AC:FE:FC:49:E1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dkFI0a8Mc25kpibHIpnWrP78SeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
06:95:94:9e:a1:d7:b2:2d:ee:b1:7d:8e:2e:a2:e6:65:44:42:
9e:3d:e8:75:c5:9d:76:c6:b4:f1:a6:40:72:38:08:ca:f2:6b:
92:d4:11:49:3a:5c:44:7d:28:e1:43:6a:97:17:95:8e:27:d0:
0e:35:9f:1f:14:1b:2b:36:91:8c:d6:68:7c:7f:7d:4b:da:61:
cc:31:16:59:b8:db:69:5d:34:1d:89:b2:6c:4b:15:82:4b:a9:
a7:b6:fa:98:fa:ce:3b:bc:63:3a:fb:5c:fe:69:44:36:d2:29:
cd:5a:e1:83:b6:35:fd:26:97:e7:b9:b3:b0:dc:53:d0:b5:ea:
35:82:a6:29:32:46:31:79:cf:1b:78:99:f0:a4:72:ca:91:c4:
14:fb:2e:7e:42:5f:33:a8:a8:04:f4:25:2b:d2:30:31:74:50:
41:2c:b6:71:d2:a8:22:ef:ed:c5:12:46:65:e2:db:4e:a3:ec:
03:f0:37:e8:17:20:04:b8:c2:6f:45:82:7d:c9:a7:26:de:ff:
15:b8:52:cb:76:2b:7c:ac:68:83:7e:eb:92:b2:34:bb:ff:5e:
b9:86:b7:bc:f4:9b:18:37:5f:4f:db:b8:c4:d3:a0:20:ce:55:
fc:4a:fb:da:fd:33:cb:4a:f7:8f:09:b5:f1:74:0b:bd:a8:8c:
8f:d3:99:19
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtRS607v2L9KjAnST6jZdcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMDgxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjQxNDhkMWFmMGM3MzZlNjRhNjI2YzcyMjk5ZDZhY2ZlZmM0OWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywDEmrUVKMfG8GBnujGyPpKqi7/Y
ssD3Hv8AFMu/Gehizg1EnRmlvb17CSBMyvipgXPETc7SZGrcBg1YBPcfYQAfQcez
wtcG0dle+dgv9JyJiOhsq7FYKGDBb8A7OasoBcw7itYqDHbEzVcrHmxt+PkVkL3S
RJOWIjLN/GycgDTh55zrV23mjZUqlmhAFj59wrFH7qy3HW/x43AS50rkAVTOO8qp
2WXL6TPgmaFHS0TI0I5ps8YCAMpmIpIk2SyEIu1day+blB4KEy15jw8kZ/DaoV1G
malPA5r8+lHSSmVsTaUNScIe3pui8BggXAuVWZGYTMjwDJJKnwJf6bTj4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHZBSNGvDHNuZKYmxyKZ1qz+/EnhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZGtGSTBhOE1jMjVrcGliSElwbldyUDc4U2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAaVlJ6h17It7rF9ji6i
5mVEQp496HXFnXbGtPGmQHI4CMrya5LUEUk6XER9KOFDapcXlY4n0A41nx8UGys2
kYzWaHx/fUvaYcwxFlm422ldNB2JsmxLFYJLqae2+pj6zju8Yzr7XP5pRDbSKc1a
4YO2Nf0ml+e5s7DcU9C16jWCpikyRjF5zxt4mfCkcsqRxBT7Ln5CXzOoqAT0JSvS
MDF0UEEstnHSqCLv7cUSRmXi206j7APwN+gXIAS4wm9Fgn3Jpybe/xW4Ust2K3ys
aIN+65KyNLv/XrmGt7z0mxg3X0/buMTToCDOVfxK+9r9M8tK948JtfF0C72ojI/T
mRk=
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:02:25 2025 by rpki-client