Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dmXXmFEkMmEkhZuJWMP-NaXiaC8.roa
File: dmXXmFEkMmEkhZuJWMP-NaXiaC8.roa (raw, json)
Hash identifier: bUZY6B5jOfHfOVX8W/I4IwoJIErDqT00hmp2JYp2pUg=
Subject key identifier: 76:65:D7:98:51:24:32:61:24:85:9B:89:58:C3:FE:35:A5:E2:68:2F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEDB4BE0BACFC13FC52B96D2B78D6501C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dmXXmFEkMmEkhZuJWMP-NaXiaC8.roa
Signing time: Mon 02 Oct 2023 00:05:59 +0000
ROA not before: Mon 02 Oct 2023 00:05:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:edb4:4523/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ed:b4:be:0b:ac:fc:13:fc:52:b9:6d:2b:78:d6:50:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 00:05:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7665d7985124326124859b8958c3fe35a5e2682f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cb:0e:3d:79:2c:c2:4e:1c:92:60:a9:14:e8:
0c:57:68:d3:98:69:f4:05:4e:c0:9e:5b:87:e6:75:
99:5e:8a:15:4f:fa:e7:89:22:7f:ba:63:a5:e4:5c:
1c:7f:4d:aa:3f:9e:db:47:53:92:da:00:b8:67:72:
4b:50:b8:de:5f:40:88:13:99:f5:79:b2:d6:31:ac:
25:06:58:fc:80:63:ae:29:ed:e8:f1:92:c8:4f:8a:
f5:25:f5:38:89:49:dd:97:7e:ea:78:05:8b:ac:ad:
02:fb:4c:e1:e3:ff:cb:6a:15:41:d0:94:1b:66:69:
84:dc:d2:d3:d5:b0:d5:9c:25:a4:bc:fc:e0:b4:fc:
18:92:21:29:7f:ec:1a:15:03:25:a3:ac:42:68:6b:
8a:43:bd:07:9c:7a:a5:8c:34:1b:03:8b:27:b8:5f:
91:aa:fa:b1:30:aa:71:9f:6a:c8:c6:d6:47:c1:e0:
34:80:b9:d8:83:2d:07:bd:13:59:a0:b3:cf:79:55:
f1:97:b2:81:fc:e7:6c:6d:ed:75:fd:36:9a:f0:87:
7b:4f:a8:78:68:2a:db:3c:7e:e2:99:a9:09:ed:73:
2e:e4:23:c5:86:6c:7d:dd:04:5a:34:72:61:fc:45:
fe:28:70:43:d3:0a:b3:51:b6:52:60:96:22:45:5b:
8e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:65:D7:98:51:24:32:61:24:85:9B:89:58:C3:FE:35:A5:E2:68:2F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dmXXmFEkMmEkhZuJWMP-NaXiaC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:79:77:76:e0:40:4b:85:f3:e8:b8:20:52:2b:6e:92:a4:0f:
f9:07:46:86:5d:b8:ee:09:5e:66:6c:60:94:7e:51:6c:32:70:
e6:d0:94:ab:fe:03:73:9a:4a:6a:b3:77:0d:66:61:c8:c3:e1:
3d:ba:84:c5:fe:77:0f:6d:05:aa:5c:fc:e7:78:16:6a:80:64:
6f:93:47:0c:ee:5a:ac:7f:9a:8c:6d:bb:b8:34:a2:0b:eb:13:
ae:5d:48:8b:03:b3:ac:7e:62:c4:3e:ac:f1:6f:5b:dd:fb:24:
c8:e8:17:18:a4:0f:d5:0c:9c:59:eb:9c:31:4b:53:8a:3a:0e:
08:82:d3:58:6d:7c:98:cc:8d:71:b7:b4:8f:a8:1b:3e:e0:44:
e6:f0:ea:76:23:2b:a2:2a:53:90:53:6a:1d:78:c6:8d:f1:68:
86:fc:4b:83:20:85:af:4d:78:b3:e4:da:e2:0d:cc:c9:54:f2:
73:b9:88:c9:b4:a1:6c:b0:3c:31:a9:c4:e9:a7:52:fa:5c:9f:
db:ef:5e:9f:fe:ee:30:63:92:0c:20:67:e4:4c:40:15:66:cb:
8d:05:24:20:b4:53:e1:e2:85:97:7c:a1:d9:82:a3:54:47:35:
83:04:e3:23:e7:fb:87:a0:39:9b:6a:a7:e4:a8:27:b6:49:ee:
d7:ef:72:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrttL4LrPwT/FK5bSt41lAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMDAwNTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjY1ZDc5ODUxMjQzMjYxMjQ4NTliODk1OGMzZmUzNWE1ZTI2ODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8sOPXkswk4ckmCpFOgMV2jTmGn0
BU7AnluH5nWZXooVT/rniSJ/umOl5Fwcf02qP57bR1OS2gC4Z3JLULjeX0CIE5n1
ebLWMawlBlj8gGOuKe3o8ZLIT4r1JfU4iUndl37qeAWLrK0C+0zh4//LahVB0JQb
ZmmE3NLT1bDVnCWkvPzgtPwYkiEpf+waFQMlo6xCaGuKQ70HnHqljDQbA4snuF+R
qvqxMKpxn2rIxtZHweA0gLnYgy0HvRNZoLPPeVXxl7KB/Odsbe11/Taa8Id7T6h4
aCrbPH7imakJ7XMu5CPFhmx93QRaNHJh/EX+KHBD0wqzUbZSYJYiRVuOXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHZl15hRJDJhJIWbiVjD/jWl4mgvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZG1YWG1GRWtNbUVraFp1SldNUC1OYVhpYUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFh5d3bgQEuF8+i4IFIr
bpKkD/kHRoZduO4JXmZsYJR+UWwycObQlKv+A3OaSmqzdw1mYcjD4T26hMX+dw9t
Bapc/Od4FmqAZG+TRwzuWqx/moxtu7g0ogvrE65dSIsDs6x+YsQ+rPFvW937JMjo
FxikD9UMnFnrnDFLU4o6DgiC01htfJjMjXG3tI+oGz7gRObw6nYjK6IqU5BTah14
xo3xaIb8S4Mgha9NeLPk2uINzMlU8nO5iMm0oWywPDGpxOmnUvpcn9vvXp/+7jBj
kgwgZ+RMQBVmy40FJCC0U+HihZd8odmCo1RHNYME4yPn+4egOZtqp+SoJ7ZJ7tfv
cnk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:54:27 2025 by rpki-client