Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/do3BS5tTsdJ5jEfC9DYCQriE8UI.roa
File: do3BS5tTsdJ5jEfC9DYCQriE8UI.roa (raw, json)
Hash identifier: HKE3RIAfrhH4tPxl02S5XOfG4BQ29vhR+5EKFGLBb5U=
Subject key identifier: 76:8D:C1:4B:9B:53:B1:D2:79:8C:47:C2:F4:36:02:42:B8:84:F1:42
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3EA07F619C583226AAD3831B5E23067A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/do3BS5tTsdJ5jEfC9DYCQriE8UI.roa
Signing time: Wed 06 Dec 2023 10:15:54 +0000
ROA not before: Wed 06 Dec 2023 10:15:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3e:a0:7f:61:9c:58:32:26:aa:d3:83:1b:5e:23:06:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 10:15:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=768dc14b9b53b1d2798c47c2f4360242b884f142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:56:db:c8:91:58:66:94:3a:59:db:31:f9:ff:
5d:29:1d:21:7e:22:21:55:d7:1f:9e:b2:66:66:7c:
c7:eb:4d:25:66:bb:8a:1e:6e:5f:9c:40:c0:c1:af:
50:1f:fb:79:14:df:f8:3c:8f:0d:6d:8b:65:31:b4:
f8:14:87:d3:70:45:28:89:eb:82:17:c4:8f:69:b9:
4d:bf:17:b9:a8:8d:bb:75:78:e1:13:99:73:b6:d6:
3f:c7:38:8c:2a:00:ab:4e:80:4f:89:8d:ff:1b:11:
cb:30:72:07:17:db:22:48:37:33:d2:7f:36:d9:be:
0d:3c:74:9b:25:4c:d1:35:d5:bf:b7:a6:bf:51:79:
34:0f:52:ab:09:b5:1b:8a:a3:aa:d9:db:7b:70:c6:
9b:c5:e1:78:e0:b7:ef:1c:1b:68:30:28:3a:1a:47:
d3:33:8b:98:5e:0d:37:6b:cf:01:e1:e9:8e:a7:ee:
13:4f:51:6a:10:2a:46:2b:9a:21:41:3a:d1:10:87:
2e:a1:bc:68:88:c4:c1:85:0a:15:c8:52:ab:23:68:
20:d4:67:bc:ed:60:e7:be:3e:91:7b:83:bb:34:aa:
cd:a7:16:50:13:b2:db:06:30:79:db:ee:31:06:ce:
e1:b3:6e:fe:82:20:7a:03:99:13:63:80:09:da:6c:
05:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8D:C1:4B:9B:53:B1:D2:79:8C:47:C2:F4:36:02:42:B8:84:F1:42
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/do3BS5tTsdJ5jEfC9DYCQriE8UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:40:b2:c9:5d:6b:0d:37:5d:36:65:0d:ab:9a:57:5a:5e:a0:
e6:0d:c9:2a:14:2f:5d:f0:4e:40:f5:b4:45:c1:74:ab:ef:6b:
26:d7:2b:b2:74:3a:86:c2:3d:fd:f2:9f:44:95:a1:77:5b:68:
f8:1e:65:87:19:c9:20:45:7a:98:7d:81:bb:4a:6a:39:4f:01:
3d:22:0a:c6:f2:ca:01:da:35:6c:7e:e3:6d:5c:ab:46:e0:22:
94:ff:aa:3d:fa:a2:3b:87:db:ed:70:ff:e1:c3:ea:61:59:6a:
e6:3c:4f:f8:d8:a4:07:6f:01:c7:22:40:20:b4:c2:28:2e:cd:
26:fc:ed:64:b6:d4:ac:d6:9d:fb:08:30:a6:96:dd:98:39:57:
de:da:40:e4:4e:61:17:e3:39:36:42:3d:16:9e:db:7d:e6:38:
de:9d:89:38:cd:1c:81:69:39:4b:66:21:b3:32:df:f9:5b:5d:
ab:e3:30:e8:0b:ed:eb:34:37:be:ea:92:d5:98:ce:69:50:b9:
e9:e0:c3:3a:7b:87:0e:58:da:92:09:08:3a:10:9b:ba:11:87:
63:fa:63:2f:e4:d9:c1:58:bc:ee:cf:f9:3b:1c:19:1b:d3:bc:
f6:6b:81:f8:c4:1e:e8:d1:77:bf:9a:b2:60:50:dd:69:0a:0c:
22:0e:89:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw+oH9hnFgyJqrTgxteIwZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MTAxNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhkYzE0YjliNTNiMWQyNzk4YzQ3YzJmNDM2MDI0MmI4ODRmMTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslbbyJFYZpQ6Wdsx+f9dKR0hfiIh
VdcfnrJmZnzH600lZruKHm5fnEDAwa9QH/t5FN/4PI8NbYtlMbT4FIfTcEUoieuC
F8SPablNvxe5qI27dXjhE5lzttY/xziMKgCrToBPiY3/GxHLMHIHF9siSDcz0n82
2b4NPHSbJUzRNdW/t6a/UXk0D1KrCbUbiqOq2dt7cMabxeF44LfvHBtoMCg6GkfT
M4uYXg03a88B4emOp+4TT1FqECpGK5ohQTrREIcuobxoiMTBhQoVyFKrI2gg1Ge8
7WDnvj6Re4O7NKrNpxZQE7LbBjB52+4xBs7hs27+giB6A5kTY4AJ2mwFqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHaNwUubU7HSeYxHwvQ2AkK4hPFCMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZG8zQlM1dFRzZEo1akVmQzlEWUNRcmlFOFVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJNAssldaw03XTZlDaua
V1peoOYNySoUL13wTkD1tEXBdKvvaybXK7J0OobCPf3yn0SVoXdbaPgeZYcZySBF
eph9gbtKajlPAT0iCsbyygHaNWx+421cq0bgIpT/qj36ojuH2+1w/+HD6mFZauY8
T/jYpAdvAcciQCC0wiguzSb87WS21KzWnfsIMKaW3Zg5V97aQOROYRfjOTZCPRae
233mON6diTjNHIFpOUtmIbMy3/lbXavjMOgL7es0N77qktWYzmlQuengwzp7hw5Y
2pIJCDoQm7oRh2P6Yy/k2cFYvO7P+TscGRvTvPZrgfjEHujRd7+asmBQ3WkKDCIO
ib4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:30:18 2025 by rpki-client