Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dokaqWI8Md2Do8I1hP6frYPM4NE.roa
File: dokaqWI8Md2Do8I1hP6frYPM4NE.roa (raw, json)
Hash identifier: KBpdkKZsPFQS07MY5JaHaJ/3pPf3PY4xXHp88QqQdow=
Subject key identifier: 76:89:1A:A9:62:3C:31:DD:83:A3:C2:35:84:FE:9F:AD:83:CC:E0:D1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABA75CDED3BA9597C6B0B8149C1411630
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dokaqWI8Md2Do8I1hP6frYPM4NE.roa
Signing time: Fri 22 Sep 2023 01:16:37 +0000
ROA not before: Fri 22 Sep 2023 01:16:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ba:75:cd:ed:3b:a9:59:7c:6b:0b:81:49:c1:41:16:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 01:16:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76891aa9623c31dd83a3c23584fe9fad83cce0d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:97:e2:d3:60:84:e9:f5:73:53:8f:73:9c:cd:
d9:91:aa:24:b4:0e:c9:fc:17:89:11:c4:23:61:15:
cc:65:4e:4b:03:51:47:63:b4:e8:f2:d3:4d:3c:eb:
a9:c6:d4:64:c9:64:d5:b3:53:ea:73:9e:8b:47:a3:
66:24:45:4a:eb:05:85:a0:25:ec:4c:db:34:3e:54:
c0:a2:04:d3:32:0f:40:5c:8e:fc:21:d5:a7:e5:ff:
dd:ad:30:92:89:80:39:e1:2e:10:92:79:ac:51:bf:
80:d5:8f:6e:cb:0d:a3:40:2b:c5:b9:8a:a0:b1:95:
7b:da:6f:fc:9a:47:23:58:bc:9d:5b:fb:21:fa:a1:
07:6a:12:5e:8b:e2:1e:8a:06:03:40:35:c6:29:5f:
40:34:3b:a3:f7:7f:f1:c6:62:2e:f8:f8:41:0b:23:
54:24:42:fb:76:21:2b:8c:e3:2f:26:68:c6:14:e9:
74:41:4d:48:ff:df:c3:72:39:b0:ee:d2:89:f7:d3:
0c:1e:22:80:a9:07:b8:10:94:7c:fa:d4:91:2c:f5:
e4:10:b5:60:8f:d2:75:6d:44:68:4e:64:ec:5f:c3:
10:33:77:e5:38:71:4b:f9:d0:ae:a4:cc:e2:9b:73:
31:a9:82:1d:5c:42:a8:70:04:95:90:bf:82:73:02:
5e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:89:1A:A9:62:3C:31:DD:83:A3:C2:35:84:FE:9F:AD:83:CC:E0:D1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dokaqWI8Md2Do8I1hP6frYPM4NE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ae:60:a7:da:36:fb:e6:19:9b:6c:b6:bc:81:fe:04:2b:29:8d:
0d:a2:d5:70:05:8c:05:46:f5:a6:1a:b2:2d:b4:4a:3b:d0:ce:
36:e4:84:5a:0c:43:96:85:77:fc:45:1b:96:06:74:52:15:76:
a8:9f:03:42:7b:96:ac:14:c0:1e:65:74:29:50:d2:bd:29:ef:
29:5a:1b:12:a9:69:55:a5:f2:bf:0b:9f:2e:0b:f2:93:00:1b:
c9:05:b0:a3:8e:b6:c5:58:c6:c0:90:a3:36:ee:44:a1:72:55:
17:c2:5b:34:f8:28:6b:a2:30:b7:21:5d:94:e4:b7:2c:cf:4d:
b7:f7:a8:84:5f:af:ac:25:14:09:d0:71:49:d6:74:cd:38:bf:
ee:83:88:de:47:43:07:e4:c4:c0:c5:93:d8:ed:0d:fd:34:d4:
c7:4b:be:7c:c5:f6:79:44:98:07:db:fd:12:81:34:1e:c6:19:
7f:3d:80:a1:04:58:01:f2:62:b5:5f:2e:07:ac:ce:8d:43:2d:
a2:63:a0:d3:66:f2:41:a3:fc:97:e0:2a:44:3e:1e:4a:14:e9:
93:35:c3:5e:c5:6c:b6:70:bf:88:c1:ab:2f:ca:e6:9d:0b:cc:
88:23:17:35:6d:8d:6a:42:7a:c7:cd:9b:57:15:7c:c0:2b:3e:
49:ba:85:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq6dc3tO6lZfGsLgUnBQRYwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMDExNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njg5MWFhOTYyM2MzMWRkODNhM2MyMzU4NGZlOWZhZDgzY2NlMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZfi02CE6fVzU49znM3ZkaoktA7J
/BeJEcQjYRXMZU5LA1FHY7To8tNNPOupxtRkyWTVs1Pqc56LR6NmJEVK6wWFoCXs
TNs0PlTAogTTMg9AXI78IdWn5f/drTCSiYA54S4QknmsUb+A1Y9uyw2jQCvFuYqg
sZV72m/8mkcjWLydW/sh+qEHahJei+IeigYDQDXGKV9ANDuj93/xxmIu+PhBCyNU
JEL7diErjOMvJmjGFOl0QU1I/9/Dcjmw7tKJ99MMHiKAqQe4EJR8+tSRLPXkELVg
j9J1bURoTmTsX8MQM3flOHFL+dCupMzim3MxqYIdXEKocASVkL+CcwJe7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHaJGqliPDHdg6PCNYT+n62DzODRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZG9rYXFXSThNZDJEbzhJMWhQNmZyWVBNNE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK5gp9o2++YZm2y2vIH+
BCspjQ2i1XAFjAVG9aYasi20SjvQzjbkhFoMQ5aFd/xFG5YGdFIVdqifA0J7lqwU
wB5ldClQ0r0p7ylaGxKpaVWl8r8Lny4L8pMAG8kFsKOOtsVYxsCQozbuRKFyVRfC
WzT4KGuiMLchXZTktyzPTbf3qIRfr6wlFAnQcUnWdM04v+6DiN5HQwfkxMDFk9jt
Df001MdLvnzF9nlEmAfb/RKBNB7GGX89gKEEWAHyYrVfLgeszo1DLaJjoNNm8kGj
/JfgKkQ+HkoU6ZM1w17FbLZwv4jBqy/K5p0LzIgjFzVtjWpCesfNm1cVfMArPkm6
hdw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:04:25 2025 by rpki-client