Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/duaK7QYk7fst-atTjUKNv3rnoJU.roa
File: duaK7QYk7fst-atTjUKNv3rnoJU.roa (raw, json)
Hash identifier: 32Ot/wARVQXS7kynA5Nztjpqni54hqK5ZL4oHFh21TE=
Subject key identifier: 76:E6:8A:ED:06:24:ED:FB:2D:F9:AB:53:8D:42:8D:BF:7A:E7:A0:95
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFB76BF5CFB52957FA3569251634C8183
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/duaK7QYk7fst-atTjUKNv3rnoJU.roa
Signing time: Wed 04 Oct 2023 16:12:58 +0000
ROA not before: Wed 04 Oct 2023 16:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:76:bf:5c:fb:52:95:7f:a3:56:92:51:63:4c:81:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 16:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76e68aed0624edfb2df9ab538d428dbf7ae7a095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e7:69:c7:71:81:8f:46:49:79:ca:a1:a9:6d:
77:c7:06:c8:77:ba:ca:5d:15:06:45:17:21:a3:3c:
36:9c:b0:2e:ac:46:84:5a:fa:e1:49:cd:4a:42:15:
b9:75:bd:74:11:ef:fe:fc:d5:a0:a1:94:25:66:3f:
94:46:6d:8b:43:6b:8e:a5:6a:ff:24:9a:e6:9b:b0:
ab:a6:3b:82:54:4c:7c:db:89:a9:10:54:f5:34:10:
e8:28:45:58:f5:16:c4:95:b8:9c:a8:3f:4f:67:f2:
58:d0:e6:67:bd:1a:79:d0:e1:2f:75:9b:39:8c:92:
54:92:29:a8:25:3d:26:75:08:a5:ef:7b:c9:28:fa:
61:d7:50:53:c4:ed:86:f6:31:53:cc:5e:cc:e2:08:
3e:e2:1e:a9:f9:de:0c:b4:5e:1a:7f:1f:38:c4:6a:
96:5c:de:77:a0:3f:a0:61:44:48:72:bd:20:74:4b:
b9:b9:46:94:6a:5b:aa:7a:79:7f:0a:ba:3a:5e:74:
2f:54:fe:7b:75:3e:a7:7a:12:b3:82:27:57:a7:e0:
58:25:15:87:17:b6:e2:b3:b2:41:f2:6a:f0:fc:90:
d3:40:f9:07:47:17:d3:f0:3f:38:76:b0:13:e8:ad:
1a:55:23:1f:e8:ea:ae:79:23:4c:6a:27:80:7d:5b:
d7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E6:8A:ED:06:24:ED:FB:2D:F9:AB:53:8D:42:8D:BF:7A:E7:A0:95
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/duaK7QYk7fst-atTjUKNv3rnoJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:8a:41:de:40:c7:1c:0c:cb:d8:6e:21:d2:0f:d2:b9:2e:a6:
3b:96:dd:81:96:8f:8a:93:18:94:b3:e9:ea:6c:39:db:7d:97:
7c:39:a1:7a:38:e1:11:11:0f:77:b5:1a:9e:56:e6:43:96:03:
b7:78:cf:f4:27:fa:5d:69:32:f7:44:7d:6a:a9:48:38:b5:03:
05:b0:27:88:ee:9e:f5:c9:92:35:8d:ff:bf:b2:80:ca:ec:2f:
28:02:90:cf:e0:89:b0:a8:8d:f6:f4:cd:05:7b:db:b2:a3:ad:
24:c6:73:5c:9f:b9:d8:26:d5:09:f1:c5:0a:aa:46:11:17:04:
50:90:17:e4:ad:1d:c9:de:61:87:b8:89:3b:63:43:a7:47:62:
f3:7d:08:09:69:fd:64:18:2c:a8:e2:b3:20:08:33:73:92:f6:
eb:9f:e2:e0:b1:f5:d5:f2:97:54:90:6c:e4:fc:58:44:d3:d2:
69:cc:e2:32:b1:db:cf:ff:d9:5c:48:4f:aa:d0:4a:01:e9:e3:
5f:e0:bd:47:a1:47:20:06:93:07:47:ba:83:b7:18:f1:c9:ea:
17:76:ad:4c:da:a9:56:94:b6:86:45:f5:b3:19:41:1e:3c:0c:
78:c3:f0:35:af:e4:c2:88:03:a5:0c:d8:29:86:13:7f:89:31:
9e:1a:20:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr7dr9c+1KVf6NWklFjTIGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MTYxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmU2OGFlZDA2MjRlZGZiMmRmOWFiNTM4ZDQyOGRiZjdhZTdhMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOdpx3GBj0ZJecqhqW13xwbId7rK
XRUGRRchozw2nLAurEaEWvrhSc1KQhW5db10Ee/+/NWgoZQlZj+URm2LQ2uOpWr/
JJrmm7CrpjuCVEx824mpEFT1NBDoKEVY9RbElbicqD9PZ/JY0OZnvRp50OEvdZs5
jJJUkimoJT0mdQil73vJKPph11BTxO2G9jFTzF7M4gg+4h6p+d4MtF4afx84xGqW
XN53oD+gYURIcr0gdEu5uUaUaluqenl/Cro6XnQvVP57dT6nehKzgidXp+BYJRWH
F7bis7JB8mrw/JDTQPkHRxfT8D84drAT6K0aVSMf6OqueSNMaieAfVvXGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHbmiu0GJO37LfmrU41Cjb9656CVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZHVhSzdRWWs3ZnN0LWF0VGpVS052M3Jub0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEeKQd5AxxwMy9huIdIP
0rkupjuW3YGWj4qTGJSz6epsOdt9l3w5oXo44RERD3e1Gp5W5kOWA7d4z/Qn+l1p
MvdEfWqpSDi1AwWwJ4junvXJkjWN/7+ygMrsLygCkM/gibCojfb0zQV727KjrSTG
c1yfudgm1QnxxQqqRhEXBFCQF+StHcneYYe4iTtjQ6dHYvN9CAlp/WQYLKjisyAI
M3OS9uuf4uCx9dXyl1SQbOT8WETT0mnM4jKx28//2VxIT6rQSgHp41/gvUehRyAG
kwdHuoO3GPHJ6hd2rUzaqVaUtoZF9bMZQR48DHjD8DWv5MKIA6UM2CmGE3+JMZ4a
ILE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:51:46 2025 by rpki-client