Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dz9cGD92TaCpL1sY-X_fmkqQRhQ.roa
File: dz9cGD92TaCpL1sY-X_fmkqQRhQ.roa (raw, json)
Hash identifier: Xa/dVvMGtdwm1rnl9IYusFe0HP00TpUNMsKUC7G8oO4=
Subject key identifier: 77:3F:5C:18:3F:76:4D:A0:A9:2F:5B:18:F9:7F:DF:9A:4A:90:46:14
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8B07F32BF09599CCE243E1BA52421CAF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dz9cGD92TaCpL1sY-X_fmkqQRhQ.roa
Signing time: Wed 01 Nov 2023 13:17:15 +0000
ROA not before: Wed 01 Nov 2023 13:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8b:07:f3:2b:f0:95:99:cc:e2:43:e1:ba:52:42:1c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 1 13:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=773f5c183f764da0a92f5b18f97fdf9a4a904614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3b:33:43:64:2b:06:e0:b1:56:12:70:36:c0:
48:35:45:d4:cd:93:ef:7f:85:91:dd:5f:5b:fe:d1:
3c:5f:e6:b8:4d:b1:ed:54:d2:9e:ba:ca:02:04:99:
01:66:66:11:ee:1c:b9:a0:84:7d:9e:14:55:e1:b0:
fd:8e:33:75:de:c1:4d:33:97:a1:b4:f2:ad:77:20:
01:19:e2:03:e6:75:56:4c:16:ef:88:1c:74:0f:d0:
5e:d3:2f:7a:b6:14:1b:aa:a3:70:f0:4e:d9:6b:ca:
cc:0c:aa:56:e3:53:3a:4b:2f:92:bc:de:01:22:33:
db:0c:7f:c5:3a:12:8b:c2:b6:d7:23:7e:1f:0d:bf:
ad:45:12:93:de:ce:ad:eb:a9:c5:fd:2b:56:7c:65:
48:09:ef:7f:b2:a2:66:0b:e7:da:30:51:92:e2:7b:
3e:c8:6a:24:1a:a7:d9:dd:87:47:3d:3f:e0:ec:c1:
26:5a:1b:d4:32:1b:32:9c:b4:ca:c7:be:51:39:83:
2a:94:66:2a:54:23:31:66:20:eb:85:f0:33:c8:fb:
5a:be:9e:60:b0:32:31:3f:6e:2d:94:80:44:88:68:
25:80:15:dd:32:e4:2f:56:e7:51:2a:1f:e0:bb:2d:
a4:89:26:3c:e7:d9:75:d1:42:e5:7f:d5:07:49:37:
eb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3F:5C:18:3F:76:4D:A0:A9:2F:5B:18:F9:7F:DF:9A:4A:90:46:14
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dz9cGD92TaCpL1sY-X_fmkqQRhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:cc:40:29:c1:14:77:96:aa:86:36:22:d2:cd:af:cb:46:e5:
00:35:5e:c2:69:d7:14:f3:2a:81:37:27:0d:40:b5:0b:de:15:
07:d0:73:1c:be:4c:e0:dc:10:76:d4:97:3f:62:dd:2c:07:6b:
65:58:3a:fc:05:50:96:93:3b:54:23:6a:dc:ff:3f:3f:ae:75:
ac:b0:cc:97:c8:cc:35:6d:47:f5:0f:ee:3a:35:49:0f:2a:64:
f4:e5:cb:1f:40:c6:76:a7:f4:5d:22:dc:85:41:25:05:7a:de:
fe:66:c3:a6:26:f0:7d:37:d3:63:b8:70:0e:7a:bc:56:65:54:
de:be:a3:71:ea:30:8b:85:14:27:03:16:7e:ba:26:20:7e:af:
81:1a:7b:8c:c0:da:69:89:35:3c:37:e8:2a:5c:9f:22:e7:d9:
1e:6a:ac:75:86:df:5f:98:65:da:19:43:c1:22:f2:9d:c4:18:
6e:a0:58:27:a3:34:9a:d4:89:33:92:c5:b3:c2:cb:b0:63:a4:
9c:3e:95:2b:cc:c2:26:8b:25:3c:32:aa:55:f0:61:24:42:a7:
de:f1:d0:27:93:43:d1:4a:49:31:0a:9c:7b:f0:84:f2:03:d1:
dd:88:6c:1f:c4:3c:82:ee:54:4d:0f:37:a4:18:4f:2d:39:c3:
6d:0e:24:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuLB/Mr8JWZzOJD4bpSQhyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAxMTMxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzNmNWMxODNmNzY0ZGEwYTkyZjViMThmOTdmZGY5YTRhOTA0NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDszQ2QrBuCxVhJwNsBINUXUzZPv
f4WR3V9b/tE8X+a4TbHtVNKeusoCBJkBZmYR7hy5oIR9nhRV4bD9jjN13sFNM5eh
tPKtdyABGeID5nVWTBbviBx0D9Be0y96thQbqqNw8E7Za8rMDKpW41M6Sy+SvN4B
IjPbDH/FOhKLwrbXI34fDb+tRRKT3s6t66nF/StWfGVICe9/sqJmC+faMFGS4ns+
yGokGqfZ3YdHPT/g7MEmWhvUMhsynLTKx75ROYMqlGYqVCMxZiDrhfAzyPtavp5g
sDIxP24tlIBEiGglgBXdMuQvVudRKh/guy2kiSY859l10ULlf9UHSTfrEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHc/XBg/dk2gqS9bGPl/35pKkEYUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZHo5Y0dEOTJUYUNwTDFzWS1YX2Zta3FRUmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADHMQCnBFHeWqoY2ItLN
r8tG5QA1XsJp1xTzKoE3Jw1AtQveFQfQcxy+TODcEHbUlz9i3SwHa2VYOvwFUJaT
O1Qjatz/Pz+udaywzJfIzDVtR/UP7jo1SQ8qZPTlyx9Axnan9F0i3IVBJQV63v5m
w6Ym8H0302O4cA56vFZlVN6+o3HqMIuFFCcDFn66JiB+r4Eae4zA2mmJNTw36Cpc
nyLn2R5qrHWG31+YZdoZQ8Ei8p3EGG6gWCejNJrUiTOSxbPCy7BjpJw+lSvMwiaL
JTwyqlXwYSRCp97x0CeTQ9FKSTEKnHvwhPID0d2IbB/EPILuVE0PN6QYTy05w20O
JNI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:53:09 2025 by rpki-client