Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0xdMPt2_YFZK5B_QxqMbE-DSUbE.roa
File: 0xdMPt2_YFZK5B_QxqMbE-DSUbE.roa (raw, json)
Hash identifier: M/u5CjtDM5PaA+7Uo5zp0rM78e2X9Yv5+x2hRiO8uqY=
Subject key identifier: D3:17:4C:3E:DD:BF:60:56:4A:E4:1F:D0:C6:A3:1B:13:E0:D2:51:B1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3153B4F1A3F22F6646B0DA956A1D4ADE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0xdMPt2_YFZK5B_QxqMbE-DSUbE.roa
Signing time: Sun 03 Dec 2023 20:16:58 +0000
ROA not before: Sun 03 Dec 2023 20:16:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:31:53:b4:f1:a3:f2:2f:66:46:b0:da:95:6a:1d:4a:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 3 20:16:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3174c3eddbf60564ae41fd0c6a31b13e0d251b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:71:c1:47:6a:63:9d:38:c5:e5:0c:6d:8a:07:
05:31:6b:1a:ba:8c:f6:9e:cc:c7:be:48:d9:aa:69:
df:52:5b:23:e0:b0:b3:c1:ad:66:9c:b9:20:bc:74:
42:dd:71:12:f8:8b:d6:16:08:b4:4b:a0:16:71:0b:
85:c2:46:44:b3:04:69:6c:6e:70:72:a4:90:c4:e7:
b2:9d:ff:2c:58:7c:6c:98:fe:9e:0a:27:c2:c5:d1:
05:2e:90:7e:16:54:28:ea:52:05:40:8e:4d:68:13:
d2:6b:af:1b:ae:f1:02:7a:4f:29:05:80:1a:35:62:
67:33:4f:cc:b0:dd:92:db:62:6c:60:bd:17:42:74:
ba:db:73:d1:82:ca:80:43:39:41:4a:79:39:66:f5:
43:46:c9:94:04:8f:15:94:1a:5b:f8:0e:c7:49:ca:
3f:d0:96:7d:c5:25:59:76:86:23:c7:00:61:ba:7f:
69:46:53:08:ca:4c:ab:21:4d:81:f5:85:3e:85:07:
8c:41:0b:bf:54:db:94:38:1b:c8:b4:8c:69:66:07:
9e:8f:68:dc:0f:be:1e:bd:7a:88:06:27:51:dd:27:
99:9f:9c:e4:85:8f:85:73:93:89:86:94:4a:81:6f:
31:7c:ae:4b:47:0c:50:dc:64:97:e2:1e:91:ec:1c:
7c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:17:4C:3E:DD:BF:60:56:4A:E4:1F:D0:C6:A3:1B:13:E0:D2:51:B1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0xdMPt2_YFZK5B_QxqMbE-DSUbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
be:b3:9d:d2:a8:52:70:e7:ad:05:61:f2:10:bd:24:5b:b3:a5:
5f:ad:71:5a:e5:95:42:7f:2e:a2:11:5a:73:c3:fa:6a:e2:ef:
eb:ba:c1:3a:ae:5b:5d:01:16:d7:ba:5d:06:ca:eb:6e:63:ff:
e1:2c:b3:de:e6:50:1f:26:dc:4d:e2:db:88:22:c4:61:ee:f5:
34:bd:5e:cd:85:36:22:6c:c5:9e:98:12:09:a4:6f:99:cc:8e:
aa:e1:21:be:4c:cf:53:71:ae:bc:b6:d0:7c:16:3e:48:ae:01:
b9:5d:75:4d:1f:71:b1:ad:1a:3a:84:1d:2b:b1:66:7f:53:35:
4e:de:1a:a3:c1:77:1b:ba:aa:ce:37:70:56:18:e1:14:a2:55:
03:8a:47:4b:ac:d3:4c:61:a1:90:80:e5:bb:19:a8:6b:16:18:
d7:70:91:94:ea:f0:09:6c:62:25:99:29:b5:f8:53:60:83:7c:
41:f3:63:2c:ec:30:8f:f2:9c:88:8b:74:07:09:5a:3c:6d:9e:
ce:9e:94:f9:68:b8:92:d5:5b:26:cc:ba:90:c1:d5:6f:32:5c:
50:94:f3:56:f9:c1:b8:c1:20:37:95:75:fb:30:db:59:85:15:
d0:26:27:ff:1e:e4:01:da:70:ce:ad:fc:72:5b:63:ef:bd:a4:
4d:fb:04:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwxU7Txo/IvZkaw2pVqHUreMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAzMjAxNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzE3NGMzZWRkYmY2MDU2NGFlNDFmZDBjNmEzMWIxM2UwZDI1MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6nHBR2pjnTjF5QxtigcFMWsauoz2
nszHvkjZqmnfUlsj4LCzwa1mnLkgvHRC3XES+IvWFgi0S6AWcQuFwkZEswRpbG5w
cqSQxOeynf8sWHxsmP6eCifCxdEFLpB+FlQo6lIFQI5NaBPSa68brvECek8pBYAa
NWJnM0/MsN2S22JsYL0XQnS623PRgsqAQzlBSnk5ZvVDRsmUBI8VlBpb+A7HSco/
0JZ9xSVZdoYjxwBhun9pRlMIykyrIU2B9YU+hQeMQQu/VNuUOBvItIxpZgeej2jc
D74evXqIBidR3SeZn5zkhY+Fc5OJhpRKgW8xfK5LRwxQ3GSX4h6R7Bx8vwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMXTD7dv2BWSuQf0MajGxPg0lGxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMHhkTVB0Ml9ZRlpLNUJfUXhxTWJFLURTVWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL6zndKoUnDnrQVh8hC9
JFuzpV+tcVrllUJ/LqIRWnPD+mri7+u6wTquW10BFte6XQbK625j/+Ess97mUB8m
3E3i24gixGHu9TS9Xs2FNiJsxZ6YEgmkb5nMjqrhIb5Mz1Nxrry20HwWPkiuAbld
dU0fcbGtGjqEHSuxZn9TNU7eGqPBdxu6qs43cFYY4RSiVQOKR0us00xhoZCA5bsZ
qGsWGNdwkZTq8AlsYiWZKbX4U2CDfEHzYyzsMI/ynIiLdAcJWjxtns6elPlouJLV
WybMupDB1W8yXFCU81b5wbjBIDeVdfsw21mFFdAmJ/8e5AHacM6t/HJbY++9pE37
BH4=
-----END CERTIFICATE-----
Generated at Sat May 10 13:39:21 2025 by rpki-client