Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3Re3AOP95D1KOUVNKfn12MlsoYE.roa
File: 3Re3AOP95D1KOUVNKfn12MlsoYE.roa (raw, json)
Hash identifier: ov/6Y+HlDcfb2ixM4pZblkof9ZwMO/aAi4Cbg9pvI94=
Subject key identifier: DD:17:B7:00:E3:FD:E4:3D:4A:39:45:4D:29:F9:F5:D8:C9:6C:A1:81
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9660EC01B26EB85391F535A5294B9BCC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3Re3AOP95D1KOUVNKfn12MlsoYE.roa
Signing time: Fri 03 Nov 2023 18:10:16 +0000
ROA not before: Fri 03 Nov 2023 18:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:96:60:ec:01:b2:6e:b8:53:91:f5:35:a5:29:4b:9b:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 3 18:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd17b700e3fde43d4a39454d29f9f5d8c96ca181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:38:ee:1e:bf:0e:35:4b:b6:93:1e:05:f1:a5:
21:da:5e:38:cf:71:fe:c2:42:c1:1d:b0:3b:22:34:
6a:70:e2:1f:c7:79:af:b0:50:e5:e1:dd:f2:f0:a9:
93:00:70:07:b6:7e:be:a7:00:25:30:9c:82:ce:e3:
11:f3:90:05:36:b7:e0:92:e4:17:f5:4a:05:c6:bd:
05:c2:5f:51:02:65:74:5b:70:0c:ad:ee:99:58:a1:
7d:62:dc:3f:d1:9c:14:8e:70:6e:a5:20:ec:67:e5:
67:54:15:42:a1:b9:77:e6:33:cd:96:ce:dd:69:23:
f4:5e:05:66:ef:e2:0d:3f:53:7b:e1:91:83:87:f2:
e2:c0:d8:e8:96:aa:f1:55:95:fb:53:db:a1:f0:f0:
ad:88:ea:47:51:36:cb:90:20:15:9f:ec:e8:df:9e:
e0:5c:5f:5a:63:9c:7e:d1:c9:0d:a1:5b:9d:e3:be:
9d:fc:3a:8d:2c:64:6e:31:29:d2:3d:b3:2f:32:7d:
a5:d7:71:82:bc:30:77:32:ab:50:60:bd:b6:09:d9:
77:19:fe:19:7c:b9:79:3b:41:53:b2:a7:66:c6:13:
c2:05:0a:40:12:f2:38:04:64:58:f3:53:61:bf:5d:
41:2c:fc:09:3d:bc:2e:a4:9b:98:71:6d:0f:6d:7d:
c2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:17:B7:00:E3:FD:E4:3D:4A:39:45:4D:29:F9:F5:D8:C9:6C:A1:81
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3Re3AOP95D1KOUVNKfn12MlsoYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b7:76:85:16:7f:ea:93:d0:ac:7b:2b:c5:fb:94:82:ce:c7:fd:
ca:54:bd:24:42:55:2b:c6:09:a1:3d:68:a7:11:27:de:41:39:
fd:a3:c3:e5:86:c7:2d:48:e5:8a:f5:f5:9d:bb:cb:90:74:94:
0c:6b:6d:5a:10:87:4d:b0:0d:8f:76:4d:6f:90:d0:f5:76:8f:
12:7b:39:ac:f9:7c:b5:86:93:58:69:36:a7:2b:69:56:e0:55:
07:37:cc:65:de:12:5c:64:44:a7:0a:88:5f:71:30:7e:af:d1:
12:3a:b8:46:41:b5:18:f8:b5:13:a9:a1:4e:6c:c8:b5:16:62:
30:20:42:65:86:91:65:48:7b:d3:bf:44:65:f2:62:d2:f5:ec:
77:16:b0:ab:72:a1:53:3a:5f:a1:26:de:5b:2b:52:d4:0f:9d:
0b:4a:6e:94:56:b6:2a:92:4c:4f:64:65:0d:88:86:4d:60:b9:
46:d5:d8:22:c1:6e:4a:ac:b9:1c:87:0e:70:54:2b:b0:fd:32:
cd:a1:e3:55:42:12:4a:cb:22:25:51:23:d6:d1:72:25:5b:97:
88:31:c4:a8:18:b5:83:dc:d3:32:92:43:94:4f:c0:6b:e6:a8:
93:35:99:48:0e:3d:a5:91:0f:17:55:29:a2:93:e8:b7:5a:35:
91:82:43:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuWYOwBsm64U5H1NaUpS5vMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAzMTgxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDE3YjcwMGUzZmRlNDNkNGEzOTQ1NGQyOWY5ZjVkOGM5NmNhMTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTjuHr8ONUu2kx4F8aUh2l44z3H+
wkLBHbA7IjRqcOIfx3mvsFDl4d3y8KmTAHAHtn6+pwAlMJyCzuMR85AFNrfgkuQX
9UoFxr0Fwl9RAmV0W3AMre6ZWKF9Ytw/0ZwUjnBupSDsZ+VnVBVCobl35jPNls7d
aSP0XgVm7+INP1N74ZGDh/LiwNjolqrxVZX7U9uh8PCtiOpHUTbLkCAVn+zo357g
XF9aY5x+0ckNoVud476d/DqNLGRuMSnSPbMvMn2l13GCvDB3MqtQYL22Cdl3Gf4Z
fLl5O0FTsqdmxhPCBQpAEvI4BGRY81Nhv11BLPwJPbwupJuYcW0PbX3CjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN0XtwDj/eQ9SjlFTSn59djJbKGBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM1JlM0FPUDk1RDFLT1VWTktmbjEyTWxzb1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALd2hRZ/6pPQrHsrxfuU
gs7H/cpUvSRCVSvGCaE9aKcRJ95BOf2jw+WGxy1I5Yr19Z27y5B0lAxrbVoQh02w
DY92TW+Q0PV2jxJ7Oaz5fLWGk1hpNqcraVbgVQc3zGXeElxkRKcKiF9xMH6v0RI6
uEZBtRj4tROpoU5syLUWYjAgQmWGkWVIe9O/RGXyYtL17HcWsKtyoVM6X6Em3lsr
UtQPnQtKbpRWtiqSTE9kZQ2Ihk1guUbV2CLBbkqsuRyHDnBUK7D9Ms2h41VCEkrL
IiVRI9bRciVbl4gxxKgYtYPc0zKSQ5RPwGvmqJM1mUgOPaWRDxdVKaKT6LdaNZGC
Q8Q=
-----END CERTIFICATE-----
Generated at Sun May 11 16:35:00 2025 by rpki-client