Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3d_NKAPKaiK0aQY-4-IQJ6nJkXU.roa
File: 3d_NKAPKaiK0aQY-4-IQJ6nJkXU.roa (raw, json)
Hash identifier: POBzt/exCJHv5zVDzSvAbmMjmYJhpZpba8CwGgvyJKw=
Subject key identifier: DD:DF:CD:28:03:CA:6A:22:B4:69:06:3E:E3:E2:10:27:A9:C9:91:75
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7961DF7B24C7A16C5C7B9E11BE0EBE6F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3d_NKAPKaiK0aQY-4-IQJ6nJkXU.roa
Signing time: Sun 17 Dec 2023 20:05:06 +0000
ROA not before: Sun 17 Dec 2023 20:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:7960:f38d/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:79:61:df:7b:24:c7:a1:6c:5c:7b:9e:11:be:0e:be:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 20:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dddfcd2803ca6a22b469063ee3e21027a9c99175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ca:96:6c:24:45:10:4c:8b:8f:ec:e8:7a:70:
5a:ae:c0:2c:1c:ed:90:6d:b0:e6:58:95:95:37:0c:
67:df:c3:7c:97:68:73:16:78:6d:88:46:8c:7f:2c:
51:03:c2:7e:e3:80:b7:22:47:b7:7d:42:64:ab:65:
89:73:49:49:87:46:0b:9f:c4:93:38:d7:be:e1:a5:
d6:83:1e:d8:ca:fd:c0:0c:e6:56:fc:34:00:bf:dc:
0f:7b:87:69:67:fe:ba:ac:7a:eb:aa:42:e6:f1:59:
7a:65:96:0f:17:90:28:c5:c1:fe:db:80:15:c6:a5:
5a:5a:62:8d:92:b8:fd:90:18:c6:e3:8a:40:e0:b9:
b9:3e:1b:ea:85:71:3d:dd:54:b4:a0:5e:db:8e:00:
e8:90:94:d0:4a:5d:27:63:50:d6:c7:86:da:e4:86:
93:52:a5:ce:aa:17:1c:d0:95:88:f2:ed:df:04:8c:
ea:2b:ed:92:5c:13:d5:29:7b:ee:f4:a7:c0:9e:c1:
ab:4e:05:1a:86:2f:05:d4:4e:28:65:e4:90:49:33:
57:f9:c9:0d:c6:af:36:b6:d4:86:16:b2:cf:ea:f2:
e5:00:1d:35:ce:7a:ba:f8:1d:46:6e:60:b7:db:55:
81:13:d1:3d:65:b8:f0:09:3b:9f:1e:77:fa:19:cd:
36:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DF:CD:28:03:CA:6A:22:B4:69:06:3E:E3:E2:10:27:A9:C9:91:75
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3d_NKAPKaiK0aQY-4-IQJ6nJkXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:0d:6f:24:7e:d7:2b:8a:cb:68:da:54:43:36:09:2b:07:a5:
47:88:9d:59:5e:40:05:53:a1:d9:89:80:a4:b5:e5:36:ba:c7:
06:d8:61:d4:91:3d:13:67:21:51:de:e8:0c:da:e1:d4:bd:c8:
a8:19:43:6b:ed:aa:c7:45:4e:30:3e:12:82:b4:a8:01:4c:55:
4f:74:0b:42:b8:0d:a3:47:b5:eb:38:6e:22:88:31:1b:0e:87:
b9:e4:73:3c:33:75:82:e4:3b:a6:3a:00:ff:c1:de:23:8e:76:
f2:13:11:27:2e:7e:de:2b:ae:7d:66:38:ae:eb:8f:64:72:e7:
87:04:cf:e9:27:10:c5:4d:49:53:e6:24:ab:0b:94:3a:b3:72:
52:2f:a2:4f:46:59:b6:2e:4a:87:a0:ae:fe:6d:db:75:d6:51:
ea:65:4b:de:63:4b:6f:ab:88:7a:64:a3:90:e9:37:4b:7a:1a:
be:33:8c:d2:4d:0d:ca:b3:2d:5e:b9:b9:bb:53:44:5b:ab:1e:
92:dc:2a:7e:d3:1b:2e:70:26:f6:3c:c0:9a:73:bb:82:6a:1a:
12:31:20:9b:09:bc:76:19:76:0d:40:3b:4c:11:8c:f6:19:c0:
44:18:5d:ae:5d:a9:72:e7:08:b4:f3:41:22:2d:65:eb:8a:b2:
d3:c0:37:a0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx5Yd97JMehbFx7nhG+Dr5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MjAwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGRmY2QyODAzY2E2YTIyYjQ2OTA2M2VlM2UyMTAyN2E5Yzk5MTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocqWbCRFEEyLj+zoenBarsAsHO2Q
bbDmWJWVNwxn38N8l2hzFnhtiEaMfyxRA8J+44C3Ike3fUJkq2WJc0lJh0YLn8ST
ONe+4aXWgx7Yyv3ADOZW/DQAv9wPe4dpZ/66rHrrqkLm8Vl6ZZYPF5AoxcH+24AV
xqVaWmKNkrj9kBjG44pA4Lm5PhvqhXE93VS0oF7bjgDokJTQSl0nY1DWx4ba5IaT
UqXOqhcc0JWI8u3fBIzqK+2SXBPVKXvu9KfAnsGrTgUahi8F1E4oZeSQSTNX+ckN
xq82ttSGFrLP6vLlAB01znq6+B1GbmC321WBE9E9ZbjwCTufHnf6Gc020QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN3fzSgDymoitGkGPuPiECepyZF1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM2RfTktBUEthaUswYVFZLTQtSVFKNm5Ka1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJoNbyR+1yuKy2jaVEM2
CSsHpUeInVleQAVTodmJgKS15Ta6xwbYYdSRPRNnIVHe6Aza4dS9yKgZQ2vtqsdF
TjA+EoK0qAFMVU90C0K4DaNHtes4biKIMRsOh7nkczwzdYLkO6Y6AP/B3iOOdvIT
EScuft4rrn1mOK7rj2Ry54cEz+knEMVNSVPmJKsLlDqzclIvok9GWbYuSoegrv5t
23XWUeplS95jS2+riHpko5DpN0t6Gr4zjNJNDcqzLV65ubtTRFurHpLcKn7TGy5w
JvY8wJpzu4JqGhIxIJsJvHYZdg1AO0wRjPYZwEQYXa5dqXLnCLTzQSItZeuKstPA
N6A=
-----END CERTIFICATE-----
Generated at Mon May 12 18:54:19 2025 by rpki-client