Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3nDndu7zzTRPY5Zl2V6HgvSE-jE.roa
File: 3nDndu7zzTRPY5Zl2V6HgvSE-jE.roa (raw, json)
Hash identifier: zOJjt7wWNxghA93wV1DBewyU6qVvxM8wMwzOdB1bpLI=
Subject key identifier: DE:70:E7:76:EE:F3:CD:34:4F:63:96:65:D9:5E:87:82:F4:84:FA:31
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C11C746A4C5E170A03A9763874842C2C5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3nDndu7zzTRPY5Zl2V6HgvSE-jE.roa
Signing time: Mon 27 Nov 2023 17:15:21 +0000
ROA not before: Mon 27 Nov 2023 17:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:c7:46:a4:c5:e1:70:a0:3a:97:63:87:48:42:c2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 17:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de70e776eef3cd344f639665d95e8782f484fa31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:33:52:c4:b1:0b:81:82:9d:3f:90:c5:8b:1b:
f2:0f:44:e0:24:28:2d:1d:b4:ad:ae:a7:ad:bf:4f:
5a:27:c8:ba:1e:17:be:61:e2:cb:f4:57:a7:c9:7c:
33:9d:5e:c3:e2:79:97:b6:fd:e7:9c:ad:49:e2:1e:
3a:f7:2a:4e:c7:5b:dd:9b:b9:bf:11:4c:2c:29:db:
dc:ce:15:3a:7f:93:e2:47:8e:b2:78:ca:12:96:fc:
bd:2b:ea:7d:2b:0d:2a:ab:fb:95:0e:e0:03:34:5d:
0b:06:25:6d:f0:76:9b:b3:8d:d6:63:35:5c:b2:9a:
a8:8c:68:65:a0:38:c2:be:a9:85:72:d6:d0:57:94:
7e:6e:b7:78:72:9d:d1:d6:07:85:21:6b:67:cd:2c:
5a:87:b3:86:75:bc:20:0f:44:fd:63:0b:7b:44:17:
3b:16:29:b8:69:a3:ca:84:d9:8a:38:c3:ea:f9:9c:
d7:bb:3f:62:a7:16:3c:d4:7f:b5:ed:03:de:d1:39:
77:9f:88:b0:b1:5b:47:e8:20:6c:9b:e5:0f:8f:02:
dc:d6:9f:c7:67:50:8f:8f:b3:18:d7:b2:ac:27:d5:
a9:2e:94:a6:5c:86:ab:aa:18:6d:4f:94:f5:04:f5:
53:cb:12:21:03:f3:1f:d6:2a:60:72:56:92:11:e9:
c5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:70:E7:76:EE:F3:CD:34:4F:63:96:65:D9:5E:87:82:F4:84:FA:31
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3nDndu7zzTRPY5Zl2V6HgvSE-jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:0b:1f:f3:a1:90:58:26:df:0e:fc:a6:0f:f1:ce:cb:60:58:
88:0d:6e:5f:b5:24:51:3e:f2:3d:6b:43:89:4e:be:93:f7:f3:
bf:0f:2f:b8:57:36:c3:00:62:49:72:f0:22:9f:e0:5e:a6:61:
bb:68:4e:27:4c:1e:d2:74:51:cf:a4:2b:78:b3:39:95:0b:53:
4c:ab:0b:67:da:31:30:e3:b9:b3:4c:22:40:0f:7c:ec:83:5b:
c9:a4:9c:31:d8:a7:22:24:77:15:12:60:8d:bc:f1:96:c6:ec:
12:71:dc:fa:82:3e:a3:9c:a2:af:b6:79:8c:16:ca:8d:0a:ea:
89:ee:0b:d7:b3:3e:fa:cc:a5:89:ad:b8:79:49:77:21:88:7f:
7f:24:51:27:39:3c:7a:c9:c5:d7:0b:00:95:14:fd:f7:d0:8b:
c6:77:bd:64:d4:81:e1:d9:76:f1:4e:44:eb:e5:2f:4f:5b:c4:
23:2c:93:c6:08:c3:05:45:95:37:6f:c9:27:e4:89:6c:07:e9:
af:b5:95:66:f4:46:52:d0:8b:7a:c0:c9:d8:40:ad:51:2d:57:
ee:cc:66:ba:80:6f:42:38:82:57:83:ae:9f:ff:21:bc:28:50:
4a:74:c9:7d:86:6c:c7:93:3a:99:07:a6:d3:84:80:d1:dc:37:
90:bb:8c:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwRx0akxeFwoDqXY4dIQsLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MTcxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTcwZTc3NmVlZjNjZDM0NGY2Mzk2NjVkOTVlODc4MmY0ODRmYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzNSxLELgYKdP5DFixvyD0TgJCgt
HbStrqetv09aJ8i6Hhe+YeLL9FenyXwznV7D4nmXtv3nnK1J4h469ypOx1vdm7m/
EUwsKdvczhU6f5PiR46yeMoSlvy9K+p9Kw0qq/uVDuADNF0LBiVt8Habs43WYzVc
spqojGhloDjCvqmFctbQV5R+brd4cp3R1geFIWtnzSxah7OGdbwgD0T9Ywt7RBc7
Fim4aaPKhNmKOMPq+ZzXuz9ipxY81H+17QPe0Tl3n4iwsVtH6CBsm+UPjwLc1p/H
Z1CPj7MY17KsJ9WpLpSmXIarqhhtT5T1BPVTyxIhA/Mf1ipgclaSEenFdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN5w53bu8800T2OWZdleh4L0hPoxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM25EbmR1N3p6VFJQWTVabDJWNkhndlNFLWpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK0LH/OhkFgm3w78pg/x
zstgWIgNbl+1JFE+8j1rQ4lOvpP3878PL7hXNsMAYkly8CKf4F6mYbtoTidMHtJ0
Uc+kK3izOZULU0yrC2faMTDjubNMIkAPfOyDW8mknDHYpyIkdxUSYI288ZbG7BJx
3PqCPqOcoq+2eYwWyo0K6onuC9ezPvrMpYmtuHlJdyGIf38kUSc5PHrJxdcLAJUU
/ffQi8Z3vWTUgeHZdvFOROvlL09bxCMsk8YIwwVFlTdvySfkiWwH6a+1lWb0RlLQ
i3rAydhArVEtV+7MZrqAb0I4gleDrp//IbwoUEp0yX2GbMeTOpkHptOEgNHcN5C7
jK0=
-----END CERTIFICATE-----
Generated at Mon May 12 19:12:57 2025 by rpki-client