Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3vh1vucEProa73uv5Y10VMPRTyA.roa
File: 3vh1vucEProa73uv5Y10VMPRTyA.roa (raw, json)
Hash identifier: 5J9tjAPo/Bff63FRkjBJ1mdVHTwoxZhJLySFzXygW04=
Subject key identifier: DE:F8:75:BE:E7:04:3E:BA:1A:EF:7B:AF:E5:8D:74:54:C3:D1:4F:20
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADAD9959E766CCFAD0208E74183C2AF88
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3vh1vucEProa73uv5Y10VMPRTyA.roa
Signing time: Thu 28 Sep 2023 08:13:27 +0000
ROA not before: Thu 28 Sep 2023 08:13:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:da:d9:95:9e:76:6c:cf:ad:02:08:e7:41:83:c2:af:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 08:13:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=def875bee7043eba1aef7bafe58d7454c3d14f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a0:d2:21:05:4d:cd:f4:dd:da:78:40:7d:51:
df:69:47:43:46:21:fb:09:c0:c4:61:c6:e0:b6:c3:
c7:d8:ea:d5:ce:15:68:85:e5:8c:69:76:f2:c1:e1:
cd:ce:6a:33:1e:db:64:05:25:56:ee:b2:16:18:f9:
ec:1e:18:f6:09:9a:70:90:7d:28:92:ec:9b:1f:68:
da:1a:e1:73:11:ad:d5:5c:13:6b:c8:6c:5b:8e:1b:
dc:cf:c0:40:fd:0f:89:77:f4:ee:7b:be:39:9d:66:
3c:29:aa:fd:8f:c1:85:2f:6d:50:e0:59:d7:47:b7:
5c:8f:9e:a9:fe:40:2a:01:04:cb:ff:ad:41:3e:37:
0c:84:40:d7:06:28:61:9b:0a:24:72:e9:66:31:b4:
d9:c5:ef:96:f7:3d:dc:f7:92:b0:0a:1b:b9:ac:e0:
8d:30:1e:69:a0:29:fd:c6:74:86:1a:16:bc:f9:3e:
cf:65:8f:e6:7a:e0:b8:80:c5:dc:53:af:78:d9:4e:
5b:7b:23:9d:2f:74:f5:65:fd:5b:ad:af:b9:72:ff:
2a:f5:68:71:e1:1d:2f:ea:9d:00:ec:2b:73:3b:49:
e4:e7:34:10:c0:ff:d8:23:14:07:53:dd:80:fd:93:
92:c9:bd:1a:93:ee:6c:af:bc:4b:2a:e7:a8:08:1c:
a4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F8:75:BE:E7:04:3E:BA:1A:EF:7B:AF:E5:8D:74:54:C3:D1:4F:20
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/3vh1vucEProa73uv5Y10VMPRTyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4e:ea:85:33:18:80:95:c2:27:3f:88:8b:a0:b1:72:18:a1:2d:
9f:22:7f:b5:bd:62:f2:a9:80:37:f9:c3:16:c3:41:4c:e0:81:
09:b0:33:1b:e0:66:c1:de:04:2a:05:02:c6:df:b9:a6:7b:ff:
27:c5:1d:2c:35:1c:e5:d4:1e:39:88:1e:a4:c9:31:d8:c2:d9:
1d:2b:9c:6f:67:22:c3:4d:af:ab:3e:07:91:75:de:b5:fd:81:
a5:86:8c:bc:41:9d:7a:04:85:bf:0e:98:26:e0:68:67:e4:5a:
fd:c4:79:23:a7:cd:52:0d:a1:23:63:21:8a:6a:dd:34:e1:db:
c1:0c:c4:46:01:19:05:f2:80:3b:7d:6b:5b:95:2f:94:8e:a3:
fd:71:71:b5:86:5c:ba:ae:06:de:cf:78:ef:8b:e2:23:b2:d1:
c4:bb:d0:3b:d4:19:3b:78:aa:3c:d7:3d:d1:4a:d9:2a:3b:40:
f3:27:b0:04:42:98:2f:70:cb:7b:a3:23:10:f2:2b:37:d3:1c:
9e:95:bc:7f:db:53:a3:8a:a5:61:d9:67:e7:ed:d2:73:dc:20:
3e:ec:61:ae:5d:c3:93:05:19:0e:74:fe:de:e8:d0:91:9a:ed:
5f:83:22:9e:d5:65:62:d6:05:10:d2:25:ea:89:84:a0:22:ce:
dc:1e:93:06
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYra2ZWedmzPrQII50GDwq+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MDgxMzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY4NzViZWU3MDQzZWJhMWFlZjdiYWZlNThkNzQ1NGMzZDE0ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqDSIQVNzfTd2nhAfVHfaUdDRiH7
CcDEYcbgtsPH2OrVzhVoheWMaXbyweHNzmozHttkBSVW7rIWGPnsHhj2CZpwkH0o
kuybH2jaGuFzEa3VXBNryGxbjhvcz8BA/Q+Jd/Tue745nWY8Kar9j8GFL21Q4FnX
R7dcj56p/kAqAQTL/61BPjcMhEDXBihhmwokculmMbTZxe+W9z3c95KwChu5rOCN
MB5poCn9xnSGGha8+T7PZY/meuC4gMXcU6942U5beyOdL3T1Zf1bra+5cv8q9Whx
4R0v6p0A7CtzO0nk5zQQwP/YIxQHU92A/ZOSyb0ak+5sr7xLKueoCBykiwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN74db7nBD66Gu97r+WNdFTD0U8gMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvM3ZoMXZ1Y0VQcm9hNzN1djVZMTBWTVBSVHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE7qhTMYgJXCJz+Ii6Cx
chihLZ8if7W9YvKpgDf5wxbDQUzggQmwMxvgZsHeBCoFAsbfuaZ7/yfFHSw1HOXU
HjmIHqTJMdjC2R0rnG9nIsNNr6s+B5F13rX9gaWGjLxBnXoEhb8OmCbgaGfkWv3E
eSOnzVINoSNjIYpq3TTh28EMxEYBGQXygDt9a1uVL5SOo/1xcbWGXLquBt7PeO+L
4iOy0cS70DvUGTt4qjzXPdFK2So7QPMnsARCmC9wy3ujIxDyKzfTHJ6VvH/bU6OK
pWHZZ+ft0nPcID7sYa5dw5MFGQ50/t7o0JGa7V+DIp7VZWLWBRDSJeqJhKAiztwe
kwY=
-----END CERTIFICATE-----
Generated at Sat May 10 11:30:17 2025 by rpki-client