Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D9DG8xvk2DZ0u2SqLNlJhSSg6Uw.roa
File: D9DG8xvk2DZ0u2SqLNlJhSSg6Uw.roa (raw, json)
Hash identifier: hMdA+jxjFw6qULgJWSfizoemSsVh4Y7Zw2SPU+YCDfc=
Subject key identifier: 0F:D0:C6:F3:1B:E4:D8:36:74:BB:64:AA:2C:D9:49:85:24:A0:E9:4C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF1FE55D0651BEC65526C80654588717F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D9DG8xvk2DZ0u2SqLNlJhSSg6Uw.roa
Signing time: Mon 02 Oct 2023 20:04:51 +0000
ROA not before: Mon 02 Oct 2023 20:04:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:f1fe:1f66/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:fe:55:d0:65:1b:ec:65:52:6c:80:65:45:88:71:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 2 20:04:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0fd0c6f31be4d83674bb64aa2cd9498524a0e94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f2:2c:38:c1:1b:dd:2d:ff:8f:a9:e6:33:70:
ca:95:47:38:c8:ab:07:76:aa:c2:4f:30:7a:fa:d5:
96:f8:64:c7:98:40:9f:90:d6:04:5c:55:20:01:0c:
21:52:e0:3d:f5:54:31:51:68:16:43:1c:1c:11:9f:
9a:13:38:93:17:03:87:e7:2c:57:c4:ca:9b:4f:58:
ec:c2:6a:1a:53:e0:36:54:48:86:72:8c:8b:02:51:
c4:cc:ae:3d:73:e8:f0:ca:2b:ee:29:8a:59:27:fa:
88:49:4c:92:10:6a:46:09:13:e4:ff:87:75:2f:f7:
50:dc:bd:ec:2f:42:2f:ce:c7:32:66:ce:bb:56:89:
7a:12:1d:c1:ba:8f:02:4c:b4:c7:98:f6:07:73:d9:
c1:b9:d6:18:e6:ad:ef:94:fc:60:59:9d:04:14:b5:
7a:4b:6b:11:ac:44:40:f8:4c:a6:48:ac:2a:7b:0a:
ae:0c:e5:1d:41:66:0a:05:ee:53:fd:aa:78:0b:3b:
fc:cf:e1:15:41:08:4d:a3:14:52:3e:11:c2:57:79:
9c:56:dd:94:fd:6d:a2:99:60:72:08:2e:dd:6d:cc:
60:8f:77:f7:f7:fa:7f:d1:db:7a:fc:53:79:bb:d9:
07:21:9d:41:68:d6:0f:cd:99:ea:6c:ce:39:2c:2d:
a4:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D0:C6:F3:1B:E4:D8:36:74:BB:64:AA:2C:D9:49:85:24:A0:E9:4C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/D9DG8xvk2DZ0u2SqLNlJhSSg6Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bd:a4:63:10:9e:53:56:8a:92:e2:40:a1:e2:2a:22:61:86:51:
2b:a2:c3:2a:ea:5e:79:4b:e1:e0:d9:d7:72:f9:22:c6:b8:ae:
d3:d6:75:56:b1:98:b1:e9:2d:a7:60:ee:06:d5:a1:96:4d:76:
e9:cd:08:7b:19:c1:5c:f1:e2:36:04:00:24:d6:e6:44:3f:68:
c9:11:64:bd:27:b1:38:b9:84:82:0f:a8:cd:d6:4a:b9:49:24:
3f:fb:2f:fd:aa:2e:82:08:b4:bb:9d:dd:ab:b2:b2:30:9f:db:
65:4d:fd:c1:f1:7c:0b:0e:41:f6:ef:fd:7b:18:b2:2f:47:86:
95:d9:35:47:f7:00:7f:f9:04:2a:f5:1a:66:7e:30:82:52:50:
fa:ee:20:9e:62:4b:52:4a:b0:98:4d:34:df:b4:b9:b5:f6:99:
79:85:a2:78:c5:a4:7c:75:ff:a1:6c:a0:42:93:44:2c:51:4b:
82:0e:b3:2d:2a:80:ba:34:fc:fa:f1:b0:3a:3e:8b:83:58:ac:
95:d3:07:39:d3:50:93:e5:bf:d5:ab:e8:12:63:e4:40:ad:b8:
47:93:09:35:f4:fd:3a:12:c3:26:f2:24:ad:cd:da:5a:c0:d4:
cd:cd:b1:0b:39:1c:c4:0b:4d:03:18:ce:30:08:20:54:5f:5d:
43:88:01:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrx/lXQZRvsZVJsgGVFiHF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAyMjAwNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmQwYzZmMzFiZTRkODM2NzRiYjY0YWEyY2Q5NDk4NTI0YTBlOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvIsOMEb3S3/j6nmM3DKlUc4yKsH
dqrCTzB6+tWW+GTHmECfkNYEXFUgAQwhUuA99VQxUWgWQxwcEZ+aEziTFwOH5yxX
xMqbT1jswmoaU+A2VEiGcoyLAlHEzK49c+jwyivuKYpZJ/qISUySEGpGCRPk/4d1
L/dQ3L3sL0IvzscyZs67Vol6Eh3Buo8CTLTHmPYHc9nBudYY5q3vlPxgWZ0EFLV6
S2sRrERA+EymSKwqewquDOUdQWYKBe5T/ap4Czv8z+EVQQhNoxRSPhHCV3mcVt2U
/W2imWByCC7dbcxgj3f39/p/0dt6/FN5u9kHIZ1BaNYPzZnqbM45LC2kxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA/QxvMb5Ng2dLtkqizZSYUkoOlMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRDlERzh4dmsyRFowdTJTcUxObEpoU1NnNlV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL2kYxCeU1aKkuJAoeIq
ImGGUSuiwyrqXnlL4eDZ13L5Isa4rtPWdVaxmLHpLadg7gbVoZZNdunNCHsZwVzx
4jYEACTW5kQ/aMkRZL0nsTi5hIIPqM3WSrlJJD/7L/2qLoIItLud3auysjCf22VN
/cHxfAsOQfbv/XsYsi9HhpXZNUf3AH/5BCr1GmZ+MIJSUPruIJ5iS1JKsJhNNN+0
ubX2mXmFonjFpHx1/6FsoEKTRCxRS4IOsy0qgLo0/PrxsDo+i4NYrJXTBznTUJPl
v9Wr6BJj5ECtuEeTCTX0/ToSwybyJK3N2lrA1M3NsQs5HMQLTQMYzjAIIFRfXUOI
Ad4=
-----END CERTIFICATE-----
Generated at Sun May 11 14:53:17 2025 by rpki-client