Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DdhWwVb1YwUtSLxKcFY9L4gZ2-g.roa
File: DdhWwVb1YwUtSLxKcFY9L4gZ2-g.roa (raw, json)
Hash identifier: teBXBni1XTSsamdoA/64sMxHQDXP1NMOR93NCeLfa9c=
Subject key identifier: 0D:D8:56:C1:56:F5:63:05:2D:48:BC:4A:70:56:3D:2F:88:19:DB:E8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE3A647D249D5B34978BADA65C7BBDA05
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DdhWwVb1YwUtSLxKcFY9L4gZ2-g.roa
Signing time: Sat 30 Sep 2023 01:13:59 +0000
ROA not before: Sat 30 Sep 2023 01:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e3:a6:47:d2:49:d5:b3:49:78:ba:da:65:c7:bb:da:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 01:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dd856c156f563052d48bc4a70563d2f8819dbe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fb:68:b3:bf:58:7f:8e:db:e4:5d:29:2d:df:
59:ce:16:ba:d4:ba:3d:d3:cd:60:6e:a6:59:2a:34:
c8:2d:d9:8e:e6:35:62:54:dc:fb:bb:b4:cf:8a:db:
e8:69:66:bd:76:34:93:21:83:f5:06:8a:ee:b3:6d:
01:3d:34:d0:19:2b:e9:8e:85:f2:e1:30:5a:a4:6d:
9f:88:24:d1:3a:bc:90:53:59:64:2d:ab:95:78:2f:
bd:ca:ce:f2:24:c3:5b:e3:1d:17:21:ed:eb:09:4a:
9a:31:f5:39:e4:34:1b:ab:93:40:d4:94:36:c6:82:
08:c8:48:31:cc:77:e2:8e:a0:2f:16:8d:eb:b4:44:
4f:c4:73:0f:4a:6d:9b:be:d0:ff:9a:f9:5d:00:f4:
b5:5d:a2:62:c0:b4:3e:d2:18:d4:64:e3:ed:e3:a7:
7b:0b:8b:de:2f:b6:0c:6d:54:a1:08:a0:be:e2:3d:
75:ef:3b:fc:11:ad:ae:df:07:0e:ee:44:46:78:5c:
4f:d3:ac:a7:96:3a:6e:c0:d9:83:73:48:45:85:4c:
a1:1f:c2:c1:63:17:0a:e6:ad:c8:d5:c3:72:47:5e:
18:24:5f:e2:b8:e5:ca:9a:2f:a6:6e:c1:4e:a5:ea:
08:a2:55:52:8a:b6:78:2f:f2:b6:c7:30:e6:13:89:
0f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D8:56:C1:56:F5:63:05:2D:48:BC:4A:70:56:3D:2F:88:19:DB:E8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DdhWwVb1YwUtSLxKcFY9L4gZ2-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:66:2c:84:cd:90:69:a6:80:ad:b3:2f:48:fb:77:b4:5c:3d:
d7:49:04:4d:50:74:fe:88:f0:ae:09:e7:25:0f:47:41:90:4e:
16:9f:4d:19:5e:a8:97:3b:51:ee:93:8e:be:4e:7f:e3:e6:a0:
54:ef:c8:0d:e2:ab:b7:5d:ab:a8:5d:33:ea:90:d5:e2:d9:b0:
f2:2c:b3:a8:e4:54:64:b6:bf:6c:51:b2:8d:7e:1e:73:d5:32:
4a:03:d3:03:c2:8d:a2:20:44:37:67:c9:c7:ee:2d:de:5d:77:
b8:e8:89:73:07:f6:f0:e2:51:8b:cf:f6:4d:d1:c3:f8:e3:e7:
cf:2f:93:5b:5a:6d:2e:8e:7d:87:c6:86:9c:c6:f4:98:8d:d4:
dc:99:4c:af:f2:f7:2a:c8:2f:49:72:06:91:de:05:00:b1:d3:
b9:1f:5f:64:41:3d:74:8e:18:50:a7:20:27:83:43:29:9a:b2:
35:cb:d5:34:35:88:3b:a1:58:c1:b0:14:74:ac:99:e4:99:a8:
a5:d3:82:7e:24:04:0f:f7:5b:1e:c5:72:6a:11:11:37:8f:af:
42:ca:74:e3:1e:ee:65:79:ca:ad:c3:44:9f:1f:65:66:68:1d:
e1:c6:65:8d:17:44:26:ae:66:16:21:d6:6c:03:02:58:be:51:
90:c0:c0:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrjpkfSSdWzSXi62mXHu9oFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMDExMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ4NTZjMTU2ZjU2MzA1MmQ0OGJjNGE3MDU2M2QyZjg4MTlkYmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvtos79Yf47b5F0pLd9Zzha61Lo9
081gbqZZKjTILdmO5jViVNz7u7TPitvoaWa9djSTIYP1Borus20BPTTQGSvpjoXy
4TBapG2fiCTROryQU1lkLauVeC+9ys7yJMNb4x0XIe3rCUqaMfU55DQbq5NA1JQ2
xoIIyEgxzHfijqAvFo3rtERPxHMPSm2bvtD/mvldAPS1XaJiwLQ+0hjUZOPt46d7
C4veL7YMbVShCKC+4j117zv8Ea2u3wcO7kRGeFxP06ynljpuwNmDc0hFhUyhH8LB
YxcK5q3I1cNyR14YJF/iuOXKmi+mbsFOpeoIolVSirZ4L/K2xzDmE4kPfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA3YVsFW9WMFLUi8SnBWPS+IGdvoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRGRoV3dWYjFZd1V0U0x4S2NGWTlMNGdaMi1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFdmLITNkGmmgK2zL0j7
d7RcPddJBE1QdP6I8K4J5yUPR0GQThafTRleqJc7Ue6Tjr5Of+PmoFTvyA3iq7dd
q6hdM+qQ1eLZsPIss6jkVGS2v2xRso1+HnPVMkoD0wPCjaIgRDdnycfuLd5dd7jo
iXMH9vDiUYvP9k3Rw/jj588vk1tabS6OfYfGhpzG9JiN1NyZTK/y9yrIL0lyBpHe
BQCx07kfX2RBPXSOGFCnICeDQymasjXL1TQ1iDuhWMGwFHSsmeSZqKXTgn4kBA/3
Wx7FcmoRETePr0LKdOMe7mV5yq3DRJ8fZWZoHeHGZY0XRCauZhYh1mwDAli+UZDA
wKI=
-----END CERTIFICATE-----
Generated at Sun May 11 12:26:58 2025 by rpki-client