Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DnOiql9u8F3nt1jbFAvSWYBC8-8.roa
File: DnOiql9u8F3nt1jbFAvSWYBC8-8.roa (raw, json)
Hash identifier: CH56KXRFgtL2+SDNxpdPHDnG7DOW+StnCYtpWBZ1OaI=
Subject key identifier: 0E:73:A2:AA:5F:6E:F0:5D:E7:B7:58:DB:14:0B:D2:59:80:42:F3:EF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C07707CB2732AF0E25CE44EB2B9398B0D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DnOiql9u8F3nt1jbFAvSWYBC8-8.roa
Signing time: Sat 25 Nov 2023 17:04:21 +0000
ROA not before: Sat 25 Nov 2023 17:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:770:6425/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:07:70:7c:b2:73:2a:f0:e2:5c:e4:4e:b2:b9:39:8b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 25 17:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e73a2aa5f6ef05de7b758db140bd2598042f3ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c3:00:cc:f4:53:0a:4e:ee:61:a0:22:01:78:
72:29:80:6c:27:04:4e:20:4e:50:4f:0d:d2:0d:fc:
59:14:3d:62:16:cf:58:75:db:e8:40:39:9a:08:8b:
26:fc:9f:fc:7d:78:37:49:85:a2:60:a0:67:75:3c:
e1:c4:c6:52:2c:99:4a:98:5f:11:9e:fe:ee:6c:7a:
38:c0:34:ff:16:03:e6:e4:fa:8d:22:78:f0:69:8c:
55:e2:d3:2d:fd:59:2c:17:cd:09:53:cf:5f:98:97:
5d:1f:ef:73:aa:d7:2a:03:19:a9:f2:26:d8:e6:17:
e1:61:29:18:03:bf:d6:83:99:41:85:c1:2b:c4:57:
a2:17:80:64:55:13:b0:9e:1d:48:56:df:75:5a:40:
86:09:46:e1:65:e7:39:e4:0b:dd:fd:82:2e:8e:f0:
79:31:fd:14:1d:05:d1:ab:f1:3f:38:41:f2:a4:c3:
af:f2:6f:0e:7f:6a:43:c8:23:c8:a5:a4:bd:71:e4:
09:b4:47:87:72:c3:e5:e1:fa:f8:e4:d4:f9:b5:20:
53:20:e8:dc:0b:5b:6a:0d:f3:91:06:d2:c7:34:4c:
16:23:6a:f0:d8:d8:01:60:50:ad:80:53:cb:27:10:
bc:e3:3b:94:2d:fe:1a:8f:51:41:6a:17:6d:22:91:
8f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:73:A2:AA:5F:6E:F0:5D:E7:B7:58:DB:14:0B:D2:59:80:42:F3:EF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/DnOiql9u8F3nt1jbFAvSWYBC8-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:f5:92:8a:64:6d:97:4b:f1:ca:d9:9f:6c:91:20:a6:7f:50:
75:32:86:e4:6b:b2:7d:9e:16:a9:26:b0:6f:74:25:de:7f:d3:
36:d7:18:06:ca:34:d6:7a:4c:18:8f:8f:37:5b:bd:1d:05:9e:
b3:4e:7d:ab:c9:d6:a1:28:15:14:21:31:5a:a6:96:ea:f9:51:
98:01:ae:e1:cf:85:bb:6b:68:c2:e0:ca:dc:03:e8:11:9c:45:
5f:0e:a2:88:f7:bf:3c:04:ae:57:86:47:85:a0:f6:93:4b:8c:
f1:97:b3:3b:6c:cd:af:22:5b:1b:40:78:39:d2:c5:ca:bc:68:
0b:9e:88:22:87:84:5a:7f:79:df:c8:a2:45:5a:0e:b8:63:21:
32:e3:85:72:7e:c4:8c:10:03:b3:27:9a:c6:ae:03:3f:0f:9c:
1e:1d:b8:cd:e9:f9:89:fe:ba:1c:c6:bc:4e:34:d9:8c:0d:e1:
9e:8b:db:7b:a2:7c:c3:ba:0d:f7:7c:f4:87:a7:85:8c:aa:7b:
00:8f:e6:44:c4:8f:ca:7a:c1:31:3d:bc:96:8a:c3:1f:86:a6:
b4:7f:f7:84:6c:9d:86:3b:6d:86:42:00:20:bf:cf:f9:e3:1a:
45:db:99:02:b1:58:1e:b8:da:29:c6:82:06:7f:94:9a:71:8d:
bc:a5:06:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwHcHyycyrw4lzkTrK5OYsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI1MTcwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTczYTJhYTVmNmVmMDVkZTdiNzU4ZGIxNDBiZDI1OTgwNDJmM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcMAzPRTCk7uYaAiAXhyKYBsJwRO
IE5QTw3SDfxZFD1iFs9YddvoQDmaCIsm/J/8fXg3SYWiYKBndTzhxMZSLJlKmF8R
nv7ubHo4wDT/FgPm5PqNInjwaYxV4tMt/VksF80JU89fmJddH+9zqtcqAxmp8ibY
5hfhYSkYA7/Wg5lBhcErxFeiF4BkVROwnh1IVt91WkCGCUbhZec55Avd/YIujvB5
Mf0UHQXRq/E/OEHypMOv8m8Of2pDyCPIpaS9ceQJtEeHcsPl4fr45NT5tSBTIOjc
C1tqDfORBtLHNEwWI2rw2NgBYFCtgFPLJxC84zuULf4aj1FBahdtIpGPLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA5zoqpfbvBd57dY2xQL0lmAQvPvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvRG5PaXFsOXU4RjNudDFqYkZBdlNXWUJDOC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABz1kopkbZdL8crZn2yR
IKZ/UHUyhuRrsn2eFqkmsG90Jd5/0zbXGAbKNNZ6TBiPjzdbvR0FnrNOfavJ1qEo
FRQhMVqmlur5UZgBruHPhbtraMLgytwD6BGcRV8Oooj3vzwErleGR4Wg9pNLjPGX
sztsza8iWxtAeDnSxcq8aAueiCKHhFp/ed/IokVaDrhjITLjhXJ+xIwQA7Mnmsau
Az8PnB4duM3p+Yn+uhzGvE402YwN4Z6L23uifMO6Dfd89IenhYyqewCP5kTEj8p6
wTE9vJaKwx+GprR/94RsnYY7bYZCACC/z/njGkXbmQKxWB642inGggZ/lJpxjbyl
BoY=
-----END CERTIFICATE-----
Generated at Sat May 10 13:39:05 2025 by rpki-client