Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dKxPFhnARwj19xr25QzHXjxfuyE.roa
File: dKxPFhnARwj19xr25QzHXjxfuyE.roa (raw, json)
Hash identifier: b2UfHl2DjdQWFsnf+lJnjQmrU3gG9aqCAMBhYnFCDRc=
Subject key identifier: 74:AC:4F:16:19:C0:47:08:F5:F7:1A:F6:E5:0C:C7:5E:3C:5F:BB:21
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC9E44E66A12BBF1F1E24388444522870
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dKxPFhnARwj19xr25QzHXjxfuyE.roa
Signing time: Mon 25 Sep 2023 01:11:37 +0000
ROA not before: Mon 25 Sep 2023 01:11:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c9:e4:4e:66:a1:2b:bf:1f:1e:24:38:84:44:52:28:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 01:11:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74ac4f1619c04708f5f71af6e50cc75e3c5fbb21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:71:f0:81:e2:99:8b:64:06:df:5c:29:a4:f7:
e6:00:2c:ee:2e:82:c5:5b:5e:72:85:d5:b2:d8:57:
1d:4c:98:c8:32:a3:30:9a:3c:a4:b4:7c:42:4c:4e:
8b:3c:72:2d:a0:a8:8c:53:b5:c1:e1:33:0b:76:0b:
8d:19:27:ee:0a:1a:4d:4e:31:e0:34:5e:45:78:fd:
e2:c3:49:74:03:eb:52:5a:65:b9:9f:db:74:ea:04:
76:54:59:4e:b4:e4:84:ec:60:fa:e2:3d:86:92:ac:
3b:61:ba:40:a2:20:43:70:64:c3:d1:cf:3f:7b:d5:
28:fc:e8:78:30:a4:3f:6e:48:51:5c:2f:0f:dd:30:
bd:9b:b4:34:57:7b:05:ae:e3:33:5d:80:d7:44:23:
ff:c9:c8:06:4d:74:f2:0a:6f:fe:d8:0f:8f:a7:82:
84:e4:6e:54:40:d3:b0:8f:65:43:36:c6:91:c9:7d:
31:b0:b8:65:ea:33:e3:bf:5f:d9:4b:16:ff:f2:8e:
b0:63:78:e7:9f:7b:1a:be:c4:c7:49:e8:8b:99:4a:
32:50:9d:45:66:58:2d:bf:be:f2:a2:22:11:ee:11:
fa:b2:a7:d3:a9:6f:6e:0c:40:f3:af:22:56:b2:d8:
d9:5d:d1:ec:c7:1f:a4:ee:b9:6f:78:ba:e4:41:b7:
1d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:AC:4F:16:19:C0:47:08:F5:F7:1A:F6:E5:0C:C7:5E:3C:5F:BB:21
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dKxPFhnARwj19xr25QzHXjxfuyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:5d:e3:1a:27:f4:f0:dd:40:43:af:2a:ae:ce:df:e9:08:6a:
5a:52:62:9c:99:59:f6:fd:cb:ea:5b:b8:51:44:e7:06:02:03:
3e:8a:4e:c3:2e:9a:ca:4a:f3:b6:5b:6d:2a:d4:10:62:08:f7:
a7:e8:ab:bd:f7:e3:80:49:5c:8b:c1:0c:b0:65:27:6d:c6:68:
4b:47:5a:42:26:6b:e7:59:a2:15:e2:2a:0c:6b:a6:a3:21:30:
61:97:30:47:d4:da:f2:f9:1f:e5:b6:36:58:3a:83:c0:4f:ae:
20:ca:48:09:4d:fa:66:f3:5c:57:1a:6c:96:38:a1:57:be:76:
0a:8b:49:f2:2a:3d:7a:b7:89:48:76:41:2d:99:fe:1d:2a:61:
cb:0d:1a:73:f7:f0:f6:9f:bd:0b:b1:02:16:18:a8:05:d9:53:
c7:44:fa:36:48:a6:9f:6b:79:a9:a0:37:0b:c7:3c:3d:0b:93:
f6:25:07:48:88:4c:68:77:76:ab:49:02:99:a7:58:b3:ac:7b:
d2:25:b9:bf:e1:8b:58:56:d4:31:db:81:30:a8:00:e8:a5:e5:
c2:e0:63:51:7c:e2:c0:83:2d:47:55:b7:57:01:71:2d:06:98:
72:f9:54:5a:e3:a8:46:97:e3:8c:b7:4a:6e:57:71:1e:1d:26:
f4:ca:f0:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrJ5E5moSu/Hx4kOIREUihwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MDExMTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGFjNGYxNjE5YzA0NzA4ZjVmNzFhZjZlNTBjYzc1ZTNjNWZiYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXHwgeKZi2QG31wppPfmACzuLoLF
W15yhdWy2FcdTJjIMqMwmjyktHxCTE6LPHItoKiMU7XB4TMLdguNGSfuChpNTjHg
NF5FeP3iw0l0A+tSWmW5n9t06gR2VFlOtOSE7GD64j2Gkqw7YbpAoiBDcGTD0c8/
e9Uo/Oh4MKQ/bkhRXC8P3TC9m7Q0V3sFruMzXYDXRCP/ycgGTXTyCm/+2A+Pp4KE
5G5UQNOwj2VDNsaRyX0xsLhl6jPjv1/ZSxb/8o6wY3jnn3savsTHSeiLmUoyUJ1F
Zlgtv77yoiIR7hH6sqfTqW9uDEDzryJWstjZXdHsxx+k7rlveLrkQbcdswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHSsTxYZwEcI9fca9uUMx148X7shMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZEt4UEZobkFSd2oxOXhyMjVRekhYanhmdXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJld4xon9PDdQEOvKq7O
3+kIalpSYpyZWfb9y+pbuFFE5wYCAz6KTsMumspK87ZbbSrUEGII96foq73344BJ
XIvBDLBlJ23GaEtHWkIma+dZohXiKgxrpqMhMGGXMEfU2vL5H+W2Nlg6g8BPriDK
SAlN+mbzXFcabJY4oVe+dgqLSfIqPXq3iUh2QS2Z/h0qYcsNGnP38PafvQuxAhYY
qAXZU8dE+jZIpp9reamgNwvHPD0Lk/YlB0iITGh3dqtJApmnWLOse9Ilub/hi1hW
1DHbgTCoAOil5cLgY1F84sCDLUdVt1cBcS0GmHL5VFrjqEaX44y3Sm5XcR4dJvTK
8DA=
-----END CERTIFICATE-----
Generated at Thu May 15 00:10:25 2025 by rpki-client