Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/diMGXg2LSMHNhnQ1hIHVN1T4x0Q.roa
File: diMGXg2LSMHNhnQ1hIHVN1T4x0Q.roa (raw, json)
Hash identifier: dwqEzA1PQD7eMtcVfhhX6biIRl4q8on5ZbJImuLaonI=
Subject key identifier: 76:23:06:5E:0D:8B:48:C1:CD:86:74:35:84:81:D5:37:54:F8:C7:44
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C243B65567991CA7664787DA8F0299C0F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/diMGXg2LSMHNhnQ1hIHVN1T4x0Q.roa
Signing time: Fri 01 Dec 2023 07:15:21 +0000
ROA not before: Fri 01 Dec 2023 07:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:3b:65:56:79:91:ca:76:64:78:7d:a8:f0:29:9c:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 07:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7623065e0d8b48c1cd8674358481d53754f8c744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:37:2c:81:fe:48:43:a2:3b:d7:91:aa:a6:b8:
f5:52:87:f8:df:ce:c6:e1:6b:71:41:ac:8a:66:9b:
5a:35:0b:fd:71:b1:e7:54:da:ea:29:aa:5f:8a:da:
24:97:85:3f:a6:c1:7e:23:70:c8:be:45:17:4d:f7:
91:47:7b:c9:3b:bc:05:36:6a:50:fe:a6:df:ff:db:
11:1d:3f:92:07:23:35:fb:b6:63:c7:a6:2c:39:61:
1d:4c:36:e4:e5:94:af:0a:3e:31:fa:d5:e5:6f:44:
6b:49:ce:3c:6a:56:a4:c3:f0:54:36:44:42:82:13:
8d:95:b8:ef:8d:b1:03:53:de:15:6c:14:2d:48:d6:
a0:45:03:e5:ec:44:48:fd:e1:09:8e:5f:c1:59:4e:
18:64:ed:3e:a5:c6:84:b7:78:03:e9:f7:40:05:ef:
0a:98:d9:1c:4d:09:db:2a:b9:3d:56:91:e7:e4:db:
15:72:76:47:b3:c6:35:f2:80:b7:11:e0:12:1d:50:
7c:42:67:a2:a7:6d:06:c3:b4:85:e4:9d:d6:7a:6b:
40:94:55:fc:2d:d6:62:ac:58:a5:be:2e:4f:a5:41:
b9:f3:6a:8a:4c:5b:8a:52:22:bc:06:74:15:20:d8:
db:61:48:f2:9f:fb:4e:8d:81:a1:c7:08:e7:73:12:
64:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:23:06:5E:0D:8B:48:C1:CD:86:74:35:84:81:D5:37:54:F8:C7:44
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/diMGXg2LSMHNhnQ1hIHVN1T4x0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:48:4e:fd:9d:1b:1b:ae:2e:1f:3b:8c:fc:f5:21:eb:79:7a:
df:5f:e0:b9:cf:26:b8:68:5a:b9:d8:25:2d:6c:46:d1:5e:50:
31:de:e9:5e:c5:ac:60:0f:de:31:22:28:a6:2c:51:8c:fa:bb:
c9:06:46:7c:06:cc:6a:d3:34:64:99:12:11:88:02:4d:81:11:
88:af:67:f0:75:40:99:6f:b7:53:88:fd:fd:89:3d:a2:0e:24:
de:13:6c:c0:8d:f1:62:f2:33:51:40:ee:a5:44:0d:c7:b3:62:
37:a2:65:ed:f6:ee:1f:70:12:12:b8:96:0d:82:7f:f5:e7:20:
9b:70:dc:dc:39:19:af:56:61:31:95:5d:19:a7:cb:5f:06:01:
95:5d:69:f0:2e:28:22:19:cd:9b:f4:c6:68:a4:a8:c8:e4:a2:
8a:bf:a4:04:45:3f:d4:0a:93:d5:5a:a2:5f:a1:a0:f5:1b:74:
04:09:55:e9:14:a3:c3:22:99:6c:0b:84:9e:44:c9:bc:68:d4:
91:5e:ae:48:e1:84:dc:e2:cd:5d:d7:6f:06:58:f4:60:e8:b6:
17:dc:9b:23:98:20:16:76:88:dc:40:ed:d1:b9:ff:d1:8a:88:
18:3f:e8:75:72:9a:38:c0:b8:7a:bf:d7:01:73:dc:22:f1:82:
ba:98:09:3e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwkO2VWeZHKdmR4fajwKZwPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMDcxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjIzMDY1ZTBkOGI0OGMxY2Q4Njc0MzU4NDgxZDUzNzU0ZjhjNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDcsgf5IQ6I715Gqprj1Uof4387G
4WtxQayKZptaNQv9cbHnVNrqKapfitokl4U/psF+I3DIvkUXTfeRR3vJO7wFNmpQ
/qbf/9sRHT+SByM1+7Zjx6YsOWEdTDbk5ZSvCj4x+tXlb0RrSc48alakw/BUNkRC
ghONlbjvjbEDU94VbBQtSNagRQPl7ERI/eEJjl/BWU4YZO0+pcaEt3gD6fdABe8K
mNkcTQnbKrk9VpHn5NsVcnZHs8Y18oC3EeASHVB8Qmeip20Gw7SF5J3WemtAlFX8
LdZirFilvi5PpUG582qKTFuKUiK8BnQVINjbYUjyn/tOjYGhxwjncxJksQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHYjBl4Ni0jBzYZ0NYSB1TdU+MdEMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZGlNR1hnMkxTTUhOaG5RMWhJSFZOMVQ0eDBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHVITv2dGxuuLh87jPz1
Iet5et9f4LnPJrhoWrnYJS1sRtFeUDHe6V7FrGAP3jEiKKYsUYz6u8kGRnwGzGrT
NGSZEhGIAk2BEYivZ/B1QJlvt1OI/f2JPaIOJN4TbMCN8WLyM1FA7qVEDcezYjei
Ze327h9wEhK4lg2Cf/XnIJtw3Nw5Ga9WYTGVXRmny18GAZVdafAuKCIZzZv0xmik
qMjkooq/pARFP9QKk9Vaol+hoPUbdAQJVekUo8MimWwLhJ5Eybxo1JFerkjhhNzi
zV3XbwZY9GDothfcmyOYIBZ2iNxA7dG5/9GKiBg/6HVymjjAuHq/1wFz3CLxgrqY
CT4=
-----END CERTIFICATE-----
Generated at Sun May 11 16:52:54 2025 by rpki-client