Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DGaG-aCPQWSHypYysBmAPstIDL8.roa
File: DGaG-aCPQWSHypYysBmAPstIDL8.roa (raw, json)
Hash identifier: Pg/K1Gmw6bYIT1mgg/mPAlHrnlXbOyCmSTQ1O7Yy7aY=
Subject key identifier: 0C:66:86:F9:A0:8F:41:64:87:CA:96:32:B0:19:80:3E:CB:48:0C:BF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5BCD548109A7AA5E9E095EA7D105B51A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DGaG-aCPQWSHypYysBmAPstIDL8.roa
Signing time: Tue 30 Jan 2024 19:16:39 +0000
ROA not before: Tue 30 Jan 2024 19:16:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5b:cd:54:81:09:a7:aa:5e:9e:09:5e:a7:d1:05:b5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 30 19:16:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c6686f9a08f416487ca9632b019803ecb480cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3c:42:98:94:6c:a3:38:ea:0c:7c:68:b2:96:
4c:cd:18:80:05:43:18:92:df:ca:e6:42:7d:a3:de:
24:d2:d5:91:b1:b6:ed:84:04:e2:a7:67:30:6c:d6:
f3:01:59:df:32:fa:5c:16:62:23:76:9e:f1:62:43:
bc:52:85:b0:60:63:e0:db:c5:39:f1:cd:ce:b7:91:
d9:91:38:98:47:4c:7a:2f:cf:ba:7f:e7:75:48:db:
2b:61:1b:63:55:a3:eb:e1:00:c4:c1:8f:76:33:7b:
53:79:29:09:1c:98:22:c6:68:ed:02:e8:3c:63:1f:
30:65:87:56:bf:61:03:9a:3f:45:81:46:80:0b:c7:
e7:37:88:27:0f:b9:c8:5c:26:c3:41:bf:3c:20:a3:
53:bb:da:20:ee:0a:28:82:b5:13:67:24:e6:2f:a6:
05:fc:68:8a:52:cc:8a:6a:81:66:e0:86:92:bf:c3:
ac:80:17:09:cf:65:89:97:b9:17:0b:d0:7d:2d:6a:
df:ff:b4:5c:8e:3d:33:d0:b9:8f:1d:f0:bf:78:69:
73:bf:7b:72:f1:b7:93:ae:a1:50:dc:be:e6:a9:20:
fa:70:d3:95:32:b6:9d:83:85:f8:38:12:56:b8:00:
53:5a:f7:da:49:c8:2e:78:49:e9:45:60:a2:91:12:
a3:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:66:86:F9:A0:8F:41:64:87:CA:96:32:B0:19:80:3E:CB:48:0C:BF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DGaG-aCPQWSHypYysBmAPstIDL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:3d:f6:59:a5:3b:98:60:3e:57:b0:da:08:28:d1:4d:5b:ac:
7e:91:ce:fd:1a:2c:ee:29:20:7b:6d:f0:23:e1:de:af:85:57:
57:cc:52:a1:62:0d:89:18:50:fc:ff:34:70:c6:97:64:49:88:
76:49:3b:07:96:e5:65:d0:ba:58:c8:6f:5a:01:a1:8d:08:29:
d2:7e:ba:36:93:20:64:21:05:ba:0d:89:67:a0:99:d9:2f:81:
dc:bb:cc:0f:42:4d:1c:61:0a:86:e1:8c:44:94:56:cc:72:be:
ea:33:97:38:d6:ae:22:eb:aa:d7:d8:d9:7c:a8:33:10:09:c5:
1f:d0:c2:be:2d:3b:7c:4f:44:b3:07:41:ed:19:c4:50:33:7c:
f5:e1:6c:d9:32:39:95:94:83:bd:69:1f:dc:a1:f6:44:9b:3c:
92:29:d8:77:93:77:c3:5f:07:ad:34:5f:8d:a2:5a:37:38:96:
40:1c:8c:a1:98:80:11:d9:9d:7f:3a:64:52:33:cd:d9:50:34:
14:a6:50:df:3a:46:f8:78:c2:f6:ba:c6:ca:7f:d9:8c:18:15:
2c:3c:02:55:7b:41:58:b5:7b:09:d4:85:0f:64:d6:17:05:18:
1d:fe:e1:45:17:2e:ca:7b:4e:01:3c:d0:89:4e:9d:23:84:03:
67:3b:7f:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1bzVSBCaeqXp4JXqfRBbUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMwMTkxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzY2ODZmOWEwOGY0MTY0ODdjYTk2MzJiMDE5ODAzZWNiNDgwY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zxCmJRsozjqDHxospZMzRiABUMY
kt/K5kJ9o94k0tWRsbbthATip2cwbNbzAVnfMvpcFmIjdp7xYkO8UoWwYGPg28U5
8c3Ot5HZkTiYR0x6L8+6f+d1SNsrYRtjVaPr4QDEwY92M3tTeSkJHJgixmjtAug8
Yx8wZYdWv2EDmj9FgUaAC8fnN4gnD7nIXCbDQb88IKNTu9og7googrUTZyTmL6YF
/GiKUsyKaoFm4IaSv8OsgBcJz2WJl7kXC9B9LWrf/7Rcjj0z0LmPHfC/eGlzv3ty
8beTrqFQ3L7mqSD6cNOVMradg4X4OBJWuABTWvfaScgueEnpRWCikRKjbQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAxmhvmgj0Fkh8qWMrAZgD7LSAy/MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvREdhRy1hQ1BRV1NIeXBZeXNCbUFQc3RJREw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACM99lmlO5hgPlew2ggo
0U1brH6Rzv0aLO4pIHtt8CPh3q+FV1fMUqFiDYkYUPz/NHDGl2RJiHZJOweW5WXQ
uljIb1oBoY0IKdJ+ujaTIGQhBboNiWegmdkvgdy7zA9CTRxhCobhjESUVsxyvuoz
lzjWriLrqtfY2XyoMxAJxR/Qwr4tO3xPRLMHQe0ZxFAzfPXhbNkyOZWUg71pH9yh
9kSbPJIp2HeTd8NfB600X42iWjc4lkAcjKGYgBHZnX86ZFIzzdlQNBSmUN86Rvh4
wva6xsp/2YwYFSw8AlV7QVi1ewnUhQ9k1hcFGB3+4UUXLsp7TgE80IlOnSOEA2c7
f2s=
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:59:36 2025 by rpki-client