Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Aovo7OEbcAQ47TMTiJabaUWvW34.roa
File: Aovo7OEbcAQ47TMTiJabaUWvW34.roa (raw, json)
Hash identifier: vYHj4J2SB0Dn62Zyo1wna1x4lNPo4peaYo6jGhTd1gs=
Subject key identifier: 02:8B:E8:EC:E1:1B:70:04:38:ED:33:13:88:96:9B:69:45:AF:5B:7E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6A2DF609D99FCD37C90F33CE0B307FD9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Aovo7OEbcAQ47TMTiJabaUWvW34.roa
Signing time: Thu 14 Dec 2023 21:14:06 +0000
ROA not before: Thu 14 Dec 2023 21:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6a:2d:f6:09:d9:9f:cd:37:c9:0f:33:ce:0b:30:7f:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 21:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=028be8ece11b700438ed331388969b6945af5b7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:51:d5:a5:9b:25:a3:93:27:da:b3:ff:84:db:
10:47:db:60:ab:bd:9b:51:d5:b3:52:10:cf:5c:7b:
2b:18:25:3b:9a:94:bf:28:97:86:50:0e:af:dc:11:
b4:d8:3f:d5:82:c9:e3:e7:bf:89:39:26:69:4d:78:
bb:1d:a2:7f:3a:2c:9b:2e:9b:24:09:f1:50:4a:09:
e6:24:e4:1b:e9:09:1a:fc:22:67:d1:cd:69:e6:c5:
22:69:a7:8c:10:9f:38:2e:a4:00:8a:b4:fe:bd:0e:
68:7a:d8:bc:dc:e3:c1:cb:37:b7:18:ad:88:27:29:
90:c8:a1:79:c5:37:9d:4a:c0:93:f2:1d:86:95:1e:
a0:9c:a0:16:74:96:ec:ef:8d:b5:d5:cb:8e:da:06:
b3:4e:b4:49:38:a9:3a:a5:3e:2f:fc:48:7d:f4:49:
73:ff:6f:7b:0f:7d:7c:b5:38:10:1f:14:0c:66:24:
ff:d2:29:b1:bf:8e:16:84:3b:fd:96:c3:c2:61:98:
14:4b:3b:a9:7c:12:f5:46:0e:18:93:5a:ae:29:b4:
d5:07:01:41:d5:d5:ce:01:d4:bc:d0:2f:2b:48:13:
0e:1f:00:f6:5f:e0:98:ba:25:14:42:6e:fa:59:2e:
cc:18:f4:68:b2:f9:ff:07:e8:b5:7c:12:ed:01:10:
6a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8B:E8:EC:E1:1B:70:04:38:ED:33:13:88:96:9B:69:45:AF:5B:7E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Aovo7OEbcAQ47TMTiJabaUWvW34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:1c:ec:12:77:69:aa:e8:85:ed:26:ab:0b:8a:22:66:35:dd:
96:ce:f2:31:80:a5:c9:b7:73:33:65:e4:8e:33:04:17:cc:1c:
9b:b0:d4:e5:be:91:1a:c4:9c:f0:91:a8:92:07:a2:c3:bc:0e:
15:8e:90:38:e4:69:66:f7:03:05:ec:24:c1:b2:35:e2:e6:c0:
af:e8:ae:ee:03:3a:72:23:f9:a0:78:81:82:3b:ef:2f:0a:16:
70:63:ed:a3:b7:9c:ed:08:d2:53:46:66:c7:a5:41:4a:ae:af:
c0:f6:24:33:1f:e5:16:52:f2:e5:23:a5:ef:3d:d2:52:fe:84:
28:a0:cb:8d:4f:cf:eb:57:33:48:9a:1b:9f:92:97:0f:09:c2:
be:67:a3:e6:ec:5f:4b:61:0d:80:9a:fe:00:bc:89:b6:7a:8f:
e1:2e:15:9e:88:06:fc:85:5a:33:c3:b4:b9:02:98:f8:ce:09:
4d:ae:59:56:45:40:55:2a:f8:f4:d3:ed:35:d6:43:de:1f:ee:
fa:1f:57:ca:a9:9a:00:d6:04:7c:ae:4a:f8:b6:ba:0f:3f:f9:
17:d7:7f:6e:ac:19:11:36:92:38:ec:1a:76:f8:da:8d:b9:3f:
62:2f:21:f0:53:9e:ba:49:86:aa:6a:16:87:b6:41:1d:fa:b4:
6f:f6:c2:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxqLfYJ2Z/NN8kPM84LMH/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MjExNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjhiZThlY2UxMWI3MDA0MzhlZDMzMTM4ODk2OWI2OTQ1YWY1YjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7FHVpZslo5Mn2rP/hNsQR9tgq72b
UdWzUhDPXHsrGCU7mpS/KJeGUA6v3BG02D/Vgsnj57+JOSZpTXi7HaJ/OiybLpsk
CfFQSgnmJOQb6Qka/CJn0c1p5sUiaaeMEJ84LqQAirT+vQ5oeti83OPByze3GK2I
JymQyKF5xTedSsCT8h2GlR6gnKAWdJbs74211cuO2gazTrRJOKk6pT4v/Eh99Elz
/297D318tTgQHxQMZiT/0imxv44WhDv9lsPCYZgUSzupfBL1Rg4Yk1quKbTVBwFB
1dXOAdS80C8rSBMOHwD2X+CYuiUUQm76WS7MGPRosvn/B+i1fBLtARBqzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAKL6OzhG3AEOO0zE4iWm2lFr1t+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQW92bzdPRWJjQVE0N1RNVGlKYWJhVVd2VzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFgc7BJ3aarohe0mqwuK
ImY13ZbO8jGApcm3czNl5I4zBBfMHJuw1OW+kRrEnPCRqJIHosO8DhWOkDjkaWb3
AwXsJMGyNeLmwK/oru4DOnIj+aB4gYI77y8KFnBj7aO3nO0I0lNGZselQUqur8D2
JDMf5RZS8uUjpe890lL+hCigy41Pz+tXM0iaG5+Slw8Jwr5no+bsX0thDYCa/gC8
ibZ6j+EuFZ6IBvyFWjPDtLkCmPjOCU2uWVZFQFUq+PTT7TXWQ94f7vofV8qpmgDW
BHyuSvi2ug8/+RfXf26sGRE2kjjsGnb42o25P2IvIfBTnrpJhqpqFoe2QR36tG/2
wok=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:09:53 2025 by rpki-client