Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/COhrZgvqpzT2lJ50-CWT8KJa25g.roa
File: COhrZgvqpzT2lJ50-CWT8KJa25g.roa (raw, json)
Hash identifier: 1UjlPy7Pm30w3ZEKWIiMZVbOWykTSFUQDIrr17uGjXI=
Subject key identifier: 08:E8:6B:66:0B:EA:A7:34:F6:94:9E:74:F8:25:93:F0:A2:5A:DB:98
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB92563E145346DE9F1C798832016DF3D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/COhrZgvqpzT2lJ50-CWT8KJa25g.roa
Signing time: Fri 10 Nov 2023 12:11:57 +0000
ROA not before: Fri 10 Nov 2023 12:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:25:63:e1:45:34:6d:e9:f1:c7:98:83:20:16:df:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 12:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08e86b660beaa734f6949e74f82593f0a25adb98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bc:39:39:b8:2f:31:c9:1a:da:85:4c:86:ff:
5f:dd:cf:20:38:bc:b6:54:74:18:57:63:e4:39:ad:
de:5e:05:85:b4:f6:70:fb:db:ba:c7:9b:89:b3:27:
a0:21:2f:02:07:00:b3:60:86:cd:e3:2b:54:8c:da:
1d:34:df:87:f4:b6:8c:c5:b3:55:b1:de:ef:1b:e3:
52:85:4a:21:e8:bd:c0:63:0a:93:26:14:87:86:dc:
c7:dc:c8:59:f5:16:d1:37:67:b7:fb:47:61:dd:1b:
78:ac:7d:db:20:83:71:83:2a:c1:0d:77:fc:d9:e3:
c2:bf:04:56:ca:a3:ca:0c:b8:3a:54:40:7b:f1:67:
ad:3b:8e:5b:98:a8:1a:00:d4:87:b4:a8:fb:ab:bc:
ad:e8:d3:c6:a8:38:36:f4:7f:59:16:f0:51:e0:12:
58:2e:9d:fa:dc:b8:4b:21:48:76:af:fe:ba:51:6a:
3a:3e:18:cd:a6:d5:4f:4a:ac:93:9d:bc:da:61:92:
df:43:5d:e1:21:80:a3:ea:e7:41:69:e8:de:f4:24:
85:13:c7:1d:88:28:ae:08:0b:3c:64:5f:96:73:fd:
31:79:17:ed:da:5e:32:7f:4a:88:dd:5c:a7:b9:cf:
29:51:e2:10:cb:b6:a3:e1:d1:ee:29:76:26:41:a5:
91:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E8:6B:66:0B:EA:A7:34:F6:94:9E:74:F8:25:93:F0:A2:5A:DB:98
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/COhrZgvqpzT2lJ50-CWT8KJa25g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:50:ea:f5:4c:ff:5b:ab:01:1c:6f:34:47:58:05:67:42:18:
0f:5a:8a:58:7c:d4:43:ab:66:25:a6:12:fd:9a:88:e9:0b:a5:
97:26:b7:1b:ba:1c:d9:82:5f:d8:4d:47:43:b1:f1:b9:15:47:
dc:37:be:93:b3:2d:41:e1:d2:7a:ec:ac:91:88:de:2f:f3:c3:
a9:23:d7:ca:52:35:39:ca:cb:75:37:52:00:83:89:59:f8:83:
d6:75:be:0f:a0:30:3d:a8:fc:9f:89:f3:59:25:58:8d:d1:be:
d2:10:0a:a1:31:5d:87:50:6f:70:75:12:73:f3:fa:75:b4:db:
19:aa:51:c2:7b:cc:a0:35:08:21:26:01:d8:d2:70:7a:7d:e3:
08:18:ac:a6:1b:bc:2b:01:a2:6d:60:e2:77:02:e3:94:82:d9:
42:84:42:8f:d7:63:72:78:26:e6:75:37:3c:26:b2:c7:6e:5c:
0e:10:3d:df:50:38:55:b7:05:f2:ca:d6:97:d2:4b:59:77:9c:
a1:3b:54:fd:ab:90:ce:f7:16:a5:1c:8d:8c:b0:a0:85:4d:5f:
da:9c:8c:1d:4a:54:6c:f7:51:71:6f:39:29:f8:b1:74:c3:41:
ab:8a:06:7f:3c:cd:5b:6c:89:d1:9a:e2:30:30:11:4f:5e:1d:
c5:11:f2:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu5JWPhRTRt6fHHmIMgFt89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMTIxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGU4NmI2NjBiZWFhNzM0ZjY5NDllNzRmODI1OTNmMGEyNWFkYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbw5ObgvMcka2oVMhv9f3c8gOLy2
VHQYV2PkOa3eXgWFtPZw+9u6x5uJsyegIS8CBwCzYIbN4ytUjNodNN+H9LaMxbNV
sd7vG+NShUoh6L3AYwqTJhSHhtzH3MhZ9RbRN2e3+0dh3Rt4rH3bIINxgyrBDXf8
2ePCvwRWyqPKDLg6VEB78WetO45bmKgaANSHtKj7q7yt6NPGqDg29H9ZFvBR4BJY
Lp363LhLIUh2r/66UWo6PhjNptVPSqyTnbzaYZLfQ13hIYCj6udBaeje9CSFE8cd
iCiuCAs8ZF+Wc/0xeRft2l4yf0qI3Vynuc8pUeIQy7aj4dHuKXYmQaWRlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAjoa2YL6qc09pSedPglk/CiWtuYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQ09oclpndnFwelQybEo1MC1DV1Q4S0phMjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAARQ6vVM/1urARxvNEdY
BWdCGA9ailh81EOrZiWmEv2aiOkLpZcmtxu6HNmCX9hNR0Ox8bkVR9w3vpOzLUHh
0nrsrJGI3i/zw6kj18pSNTnKy3U3UgCDiVn4g9Z1vg+gMD2o/J+J81klWI3RvtIQ
CqExXYdQb3B1EnPz+nW02xmqUcJ7zKA1CCEmAdjScHp94wgYrKYbvCsBom1g4ncC
45SC2UKEQo/XY3J4JuZ1NzwmssduXA4QPd9QOFW3BfLK1pfSS1l3nKE7VP2rkM73
FqUcjYywoIVNX9qcjB1KVGz3UXFvOSn4sXTDQauKBn88zVtsidGa4jAwEU9eHcUR
8nc=
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:09:15 2025 by rpki-client