Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O2hiwLdvEUF8Q0DuT5tVlsaE5dw.roa
File: O2hiwLdvEUF8Q0DuT5tVlsaE5dw.roa (raw, json)
Hash identifier: 4ijNc9JtXvIV/UgP+GKD7zFt+P3i3dhYxlqhnDLYiaM=
Subject key identifier: 3B:68:62:C0:B7:6F:11:41:7C:43:40:EE:4F:9B:55:96:C6:84:E5:DC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BCC727EBCC321A89BE6C93C25CE0279FB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O2hiwLdvEUF8Q0DuT5tVlsaE5dw.roa
Signing time: Tue 14 Nov 2023 06:08:57 +0000
ROA not before: Tue 14 Nov 2023 06:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cc:72:7e:bc:c3:21:a8:9b:e6:c9:3c:25:ce:02:79:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 14 06:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b6862c0b76f11417c4340ee4f9b5596c684e5dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:08:f1:53:42:40:c0:f4:5e:e7:bb:8b:69:b0:
a3:cc:b9:73:7a:b0:ff:75:66:30:e4:32:84:9e:c7:
fa:82:84:d4:b0:27:e5:1c:17:d6:28:a6:de:45:de:
20:f6:a0:b8:e5:c2:92:9e:5a:3d:68:f5:14:55:8e:
65:40:65:f5:2d:3d:98:e2:e0:63:dd:f1:b9:12:8e:
31:fa:f9:eb:d1:e3:ff:88:74:3c:78:65:7e:28:65:
f6:98:2a:92:66:0a:e3:20:d7:27:10:d8:ca:ed:13:
89:49:01:ef:0e:c6:db:bc:c4:db:95:84:92:61:85:
13:2a:8a:7a:cd:fc:63:64:1e:df:57:1d:26:f0:b3:
75:01:64:4e:3e:34:cf:33:ae:3a:6c:1e:3e:7c:dd:
29:40:07:b5:14:c8:16:8c:38:2f:00:b4:8a:f6:b2:
e0:48:33:58:51:cf:e4:54:84:26:d9:6a:9e:cc:f9:
f3:fd:2d:fa:4d:14:f0:2d:5d:f9:6b:dd:f1:f6:f2:
c7:0a:07:f2:19:ab:f8:5a:1f:73:f2:b0:77:e6:b8:
9b:89:3c:28:6e:82:44:b0:69:c8:6c:df:af:32:b8:
5b:e8:82:42:f7:2b:3b:4a:15:71:13:8c:37:23:ae:
41:95:35:31:4b:04:d3:72:87:43:9d:fa:e3:29:5e:
e0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:68:62:C0:B7:6F:11:41:7C:43:40:EE:4F:9B:55:96:C6:84:E5:DC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O2hiwLdvEUF8Q0DuT5tVlsaE5dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
be:fd:e9:18:ff:79:a2:43:45:36:e7:89:37:f0:c2:e7:76:c2:
6f:41:ed:6c:16:6b:e1:82:14:05:88:d5:de:30:5d:bb:f6:0b:
2b:01:fc:b3:9f:d3:62:ab:c0:0e:b8:e0:0e:a2:19:02:50:d9:
5c:4f:8a:a6:cb:17:a4:05:86:b3:07:30:f8:d5:01:db:89:a4:
35:55:f5:d6:0b:9e:77:77:02:84:73:25:73:ef:7c:48:80:fa:
41:cd:a8:33:68:12:92:b2:95:04:00:00:7c:28:ff:5b:6a:16:
6c:9b:a1:d4:6c:03:e7:a0:ac:28:fd:ab:96:65:9d:ca:f6:18:
2b:ba:ec:17:09:6b:84:bd:a1:19:c8:7e:db:54:73:2b:88:ce:
fc:12:4f:8e:ed:35:94:b1:63:32:72:77:4a:67:2c:8d:50:d1:
b7:1d:06:e1:5f:30:cd:77:10:4a:a1:2d:c4:51:0f:1e:9c:70:
92:d4:68:55:b2:aa:0e:58:97:78:7a:e6:d2:be:f5:c4:6d:b9:
c7:6d:bc:5a:19:d3:01:03:96:48:c1:6d:ec:16:a5:46:62:67:
f9:fa:0d:e9:5e:39:fc:4e:b0:03:b0:78:12:9e:87:95:bd:9f:
ce:ad:db:35:9c:26:f6:bb:ca:49:a1:1c:6d:9c:f0:04:4e:11:
a2:b2:9a:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvMcn68wyGom+bJPCXOAnn7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE0MDYwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY4NjJjMGI3NmYxMTQxN2M0MzQwZWU0ZjliNTU5NmM2ODRlNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogjxU0JAwPRe57uLabCjzLlzerD/
dWYw5DKEnsf6goTUsCflHBfWKKbeRd4g9qC45cKSnlo9aPUUVY5lQGX1LT2Y4uBj
3fG5Eo4x+vnr0eP/iHQ8eGV+KGX2mCqSZgrjINcnENjK7ROJSQHvDsbbvMTblYSS
YYUTKop6zfxjZB7fVx0m8LN1AWROPjTPM646bB4+fN0pQAe1FMgWjDgvALSK9rLg
SDNYUc/kVIQm2WqezPnz/S36TRTwLV35a93x9vLHCgfyGav4Wh9z8rB35ribiTwo
boJEsGnIbN+vMrhb6IJC9ys7ShVxE4w3I65BlTUxSwTTcodDnfrjKV7gnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDtoYsC3bxFBfENA7k+bVZbGhOXcMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTzJoaXdMZHZFVUY4UTBEdVQ1dFZsc2FFNWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL796Rj/eaJDRTbniTfw
wud2wm9B7WwWa+GCFAWI1d4wXbv2CysB/LOf02KrwA644A6iGQJQ2VxPiqbLF6QF
hrMHMPjVAduJpDVV9dYLnnd3AoRzJXPvfEiA+kHNqDNoEpKylQQAAHwo/1tqFmyb
odRsA+egrCj9q5Zlncr2GCu67BcJa4S9oRnIfttUcyuIzvwST47tNZSxYzJyd0pn
LI1Q0bcdBuFfMM13EEqhLcRRDx6ccJLUaFWyqg5Yl3h65tK+9cRtucdtvFoZ0wED
lkjBbewWpUZiZ/n6DeleOfxOsAOweBKeh5W9n86t2zWcJva7ykmhHG2c8AROEaKy
mig=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:34:27 2025 by rpki-client