Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O4t_zyViS3rS-GghsSO1Q-CKi9A.roa
File: O4t_zyViS3rS-GghsSO1Q-CKi9A.roa (raw, json)
Hash identifier: 7yfzuMFmxu5JwWMxatZlTF90PZchFeZRl9o1HMTbzsI=
Subject key identifier: 3B:8B:7F:CF:25:62:4B:7A:D2:F8:68:21:B1:23:B5:43:E0:8A:8B:D0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD3C3EBF8A021E60EC9A85C20BFFF59CF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O4t_zyViS3rS-GghsSO1Q-CKi9A.roa
Signing time: Tue 26 Sep 2023 23:12:27 +0000
ROA not before: Tue 26 Sep 2023 23:12:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d3:c3:eb:f8:a0:21:e6:0e:c9:a8:5c:20:bf:ff:59:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 26 23:12:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b8b7fcf25624b7ad2f86821b123b543e08a8bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:98:53:72:16:06:a2:f0:66:48:8f:34:12:8e:
d4:42:b5:3e:21:af:c7:8e:ee:38:6b:b8:1f:d2:df:
96:5a:92:5c:55:12:57:aa:87:02:dc:d5:1b:fd:38:
e9:c2:e0:6b:52:bb:3e:95:95:9c:23:cf:3d:83:20:
88:26:66:82:81:16:a1:13:ba:73:54:37:e4:08:af:
90:f7:22:f2:c6:d0:21:1d:b7:91:9e:00:81:4e:34:
c6:3a:a1:74:f0:e5:b5:5c:0a:44:ee:3d:65:78:96:
0e:41:bd:35:c3:d6:be:f6:39:54:6e:35:3d:d4:c6:
3a:f7:f2:40:ca:bb:43:a2:91:12:cb:73:03:80:d2:
f2:82:13:a4:74:1e:d2:11:21:09:fc:f2:8f:f5:c9:
86:3f:d3:28:a6:67:bc:ca:bd:28:dc:4b:ae:ed:04:
33:57:c1:c5:22:21:0e:99:99:1d:17:cb:67:e9:90:
c5:eb:ac:83:cb:15:71:02:6b:f0:9f:15:17:4c:18:
6f:03:bc:3e:0b:20:ad:5d:45:5f:b4:cc:01:ba:a6:
16:17:5c:23:84:6a:6c:fa:f1:1e:c0:be:33:35:1f:
31:e1:34:2c:57:15:44:36:b3:ff:70:cb:f3:7d:2e:
c8:1b:ec:f4:5c:c9:2e:72:9f:0a:63:09:89:00:7e:
16:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8B:7F:CF:25:62:4B:7A:D2:F8:68:21:B1:23:B5:43:E0:8A:8B:D0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O4t_zyViS3rS-GghsSO1Q-CKi9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bd:89:b5:b8:32:7f:21:20:60:4b:40:0a:cf:d5:c3:6c:a1:23:
c8:72:62:a4:b9:e7:a1:56:8f:01:91:c4:b7:12:59:9f:af:5c:
f7:75:08:19:8f:e1:c7:bb:94:52:20:41:1d:de:29:65:59:f0:
87:13:ae:81:d4:7b:9b:3b:13:ab:7d:07:9b:31:77:b1:30:04:
78:66:04:a2:f2:f2:ca:05:c6:13:ea:ca:90:62:1c:7b:d9:8b:
8a:99:fa:b9:24:53:bf:0e:b9:43:a7:fc:2a:a3:64:cf:4e:7c:
d2:3c:45:c5:6d:a8:d4:da:19:c0:dd:9c:13:02:90:3d:1e:00:
ec:06:0b:88:5d:4c:7a:4d:c2:fa:c4:46:f4:60:8d:0c:28:79:
ab:73:09:4f:30:08:0d:03:ad:16:0c:31:d8:69:39:5b:d5:e5:
67:00:82:79:45:82:2b:42:5c:ce:3e:0f:8f:67:47:d5:2c:d6:
a3:46:ad:ca:1e:df:27:9e:04:c6:1d:3a:83:1d:65:7b:eb:14:
8d:ff:ad:a9:49:d1:23:94:2b:3d:26:5f:5b:15:4f:a5:6d:26:
8f:e0:4f:0a:9f:67:71:5a:81:ce:06:7b:a1:1f:d7:34:73:61:
5d:65:5f:1a:bc:b6:2d:cf:d2:a7:01:63:6b:25:9e:44:a0:49:
92:7e:c7:ed
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrTw+v4oCHmDsmoXCC//1nPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI2MjMxMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhiN2ZjZjI1NjI0YjdhZDJmODY4MjFiMTIzYjU0M2UwOGE4YmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkphTchYGovBmSI80Eo7UQrU+Ia/H
ju44a7gf0t+WWpJcVRJXqocC3NUb/TjpwuBrUrs+lZWcI889gyCIJmaCgRahE7pz
VDfkCK+Q9yLyxtAhHbeRngCBTjTGOqF08OW1XApE7j1leJYOQb01w9a+9jlUbjU9
1MY69/JAyrtDopESy3MDgNLyghOkdB7SESEJ/PKP9cmGP9Mopme8yr0o3Euu7QQz
V8HFIiEOmZkdF8tn6ZDF66yDyxVxAmvwnxUXTBhvA7w+CyCtXUVftMwBuqYWF1wj
hGps+vEewL4zNR8x4TQsVxVENrP/cMvzfS7IG+z0XMkucp8KYwmJAH4WEwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDuLf88lYkt60vhoIbEjtUPgiovQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTzR0X3p5VmlTM3JTLUdnaHNTTzFRLUNLaTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL2JtbgyfyEgYEtACs/V
w2yhI8hyYqS556FWjwGRxLcSWZ+vXPd1CBmP4ce7lFIgQR3eKWVZ8IcTroHUe5s7
E6t9B5sxd7EwBHhmBKLy8soFxhPqypBiHHvZi4qZ+rkkU78OuUOn/CqjZM9OfNI8
RcVtqNTaGcDdnBMCkD0eAOwGC4hdTHpNwvrERvRgjQwoeatzCU8wCA0DrRYMMdhp
OVvV5WcAgnlFgitCXM4+D49nR9Us1qNGrcoe3yeeBMYdOoMdZXvrFI3/ralJ0SOU
Kz0mX1sVT6VtJo/gTwqfZ3Fagc4Ge6Ef1zRzYV1lXxq8ti3P0qcBY2slnkSgSZJ+
x+0=
-----END CERTIFICATE-----
Generated at Wed Apr 23 01:14:57 2025 by rpki-client