Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OBml0qRRh2q7q3AsC4zOSodzyBk.roa
File: OBml0qRRh2q7q3AsC4zOSodzyBk.roa (raw, json)
Hash identifier: WqM0n1/GdTIIjlsvW9mLrGzXaL+ezHKoOceAWJdvCO4=
Subject key identifier: 38:19:A5:D2:A4:51:87:6A:BB:AB:70:2C:0B:8C:CE:4A:87:73:C8:19
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5AB5587AA9D1DF0A0C4EAE71F1C9BEC3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OBml0qRRh2q7q3AsC4zOSodzyBk.roa
Signing time: Mon 23 Oct 2023 04:05:15 +0000
ROA not before: Mon 23 Oct 2023 04:05:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:5ab4:c52a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5a:b5:58:7a:a9:d1:df:0a:0c:4e:ae:71:f1:c9:be:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 23 04:05:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3819a5d2a451876abbab702c0b8cce4a8773c819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5b:55:2d:96:a2:e6:1d:bb:64:85:a0:c8:5f:
66:fb:00:56:04:53:29:b4:cc:ca:d4:08:c2:c3:32:
25:c8:b0:39:49:32:ec:fe:f8:f6:16:ff:77:d0:f0:
45:ef:dd:19:89:a2:67:83:cb:b8:fd:92:aa:3a:77:
36:1e:ef:c7:15:bb:1b:64:df:dd:a8:ee:ea:2d:e0:
15:0d:46:15:86:05:de:db:e4:e4:7a:95:a3:a6:4c:
6f:e1:ac:f5:79:95:0b:7a:a9:60:d6:a7:b3:75:24:
5b:d1:e8:2d:21:e8:6c:6c:22:a9:15:7d:fc:3c:9c:
4d:54:fd:2e:db:97:f8:27:72:b5:77:41:60:40:c5:
6d:ef:91:21:62:5f:8d:f7:bc:05:43:38:ea:f0:61:
4e:d3:a8:53:f1:7a:76:0a:06:69:93:c7:35:4e:53:
21:84:48:b9:fe:40:5d:c6:7b:8f:fe:f9:35:41:e8:
1a:88:b3:a0:e3:a8:97:43:fe:56:ff:dc:82:c1:a4:
5a:67:02:fc:f7:ea:c5:8b:53:c5:f0:f1:2b:c7:fd:
6b:72:86:59:31:34:82:8e:4a:5c:9b:09:a7:08:64:
ca:09:3f:6f:0d:bb:ef:1d:ec:d8:df:44:af:d5:9f:
44:17:2a:eb:38:40:e8:e1:48:c9:b0:90:8b:9a:5d:
56:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:19:A5:D2:A4:51:87:6A:BB:AB:70:2C:0B:8C:CE:4A:87:73:C8:19
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OBml0qRRh2q7q3AsC4zOSodzyBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:db:7d:89:f1:c5:a5:de:b8:19:5f:e3:c9:2d:c0:31:20:fc:
9a:92:bf:5b:ad:1a:83:3e:2e:a3:71:a6:ed:4d:df:e5:0e:ab:
b1:fd:8f:15:0e:60:c9:9b:48:dd:b3:e5:67:bc:97:dd:a5:07:
d2:06:ca:8e:e3:ec:c1:fd:22:27:a2:57:ea:01:41:1f:07:6b:
14:9a:61:bd:20:a9:71:02:4e:27:61:0c:42:39:26:d9:ef:bd:
fb:be:6e:ba:cb:48:bd:fb:b3:a5:24:f7:58:f6:64:ed:d9:8c:
c1:0d:1c:dc:e8:71:d4:d9:9e:f7:7b:14:0c:00:68:38:ca:5d:
25:cc:ec:71:2f:1a:52:6c:55:ee:df:77:62:9b:6c:61:5b:4e:
78:75:ac:b6:49:2e:22:52:e8:2b:3a:57:62:35:fe:c4:99:88:
36:96:fb:f4:16:fc:40:90:61:5f:21:7e:09:75:27:57:53:79:
04:e5:c0:79:d5:2c:61:3f:86:a0:b8:cf:10:30:fc:54:c3:ca:
df:a1:4b:89:a0:50:4f:e5:44:a6:f0:b9:73:b1:c1:b1:34:d5:
10:5d:61:80:aa:9d:c9:7f:d3:9a:cc:15:83:40:60:62:f3:93:
97:2e:06:58:a8:e4:b3:e2:b4:22:dc:57:64:ca:be:bb:6a:4b:
6b:6b:6e:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtatVh6qdHfCgxOrnHxyb7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIzMDQwNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODE5YTVkMmE0NTE4NzZhYmJhYjcwMmMwYjhjY2U0YTg3NzNjODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFtVLZai5h27ZIWgyF9m+wBWBFMp
tMzK1AjCwzIlyLA5STLs/vj2Fv930PBF790ZiaJng8u4/ZKqOnc2Hu/HFbsbZN/d
qO7qLeAVDUYVhgXe2+TkepWjpkxv4az1eZULeqlg1qezdSRb0egtIehsbCKpFX38
PJxNVP0u25f4J3K1d0FgQMVt75EhYl+N97wFQzjq8GFO06hT8Xp2CgZpk8c1TlMh
hEi5/kBdxnuP/vk1QegaiLOg46iXQ/5W/9yCwaRaZwL89+rFi1PF8PErx/1rcoZZ
MTSCjkpcmwmnCGTKCT9vDbvvHezY30Sv1Z9EFyrrOEDo4UjJsJCLml1WVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDgZpdKkUYdqu6twLAuMzkqHc8gZMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT0JtbDBxUlJoMnE3cTNBc0M0ek9Tb2R6eUJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH3bfYnxxaXeuBlf48kt
wDEg/JqSv1utGoM+LqNxpu1N3+UOq7H9jxUOYMmbSN2z5We8l92lB9IGyo7j7MH9
IieiV+oBQR8HaxSaYb0gqXECTidhDEI5Jtnvvfu+brrLSL37s6Uk91j2ZO3ZjMEN
HNzocdTZnvd7FAwAaDjKXSXM7HEvGlJsVe7fd2KbbGFbTnh1rLZJLiJS6Cs6V2I1
/sSZiDaW+/QW/ECQYV8hfgl1J1dTeQTlwHnVLGE/hqC4zxAw/FTDyt+hS4mgUE/l
RKbwuXOxwbE01RBdYYCqncl/05rMFYNAYGLzk5cuBlio5LPitCLcV2TKvrtqS2tr
buY=
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:21:50 2025 by rpki-client