Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OE3epnMzm-DkQubRSeXK4Uj3q7A.roa
File: OE3epnMzm-DkQubRSeXK4Uj3q7A.roa (raw, json)
Hash identifier: L7qTgdtX1WFtQivbyq4aMKKNa7wSOMbEEtUQNQ8edtQ=
Subject key identifier: 38:4D:DE:A6:73:33:9B:E0:E4:42:E6:D1:49:E5:CA:E1:48:F7:AB:B0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFE41DCAA7808BBD9AA3DFFF6A96012C5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OE3epnMzm-DkQubRSeXK4Uj3q7A.roa
Signing time: Thu 23 Nov 2023 22:16:51 +0000
ROA not before: Thu 23 Nov 2023 22:16:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fe:41:dc:aa:78:08:bb:d9:aa:3d:ff:f6:a9:60:12:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 22:16:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=384ddea673339be0e442e6d149e5cae148f7abb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:58:33:f3:10:04:b0:b9:e3:c7:fc:b0:81:28:
05:6e:19:4a:f5:41:ee:e6:98:f5:d7:98:6b:bb:1b:
60:b7:a9:37:a2:3e:de:2f:b6:be:f9:a3:50:62:8a:
20:28:fa:fb:67:49:3c:02:c3:18:88:85:49:3f:70:
8b:6f:1e:28:74:37:b6:61:81:79:fe:50:b5:8f:57:
21:82:6c:49:57:dd:4b:8e:95:7e:73:4e:d9:b2:25:
97:57:20:0c:ba:b4:28:c9:eb:ca:c9:fb:7a:b4:39:
da:9b:44:ef:d9:c7:06:68:ee:93:0a:d8:a6:65:f2:
80:20:b5:34:9e:f1:66:88:50:46:bc:92:e4:f5:24:
fa:22:50:cd:9e:51:6c:7b:f3:f1:88:47:79:3b:be:
ee:9a:fe:b9:9a:f1:06:06:40:19:7b:af:e4:b9:14:
e4:20:7c:1f:d3:ee:7e:55:5e:35:31:90:bd:3a:18:
51:a7:f5:54:1e:70:66:3e:af:37:4b:5a:57:8f:17:
b9:ac:dd:10:58:1a:07:d6:a7:d9:ca:d7:00:2a:f0:
e2:5b:c6:36:cf:f4:22:e6:f0:ea:63:7f:66:c2:aa:
18:db:59:c1:78:87:00:9f:9a:96:21:f5:5b:de:db:
52:cd:38:1e:48:27:00:fc:60:32:f7:5f:08:b7:14:
3a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:4D:DE:A6:73:33:9B:E0:E4:42:E6:D1:49:E5:CA:E1:48:F7:AB:B0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OE3epnMzm-DkQubRSeXK4Uj3q7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:fe:85:12:89:6e:4c:86:e7:a0:7a:c0:23:a1:98:06:92:e7:
83:1b:48:f1:8b:08:35:53:a7:ac:f5:84:c1:36:55:54:d7:13:
96:0f:f8:d4:a2:22:43:c0:00:08:d8:89:59:15:8b:fb:e0:50:
99:80:b5:d9:c2:58:20:b1:38:08:70:ac:cd:af:7b:0c:43:81:
24:91:48:14:55:b1:bf:5a:e6:b4:59:25:7b:5a:8d:05:37:b0:
2f:67:3d:f5:c3:3d:ed:ea:c3:72:27:55:fd:95:b7:6c:bc:ca:
f3:9c:df:8f:e9:4f:8e:9c:80:c2:34:ff:64:1e:ee:c6:ef:cc:
9c:d6:47:89:8d:c5:a1:0d:fa:6d:99:6f:ec:5a:e0:58:f5:08:
da:cf:d4:03:24:e3:e8:3b:ec:1e:87:72:7f:ca:c3:ba:5d:10:
dc:d5:5e:79:17:b8:99:b1:53:17:fd:eb:9c:31:e4:01:36:a1:
39:86:b2:3a:02:ce:af:1d:4f:48:94:b6:29:c8:0c:bb:1d:ac:
cf:41:f0:ef:ec:02:6d:a9:e8:84:de:4c:e3:8a:f3:e6:a8:60:
49:cd:2e:40:c1:06:be:14:7c:3a:a1:b2:7d:6d:51:a6:11:f0:
31:7a:a6:7c:02:c3:91:4c:5d:ff:e0:b5:ed:cb:03:5a:c4:43:
cc:cd:7b:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv+QdyqeAi72ao9//apYBLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMjIxNjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODRkZGVhNjczMzM5YmUwZTQ0MmU2ZDE0OWU1Y2FlMTQ4ZjdhYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVgz8xAEsLnjx/ywgSgFbhlK9UHu
5pj115hruxtgt6k3oj7eL7a++aNQYoogKPr7Z0k8AsMYiIVJP3CLbx4odDe2YYF5
/lC1j1chgmxJV91LjpV+c07ZsiWXVyAMurQoyevKyft6tDnam0Tv2ccGaO6TCtim
ZfKAILU0nvFmiFBGvJLk9ST6IlDNnlFse/PxiEd5O77umv65mvEGBkAZe6/kuRTk
IHwf0+5+VV41MZC9OhhRp/VUHnBmPq83S1pXjxe5rN0QWBoH1qfZytcAKvDiW8Y2
z/Qi5vDqY39mwqoY21nBeIcAn5qWIfVb3ttSzTgeSCcA/GAy918ItxQ6FwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDhN3qZzM5vg5ELm0UnlyuFI96uwMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT0UzZXBuTXptLURrUXViUlNlWEs0VWozcTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHL+hRKJbkyG56B6wCOh
mAaS54MbSPGLCDVTp6z1hME2VVTXE5YP+NSiIkPAAAjYiVkVi/vgUJmAtdnCWCCx
OAhwrM2vewxDgSSRSBRVsb9a5rRZJXtajQU3sC9nPfXDPe3qw3InVf2Vt2y8yvOc
34/pT46cgMI0/2Qe7sbvzJzWR4mNxaEN+m2Zb+xa4Fj1CNrP1AMk4+g77B6Hcn/K
w7pdENzVXnkXuJmxUxf965wx5AE2oTmGsjoCzq8dT0iUtinIDLsdrM9B8O/sAm2p
6ITeTOOK8+aoYEnNLkDBBr4UfDqhsn1tUaYR8DF6pnwCw5FMXf/gte3LA1rEQ8zN
e60=
-----END CERTIFICATE-----
Generated at Tue Apr 22 10:35:23 2025 by rpki-client