Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OLu7yc5WYYWjWrjFXTWC_ek-Kfk.roa
File: OLu7yc5WYYWjWrjFXTWC_ek-Kfk.roa (raw, json)
Hash identifier: m9GUGx7byRwkKHD8l66FIae5kWOlwQNk9sWUFDYh0ho=
Subject key identifier: 38:BB:BB:C9:CE:56:61:85:A3:5A:B8:C5:5D:35:82:FD:E9:3E:29:F9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ADC24963C2EE2CF32343B15B8FA925CB1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OLu7yc5WYYWjWrjFXTWC_ek-Kfk.roa
Signing time: Thu 28 Sep 2023 14:14:59 +0000
ROA not before: Thu 28 Sep 2023 14:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:dc:24:96:3c:2e:e2:cf:32:34:3b:15:b8:fa:92:5c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 14:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38bbbbc9ce566185a35ab8c55d3582fde93e29f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ec:34:1d:ea:ab:f0:f2:81:7f:74:93:a2:44:
0e:8f:d5:5a:aa:b6:b6:27:7d:b4:64:18:c4:17:3a:
24:8e:5a:cc:bf:da:a7:21:37:8a:ca:dd:69:70:35:
fe:3a:8f:fb:c3:58:32:59:af:82:6b:a6:c7:d2:b7:
39:40:b5:af:10:1b:8f:d4:37:80:39:f7:72:94:8a:
b1:8f:19:df:10:df:e7:f0:c1:d5:b1:ec:85:e1:5b:
b8:55:5e:6a:a7:a4:3f:83:6e:49:a9:13:cf:d1:46:
21:f4:c3:76:c7:37:98:c7:71:17:51:37:f7:b6:2a:
61:63:db:3a:bd:c0:68:86:3c:d1:bb:ba:fd:8b:d9:
4c:77:cc:75:2c:eb:66:4f:2d:d0:26:ee:4b:58:7c:
f6:3b:55:44:1b:ff:bc:db:d6:cd:2b:e6:7c:5f:b2:
6d:3b:aa:ec:97:4c:96:76:72:a2:81:29:85:67:d9:
c9:a4:03:21:f3:c4:4d:a2:cd:61:cd:01:df:24:41:
51:d2:9e:52:94:d6:ee:88:50:39:a4:a9:1d:01:2d:
8e:a3:14:d0:15:07:35:33:c1:1d:b9:51:93:81:f6:
14:7a:87:aa:6f:75:24:bd:b2:f7:df:fa:85:0b:6f:
ae:71:bd:6b:c2:0d:8e:01:65:af:67:21:14:5b:22:
ca:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BB:BB:C9:CE:56:61:85:A3:5A:B8:C5:5D:35:82:FD:E9:3E:29:F9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OLu7yc5WYYWjWrjFXTWC_ek-Kfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:92:55:f3:42:0e:5a:14:96:27:ce:fd:bc:e4:66:08:61:8b:
40:49:9f:52:83:1a:1f:f2:78:dc:e9:7b:8f:2c:21:c3:b1:42:
24:02:ec:1a:fd:56:b7:b3:18:03:e8:ba:70:12:4c:68:21:15:
97:83:7e:c5:23:d2:1c:2e:55:c1:12:cc:78:39:f6:58:8c:78:
f4:f2:5b:1d:9f:db:69:3a:25:9b:b4:5d:57:b2:4b:29:02:42:
41:9c:18:a9:49:ae:f0:9d:92:1b:a5:58:a5:77:b1:cf:4e:f2:
96:44:92:a3:e1:ba:c6:a0:d0:6d:f0:a8:e5:ac:42:dd:f1:33:
64:4a:a3:d5:d5:16:d6:c7:8c:9a:70:6f:b8:67:87:2c:a6:17:
e8:bb:41:a0:01:65:26:ae:fa:21:dc:32:0c:b2:c9:30:c8:df:
11:13:fb:c4:2c:51:57:11:c3:6e:d3:59:4e:bf:5a:50:74:c2:
ab:72:82:d5:a3:87:18:a4:e9:15:e9:36:85:11:57:cb:51:94:
f8:5f:85:15:85:94:97:9d:ef:e2:84:55:62:e8:57:c9:cd:a9:
f1:08:8d:ae:24:4f:71:7e:fc:c3:68:ad:34:9a:8f:f5:f7:e1:
8c:b2:53:7b:7b:6c:b8:2d:c8:88:74:4c:8f:8c:7e:fd:2e:df:
0b:93:7b:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrcJJY8LuLPMjQ7Fbj6klyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MTQxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGJiYmJjOWNlNTY2MTg1YTM1YWI4YzU1ZDM1ODJmZGU5M2UyOWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+w0Heqr8PKBf3STokQOj9Vaqra2
J320ZBjEFzokjlrMv9qnITeKyt1pcDX+Oo/7w1gyWa+Ca6bH0rc5QLWvEBuP1DeA
OfdylIqxjxnfEN/n8MHVseyF4Vu4VV5qp6Q/g25JqRPP0UYh9MN2xzeYx3EXUTf3
tiphY9s6vcBohjzRu7r9i9lMd8x1LOtmTy3QJu5LWHz2O1VEG/+829bNK+Z8X7Jt
O6rsl0yWdnKigSmFZ9nJpAMh88RNos1hzQHfJEFR0p5SlNbuiFA5pKkdAS2OoxTQ
FQc1M8EduVGTgfYUeoeqb3UkvbL33/qFC2+ucb1rwg2OAWWvZyEUWyLKawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDi7u8nOVmGFo1q4xV01gv3pPin5MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT0x1N3ljNVdZWVdqV3JqRlhUV0NfZWstS2ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACaSVfNCDloUlifO/bzk
Zghhi0BJn1KDGh/yeNzpe48sIcOxQiQC7Br9VrezGAPounASTGghFZeDfsUj0hwu
VcESzHg59liMePTyWx2f22k6JZu0XVeySykCQkGcGKlJrvCdkhulWKV3sc9O8pZE
kqPhusag0G3wqOWsQt3xM2RKo9XVFtbHjJpwb7hnhyymF+i7QaABZSau+iHcMgyy
yTDI3xET+8QsUVcRw27TWU6/WlB0wqtygtWjhxik6RXpNoURV8tRlPhfhRWFlJed
7+KEVWLoV8nNqfEIja4kT3F+/MNorTSaj/X34YyyU3t7bLgtyIh0TI+Mfv0u3wuT
e3Y=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:42:29 2025 by rpki-client