Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OMWSeflCNfdvAJLoeChK4L9MoVE.roa
File: OMWSeflCNfdvAJLoeChK4L9MoVE.roa (raw, json)
Hash identifier: bjjppTtKpbptqqYn7uEH42xkhpJpEYNUMbBzVNszy1w=
Subject key identifier: 38:C5:92:79:F9:42:35:F7:6F:00:92:E8:78:28:4A:E0:BF:4C:A1:51
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BEE60DADC3690E386F74857895B77E315
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OMWSeflCNfdvAJLoeChK4L9MoVE.roa
Signing time: Mon 20 Nov 2023 20:16:46 +0000
ROA not before: Mon 20 Nov 2023 20:16:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ee:60:da:dc:36:90:e3:86:f7:48:57:89:5b:77:e3:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 20 20:16:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38c59279f94235f76f0092e878284ae0bf4ca151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:78:5d:fa:36:2a:6f:79:ec:f4:7f:3a:f2:04:
10:fe:1f:6d:cf:b1:ba:7a:c1:87:89:af:54:17:bc:
de:43:62:dd:f2:14:a4:6e:d3:1b:b9:da:00:d6:c4:
02:b2:71:4f:76:fb:9f:45:78:65:4f:40:ef:bf:94:
df:19:6d:b2:e9:10:13:4a:62:51:08:c3:8f:2c:59:
e0:be:53:f7:cf:ca:32:d5:6b:ea:35:da:55:20:01:
a4:73:c4:06:9f:7a:33:1a:fb:b2:ee:c5:72:49:93:
4c:8f:50:1d:28:58:bf:ac:f7:a1:46:e1:85:39:03:
52:9c:0a:99:fd:54:b7:8c:8f:22:5c:c7:5a:9a:88:
5e:94:dc:67:b3:7a:35:05:db:3a:38:67:6e:33:b4:
dc:5d:e3:b6:67:61:2c:05:4e:1a:30:f5:bc:ff:d8:
1b:61:7a:3e:8f:89:88:74:45:95:be:b4:d1:69:b6:
70:eb:41:1f:18:3e:95:57:1f:9d:ae:80:a6:79:68:
23:d6:86:1f:51:0a:52:09:db:1a:9f:be:f3:8f:dd:
dc:37:b2:64:38:84:49:d7:cb:a5:55:18:75:05:70:
a1:49:e4:b5:1d:24:28:ed:7f:cc:33:e8:5f:8a:93:
e6:97:41:3f:69:7e:f3:8c:5e:3a:55:41:89:c8:e8:
8b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C5:92:79:F9:42:35:F7:6F:00:92:E8:78:28:4A:E0:BF:4C:A1:51
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OMWSeflCNfdvAJLoeChK4L9MoVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:79:12:4c:be:b1:00:3a:44:6b:a0:cd:f7:f4:0b:74:42:b6:
69:3d:f2:46:2c:cb:28:51:72:42:14:3f:01:eb:5d:17:81:0f:
ec:31:27:04:94:90:a1:fc:be:ca:83:81:98:b7:39:8a:f2:2b:
d0:3a:43:71:5a:e4:89:09:4e:2f:64:41:2e:3c:71:3e:65:e0:
71:00:6b:65:31:07:64:ba:55:4e:8b:a6:77:53:e6:b6:46:f2:
e1:31:40:e0:aa:7e:3d:41:cf:24:78:4f:d3:46:04:6c:c2:5b:
07:da:1c:14:5d:34:55:8f:d5:f5:e3:ea:3c:06:5f:0c:6b:f4:
6a:c4:5c:0a:85:07:33:41:47:cf:f1:e4:22:25:23:9b:a4:48:
dc:a0:01:e7:50:50:6c:2c:f8:69:a1:39:ba:f6:49:c9:9b:38:
3b:57:21:34:9e:20:da:a1:81:a8:a6:d7:22:f7:da:97:30:82:
3d:c4:2c:70:37:92:6a:84:9f:86:2a:0b:c4:85:af:d0:1d:27:
f2:9b:c0:ed:1d:8e:28:9d:10:cc:11:ca:8d:71:55:7b:ab:36:
8f:42:61:82:fd:ea:f2:a8:28:a8:86:99:d6:d1:ab:51:48:23:
bc:7e:93:20:92:3e:f8:c7:d2:0c:2b:c4:e7:77:f1:b9:63:e7:
41:eb:c3:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvuYNrcNpDjhvdIV4lbd+MVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIwMjAxNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM1OTI3OWY5NDIzNWY3NmYwMDkyZTg3ODI4NGFlMGJmNGNhMTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Xhd+jYqb3ns9H868gQQ/h9tz7G6
esGHia9UF7zeQ2Ld8hSkbtMbudoA1sQCsnFPdvufRXhlT0Dvv5TfGW2y6RATSmJR
CMOPLFngvlP3z8oy1WvqNdpVIAGkc8QGn3ozGvuy7sVySZNMj1AdKFi/rPehRuGF
OQNSnAqZ/VS3jI8iXMdamohelNxns3o1Bds6OGduM7TcXeO2Z2EsBU4aMPW8/9gb
YXo+j4mIdEWVvrTRabZw60EfGD6VVx+droCmeWgj1oYfUQpSCdsan77zj93cN7Jk
OIRJ18ulVRh1BXChSeS1HSQo7X/MM+hfipPml0E/aX7zjF46VUGJyOiLUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDjFknn5QjX3bwCS6HgoSuC/TKFRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT01XU2VmbENOZmR2QUpMb2VDaEs0TDlNb1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADl5Eky+sQA6RGugzff0
C3RCtmk98kYsyyhRckIUPwHrXReBD+wxJwSUkKH8vsqDgZi3OYryK9A6Q3Fa5IkJ
Ti9kQS48cT5l4HEAa2UxB2S6VU6LpndT5rZG8uExQOCqfj1BzyR4T9NGBGzCWwfa
HBRdNFWP1fXj6jwGXwxr9GrEXAqFBzNBR8/x5CIlI5ukSNygAedQUGws+GmhObr2
ScmbODtXITSeINqhgaim1yL32pcwgj3ELHA3kmqEn4YqC8SFr9AdJ/KbwO0djiid
EMwRyo1xVXurNo9CYYL96vKoKKiGmdbRq1FII7x+kyCSPvjH0gwrxOd38blj50Hr
w2k=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:56:49 2025 by rpki-client