Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OT2XFyoiAK1kxjWVY6OfCOxedLU.roa
File: OT2XFyoiAK1kxjWVY6OfCOxedLU.roa (raw, json)
Hash identifier: JGfAn/uRKUxr9xs61CNqZEHz0kapXMUv9gbYydGzyoY=
Subject key identifier: 39:3D:97:17:2A:22:00:AD:64:C6:35:95:63:A3:9F:08:EC:5E:74:B5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC753DF344750BC0023916551260C068F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OT2XFyoiAK1kxjWVY6OfCOxedLU.roa
Signing time: Sun 24 Sep 2023 13:14:37 +0000
ROA not before: Sun 24 Sep 2023 13:14:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c7:53:df:34:47:50:bc:00:23:91:65:51:26:0c:06:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 13:14:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=393d97172a2200ad64c6359563a39f08ec5e74b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:af:76:8d:08:98:d8:2e:ff:00:69:23:69:98:
a9:c0:81:e1:6d:44:d9:8d:8d:ee:8b:79:11:5a:c8:
1f:4e:16:94:3d:bd:b5:cf:2b:66:a3:77:f0:9e:cc:
fa:b5:a1:5e:19:df:b5:58:3a:97:34:a4:4a:bd:27:
84:55:84:1f:0f:8f:07:eb:f7:c8:e0:4b:5b:69:f8:
74:8f:c8:59:c5:3f:07:6f:d6:a0:3f:6d:52:29:71:
eb:d6:dc:bb:ba:da:ff:e0:72:12:40:bf:09:6d:74:
e9:14:94:8b:0f:82:f3:20:79:cd:45:5d:ec:de:dd:
77:bf:09:9e:c2:4b:e2:91:67:46:05:e4:e4:c8:fe:
8f:46:0b:80:b1:ad:7c:bd:b2:a9:64:bb:dd:56:b0:
b1:9e:04:de:7e:03:e9:6f:43:e0:12:17:30:59:37:
ff:2b:a4:a3:3b:76:85:b6:2b:ea:29:7d:33:68:5c:
38:a6:40:b7:67:01:75:ad:bb:49:62:5e:ea:63:4d:
97:2c:4c:b0:16:a8:82:da:7b:9b:4e:cc:af:b4:89:
78:26:8c:08:b2:f1:90:ea:e4:58:9f:60:d1:91:9d:
4c:e2:23:5a:bb:01:51:e6:e2:6a:40:cd:51:0f:b1:
ad:be:97:65:3d:ab:08:38:f4:45:e8:48:54:fa:b0:
a8:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3D:97:17:2A:22:00:AD:64:C6:35:95:63:A3:9F:08:EC:5E:74:B5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OT2XFyoiAK1kxjWVY6OfCOxedLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:bd:96:79:36:3a:df:ad:07:14:fe:3b:2e:bd:fd:0e:d4:64:
4d:91:bf:81:cc:48:39:7c:ae:09:42:b4:a6:14:17:24:51:95:
99:e0:56:a6:da:e9:46:39:d8:79:9b:ae:f9:c3:96:2a:4c:67:
a8:1c:03:0e:7e:2e:fd:de:36:56:a5:b3:99:4f:14:cb:b1:db:
7e:be:4c:25:90:9f:ce:35:2a:c5:90:89:b2:eb:f7:d1:76:18:
c3:cb:fc:2e:44:a0:ba:d9:f9:c0:cc:8d:b5:77:bb:1c:24:86:
ca:5b:f1:bd:01:0c:60:72:fb:4c:b0:14:1d:02:a9:19:b7:4f:
1e:22:d8:08:ce:52:52:85:d5:67:b9:16:cc:13:dd:37:bc:10:
b2:00:fd:14:87:43:88:78:a9:1e:5b:1e:8f:a9:4d:e2:da:65:
e6:23:20:67:b9:f8:d4:17:03:11:f6:d6:f8:ff:75:9e:85:0d:
34:77:5b:1e:f1:0e:bc:e8:14:78:dc:39:88:9b:98:c7:1e:be:
28:2c:3b:3e:6f:b5:64:9e:2a:c9:e9:e1:72:e4:e1:b0:c3:e6:
42:b4:2e:f7:8b:e3:ba:37:c1:06:95:90:12:e3:2e:e5:8a:b0:
fb:53:b1:8b:aa:e6:3e:47:29:17:43:11:23:8f:e6:25:00:d1:
c5:31:44:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrHU980R1C8ACORZVEmDAaPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MTMxNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNkOTcxNzJhMjIwMGFkNjRjNjM1OTU2M2EzOWYwOGVjNWU3NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgK92jQiY2C7/AGkjaZipwIHhbUTZ
jY3ui3kRWsgfThaUPb21zytmo3fwnsz6taFeGd+1WDqXNKRKvSeEVYQfD48H6/fI
4Etbafh0j8hZxT8Hb9agP21SKXHr1ty7utr/4HISQL8JbXTpFJSLD4LzIHnNRV3s
3t13vwmewkvikWdGBeTkyP6PRguAsa18vbKpZLvdVrCxngTefgPpb0PgEhcwWTf/
K6SjO3aFtivqKX0zaFw4pkC3ZwF1rbtJYl7qY02XLEywFqiC2nubTsyvtIl4JowI
svGQ6uRYn2DRkZ1M4iNauwFR5uJqQM1RD7GtvpdlPasIOPRF6EhU+rCoxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDk9lxcqIgCtZMY1lWOjnwjsXnS1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT1QyWEZ5b2lBSzFreGpXVlk2T2ZDT3hlZExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABm9lnk2Ot+tBxT+Oy69
/Q7UZE2Rv4HMSDl8rglCtKYUFyRRlZngVqba6UY52HmbrvnDlipMZ6gcAw5+Lv3e
Nlals5lPFMux236+TCWQn841KsWQibLr99F2GMPL/C5EoLrZ+cDMjbV3uxwkhspb
8b0BDGBy+0ywFB0CqRm3Tx4i2AjOUlKF1We5FswT3Te8ELIA/RSHQ4h4qR5bHo+p
TeLaZeYjIGe5+NQXAxH21vj/dZ6FDTR3Wx7xDrzoFHjcOYibmMcevigsOz5vtWSe
Ksnp4XLk4bDD5kK0LveL47o3wQaVkBLjLuWKsPtTsYuq5j5HKRdDESOP5iUA0cUx
RAo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:44:26 2025 by rpki-client