Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OUCwgjjIQsA9t692PQguYZ7kaYw.roa
File: OUCwgjjIQsA9t692PQguYZ7kaYw.roa (raw, json)
Hash identifier: a0CnYkrH0d7myqIyXgyCLdPr70UCeYR8BfFQ4LmR1m0=
Subject key identifier: 39:40:B0:82:38:C8:42:C0:3D:B7:AF:76:3D:08:2E:61:9E:E4:69:8C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AC8D52B179396B9CC7CFEDB3FFB773B8A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OUCwgjjIQsA9t692PQguYZ7kaYw.roa
Signing time: Sun 24 Sep 2023 20:15:27 +0000
ROA not before: Sun 24 Sep 2023 20:15:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:c8:d5:2b:17:93:96:b9:cc:7c:fe:db:3f:fb:77:3b:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 24 20:15:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3940b08238c842c03db7af763d082e619ee4698c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8f:0a:f6:0e:ba:e4:13:54:be:fe:33:21:82:
aa:ad:26:01:e5:93:e8:8f:a0:4c:cc:a8:2f:36:3f:
7e:d9:5d:72:05:49:a0:de:b1:97:1a:42:89:c3:d8:
64:37:c3:17:35:bc:84:20:cb:fd:68:2a:eb:16:4a:
d7:98:26:65:cd:a9:c6:cd:0d:09:c7:27:4f:53:89:
d0:bb:f4:a0:77:de:a7:a0:5d:0e:07:b7:13:d7:93:
35:96:e2:d6:08:92:e1:90:31:15:ed:c6:ce:fd:af:
9c:e8:d5:27:71:f4:9b:83:68:da:d7:02:49:0c:9c:
66:fb:80:bc:6d:df:1f:8b:a1:1b:56:94:de:74:2e:
b4:af:f1:d0:bb:33:22:14:67:11:53:2b:49:82:c3:
72:47:1c:c8:a8:62:87:97:67:1b:fe:8b:47:44:24:
fd:a4:02:c7:5c:e3:01:94:00:7b:0f:f1:ce:52:84:
25:c7:e1:c4:ae:7f:f7:2e:e5:21:61:67:2d:da:01:
06:8f:0b:a2:0d:c0:e3:13:4f:31:d1:ac:e4:1f:28:
15:e9:04:b4:6a:a0:0c:19:92:bd:a4:06:75:f6:60:
3d:ca:69:ad:c9:a2:70:2c:17:5c:a0:a1:14:fd:9e:
94:ce:4c:11:1e:44:92:0f:96:90:3c:3d:99:5e:7e:
b7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:40:B0:82:38:C8:42:C0:3D:B7:AF:76:3D:08:2E:61:9E:E4:69:8C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OUCwgjjIQsA9t692PQguYZ7kaYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:c0:be:37:d3:86:5d:14:63:54:da:02:a7:05:c7:b2:3f:b1:
93:5a:97:0e:81:f6:98:cb:89:b2:dd:2e:6b:6c:b5:3e:c4:14:
9d:e6:a6:36:d1:ba:fe:3c:40:4f:81:b3:32:03:ba:d3:88:48:
22:54:1e:9f:d9:6d:a9:0f:16:27:6f:cf:7c:35:6d:e4:8e:6f:
2b:08:49:b1:da:69:7d:a8:a1:e3:e0:24:7c:f7:b3:b1:e0:68:
f4:33:4d:99:16:64:8e:07:4b:8e:5b:a7:b8:dd:4c:0c:05:10:
d6:b1:16:cf:a0:60:16:67:c6:54:1a:48:2c:b5:f4:f2:7d:2f:
24:cf:bd:b9:6f:a1:8a:18:a8:88:fa:de:4f:09:1b:e1:99:90:
2e:3f:ba:8f:f1:92:f6:c6:7f:89:44:06:35:b2:69:1f:e1:60:
8a:74:d9:ca:60:0c:13:38:c3:f1:20:e7:f6:9f:8d:13:8d:5a:
ed:a0:ec:23:ea:f9:ca:74:c4:87:9f:0d:77:be:90:c1:01:af:
1e:c6:cd:b9:c4:d5:db:2f:19:d9:b0:4d:46:08:22:78:08:14:
35:df:14:d5:32:e2:99:20:cc:56:f6:6f:ea:bd:3c:e4:99:da:
4b:1f:4c:19:4e:a0:76:cc:63:ea:87:32:94:64:e6:f8:31:83:
6e:12:08:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrI1SsXk5a5zHz+2z/7dzuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI0MjAxNTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQwYjA4MjM4Yzg0MmMwM2RiN2FmNzYzZDA4MmU2MTllZTQ2OThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo8K9g665BNUvv4zIYKqrSYB5ZPo
j6BMzKgvNj9+2V1yBUmg3rGXGkKJw9hkN8MXNbyEIMv9aCrrFkrXmCZlzanGzQ0J
xydPU4nQu/Sgd96noF0OB7cT15M1luLWCJLhkDEV7cbO/a+c6NUncfSbg2ja1wJJ
DJxm+4C8bd8fi6EbVpTedC60r/HQuzMiFGcRUytJgsNyRxzIqGKHl2cb/otHRCT9
pALHXOMBlAB7D/HOUoQlx+HErn/3LuUhYWct2gEGjwuiDcDjE08x0azkHygV6QS0
aqAMGZK9pAZ19mA9ymmtyaJwLBdcoKEU/Z6UzkwRHkSSD5aQPD2ZXn63KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDlAsII4yELAPbevdj0ILmGe5GmMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT1VDd2dqaklRc0E5dDY5MlBRZ3VZWjdrYVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGDAvjfThl0UY1TaAqcF
x7I/sZNalw6B9pjLibLdLmtstT7EFJ3mpjbRuv48QE+BszIDutOISCJUHp/ZbakP
Fidvz3w1beSObysISbHaaX2ooePgJHz3s7HgaPQzTZkWZI4HS45bp7jdTAwFENax
Fs+gYBZnxlQaSCy19PJ9LyTPvblvoYoYqIj63k8JG+GZkC4/uo/xkvbGf4lEBjWy
aR/hYIp02cpgDBM4w/Eg5/afjRONWu2g7CPq+cp0xIefDXe+kMEBrx7GzbnE1dsv
GdmwTUYIIngIFDXfFNUy4pkgzFb2b+q9POSZ2ksfTBlOoHbMY+qHMpRk5vgxg24S
CPs=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:09:13 2025 by rpki-client