Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OWoUraoelBIBW22mhPEgQxlh7zM.roa
File: OWoUraoelBIBW22mhPEgQxlh7zM.roa (raw, json)
Hash identifier: PWqVEBsCKbLyRdhpb/Z5xUic5qCgwJN/lM90n56OT00=
Subject key identifier: 39:6A:14:AD:AA:1E:94:12:01:5B:6D:A6:84:F1:20:43:19:61:EF:33
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE292B4829C8CF06CE68974B1EA1A2D70
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OWoUraoelBIBW22mhPEgQxlh7zM.roa
Signing time: Fri 29 Sep 2023 20:12:59 +0000
ROA not before: Fri 29 Sep 2023 20:12:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e2:92:b4:82:9c:8c:f0:6c:e6:89:74:b1:ea:1a:2d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 20:12:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=396a14adaa1e9412015b6da684f120431961ef33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7e:5b:d5:2b:53:50:d8:21:a4:c2:62:d5:a0:
b6:a8:51:22:aa:ca:b1:7b:9e:9f:0f:ea:67:e5:5d:
53:e0:33:21:a3:9b:c7:78:38:4d:44:e3:9b:28:24:
c2:16:5f:fd:5b:48:1d:8f:ac:f0:0f:a6:10:6a:b5:
46:82:c7:41:4c:2d:64:a2:84:4c:c3:7a:7a:84:af:
94:34:99:bb:50:1f:d1:a1:4c:4f:3f:d9:47:54:38:
50:cf:c6:72:c4:10:31:5b:06:6a:0f:83:e2:5d:9a:
8d:25:a3:b2:01:ca:12:12:75:3a:c4:3f:28:63:b8:
56:1f:0b:6d:ea:73:e9:05:03:04:e3:16:0c:63:9a:
22:31:7f:ab:6c:73:07:5c:cc:42:f1:a4:7e:8c:0a:
c9:f9:ec:2d:44:14:38:ff:ea:1c:e9:8e:c5:d1:c5:
50:b6:fe:11:ec:29:f6:72:2f:c5:5b:23:86:dc:b1:
32:76:4b:fa:0b:4b:c8:5b:ce:50:f3:f1:d3:fa:fa:
41:0e:67:4e:bb:55:15:82:69:07:6c:19:4a:39:07:
3d:8e:ee:fa:1c:a2:81:2f:0c:24:4e:53:03:94:72:
38:dc:f8:76:cc:74:d5:60:bf:2b:d0:1f:9f:37:9e:
c3:34:18:41:d8:98:d7:46:9a:76:53:e1:1a:6d:63:
e5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6A:14:AD:AA:1E:94:12:01:5B:6D:A6:84:F1:20:43:19:61:EF:33
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OWoUraoelBIBW22mhPEgQxlh7zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:b6:66:d1:c1:b9:53:31:82:b6:81:f3:9b:79:b8:32:96:54:
28:e6:51:77:ac:c6:55:fb:5a:28:61:90:ed:80:0a:fa:be:7a:
e9:56:28:2a:4c:df:ca:ae:44:f1:f2:e0:6e:6e:43:19:1e:da:
be:c2:a0:ac:f4:5d:66:18:63:5d:8a:01:11:2d:81:d5:2b:3b:
f2:bb:bc:67:e9:f7:d4:d6:96:ab:61:ee:c9:5f:11:42:74:c4:
0f:d2:48:8d:28:be:35:bc:5d:06:e8:f0:e4:16:0d:6c:8c:9f:
13:af:f8:98:6b:9f:48:59:8c:4b:64:b1:44:4e:95:6f:9b:4f:
12:7c:be:97:2e:0a:f3:2d:05:b9:65:20:d1:04:47:33:b4:16:
7c:81:82:22:49:57:ff:56:a6:4f:58:90:2e:4c:71:04:0a:21:
27:d7:6b:2e:4c:4e:fb:8b:f8:44:9f:c1:0a:1d:78:b3:76:63:
c2:fc:e3:1a:5a:61:1f:6c:d6:79:90:ec:ee:52:de:96:04:d6:
ad:23:72:60:3d:8c:d0:4c:29:67:02:e4:dc:48:9b:e5:1a:6f:
ab:69:9f:36:84:ed:76:7a:61:6f:b3:07:f5:42:8d:90:56:5a:
f8:f6:5d:df:46:a3:96:2e:8f:92:79:4e:52:42:35:bb:b8:61:
61:47:70:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrikrSCnIzwbOaJdLHqGi1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MjAxMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZhMTRhZGFhMWU5NDEyMDE1YjZkYTY4NGYxMjA0MzE5NjFlZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX5b1StTUNghpMJi1aC2qFEiqsqx
e56fD+pn5V1T4DMho5vHeDhNROObKCTCFl/9W0gdj6zwD6YQarVGgsdBTC1kooRM
w3p6hK+UNJm7UB/RoUxPP9lHVDhQz8ZyxBAxWwZqD4PiXZqNJaOyAcoSEnU6xD8o
Y7hWHwtt6nPpBQME4xYMY5oiMX+rbHMHXMxC8aR+jArJ+ewtRBQ4/+oc6Y7F0cVQ
tv4R7Cn2ci/FWyOG3LEydkv6C0vIW85Q8/HT+vpBDmdOu1UVgmkHbBlKOQc9ju76
HKKBLwwkTlMDlHI43Ph2zHTVYL8r0B+fN57DNBhB2JjXRpp2U+EabWPl8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDlqFK2qHpQSAVttpoTxIEMZYe8zMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT1dvVXJhb2VsQklCVzIybWhQRWdReGxoN3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIm2ZtHBuVMxgraB85t5
uDKWVCjmUXesxlX7WihhkO2ACvq+eulWKCpM38quRPHy4G5uQxke2r7CoKz0XWYY
Y12KAREtgdUrO/K7vGfp99TWlqth7slfEUJ0xA/SSI0ovjW8XQbo8OQWDWyMnxOv
+Jhrn0hZjEtksUROlW+bTxJ8vpcuCvMtBbllINEERzO0FnyBgiJJV/9Wpk9YkC5M
cQQKISfXay5MTvuL+ESfwQodeLN2Y8L84xpaYR9s1nmQ7O5S3pYE1q0jcmA9jNBM
KWcC5NxIm+Uab6tpnzaE7XZ6YW+zB/VCjZBWWvj2Xd9Go5Yuj5J5TlJCNbu4YWFH
cCA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:33:53 2025 by rpki-client