Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OXfmgVte63QLcOqjPGrsznFOhGQ.roa
File: OXfmgVte63QLcOqjPGrsznFOhGQ.roa (raw, json)
Hash identifier: eGjwdK/kQ28bjSrGojacGitDwKO4o6EihxtS7rHegeQ=
Subject key identifier: 39:77:E6:81:5B:5E:EB:74:0B:70:EA:A3:3C:6A:EC:CE:71:4E:84:64
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE14A07E7A4875192A5C90231AEB8FA11
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OXfmgVte63QLcOqjPGrsznFOhGQ.roa
Signing time: Fri 29 Sep 2023 14:13:59 +0000
ROA not before: Fri 29 Sep 2023 14:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e1:4a:07:e7:a4:87:51:92:a5:c9:02:31:ae:b8:fa:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 29 14:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3977e6815b5eeb740b70eaa33c6aecce714e8464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:69:94:5b:c7:f4:ab:98:72:84:6a:d7:d6:c1:
c9:ca:f6:67:45:d9:ac:bc:df:b0:17:22:1a:85:47:
d2:a6:15:e9:af:91:df:40:ea:63:59:a3:d9:7c:8c:
13:ad:cd:f8:34:50:bc:3f:47:23:c2:ad:dd:79:de:
9b:f3:6c:d7:d3:36:76:9b:93:32:71:ed:8f:53:21:
7a:a5:f1:13:43:4f:c8:c1:0e:66:7d:60:d8:fe:2d:
80:21:3e:f1:c8:81:55:76:67:5f:74:f0:8d:a9:c0:
d2:c8:6f:28:36:0b:06:84:8b:02:cc:d7:4a:d6:52:
c1:f8:b8:ae:fb:99:29:4d:c6:b2:c0:01:a1:73:4e:
45:d3:e2:97:4f:a7:a6:e9:0a:84:24:ba:f0:48:a1:
46:a5:c5:8a:48:1f:30:45:4a:ba:9f:b4:df:f1:55:
a6:b8:70:d9:c5:47:cd:8c:08:a9:b9:fc:52:42:a3:
83:57:84:11:4b:ef:cf:1d:70:1c:c1:4d:f7:d3:3b:
5c:0d:3e:cc:ab:d5:0e:9f:7a:1a:e7:4a:8c:63:8f:
4f:5f:f5:b5:bd:30:1d:82:4d:2e:a6:30:7e:3c:90:
06:6a:dd:8f:d6:58:13:92:f0:84:ee:f7:9a:7f:80:
76:b3:91:9e:fe:f8:3b:50:59:42:db:a4:92:7e:66:
39:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:77:E6:81:5B:5E:EB:74:0B:70:EA:A3:3C:6A:EC:CE:71:4E:84:64
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OXfmgVte63QLcOqjPGrsznFOhGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:3e:98:a1:a8:19:b6:41:ed:7c:67:8e:b5:70:af:43:f4:c9:
94:18:97:d8:76:e5:23:0f:f4:73:06:61:29:7d:4c:0d:ff:6d:
91:b5:ca:c9:54:17:6a:a8:0b:36:63:1c:6e:38:b0:10:a1:ae:
8a:2a:3f:fa:ae:0b:01:70:25:ca:fe:7d:ab:a5:3e:76:b7:5c:
a5:dd:66:63:d5:6b:0d:a5:af:de:49:fa:5c:bb:0c:b0:82:a6:
9e:4c:56:84:57:f0:98:46:35:0d:44:0e:ff:f3:f9:64:ce:98:
27:8e:59:c8:0f:4f:da:25:42:f4:e2:6b:34:c2:36:e3:f4:92:
78:c1:39:60:32:e9:d0:49:75:36:39:11:02:cf:d0:c8:75:4b:
3c:14:db:a0:08:a9:a2:a7:6b:2a:20:13:a1:36:9e:b6:76:d6:
89:8f:c2:b2:d1:62:fd:95:f3:65:0c:6c:3a:a8:b3:1b:2d:08:
d6:32:f6:d0:d4:9a:c6:40:a3:5c:f5:1e:a4:bc:37:0b:13:45:
b3:85:0b:69:bb:41:a9:bc:07:60:43:9e:0c:00:0c:78:9a:21:
0e:61:a9:a7:c3:10:70:3f:f7:92:cf:de:7d:a4:b1:f7:28:ce:
e7:2b:72:d1:64:48:81:4c:50:85:31:49:26:42:e8:fb:32:82:
da:81:4b:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrhSgfnpIdRkqXJAjGuuPoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI5MTQxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTc3ZTY4MTViNWVlYjc0MGI3MGVhYTMzYzZhZWNjZTcxNGU4NDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2mUW8f0q5hyhGrX1sHJyvZnRdms
vN+wFyIahUfSphXpr5HfQOpjWaPZfIwTrc34NFC8P0cjwq3ded6b82zX0zZ2m5My
ce2PUyF6pfETQ0/IwQ5mfWDY/i2AIT7xyIFVdmdfdPCNqcDSyG8oNgsGhIsCzNdK
1lLB+Liu+5kpTcaywAGhc05F0+KXT6em6QqEJLrwSKFGpcWKSB8wRUq6n7Tf8VWm
uHDZxUfNjAipufxSQqODV4QRS+/PHXAcwU330ztcDT7Mq9UOn3oa50qMY49PX/W1
vTAdgk0upjB+PJAGat2P1lgTkvCE7veaf4B2s5Ge/vg7UFlC26SSfmY5dwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDl35oFbXut0C3Dqozxq7M5xToRkMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT1hmbWdWdGU2M1FMY09xalBHcnN6bkZPaEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIk+mKGoGbZB7XxnjrVw
r0P0yZQYl9h25SMP9HMGYSl9TA3/bZG1yslUF2qoCzZjHG44sBChrooqP/quCwFw
Jcr+faulPna3XKXdZmPVaw2lr95J+ly7DLCCpp5MVoRX8JhGNQ1EDv/z+WTOmCeO
WcgPT9olQvTiazTCNuP0knjBOWAy6dBJdTY5EQLP0Mh1SzwU26AIqaKnayogE6E2
nrZ21omPwrLRYv2V82UMbDqosxstCNYy9tDUmsZAo1z1HqS8NwsTRbOFC2m7Qam8
B2BDngwADHiaIQ5hqafDEHA/95LP3n2ksfcozucrctFkSIFMUIUxSSZC6PsygtqB
Sx0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:10:30 2025 by rpki-client