Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ObHWOntkHNH0NuZxvXpLTwP7RNE.roa
File: ObHWOntkHNH0NuZxvXpLTwP7RNE.roa (raw, json)
Hash identifier: 8XbPjyNKTkYVV8xkkOUEvvYtOwgKcmHm9CBmyv/cphg=
Subject key identifier: 39:B1:D6:3A:7B:64:1C:D1:F4:36:E6:71:BD:7A:4B:4F:03:FB:44:D1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C16B80F05A20C436F4E31720A37F41FDE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ObHWOntkHNH0NuZxvXpLTwP7RNE.roa
Signing time: Tue 28 Nov 2023 16:16:50 +0000
ROA not before: Tue 28 Nov 2023 16:16:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:16:b8:0f:05:a2:0c:43:6f:4e:31:72:0a:37:f4:1f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 16:16:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39b1d63a7b641cd1f436e671bd7a4b4f03fb44d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:29:9b:49:cb:6a:64:3f:85:16:ef:52:d7:28:
87:0b:7f:56:65:7f:3c:c1:b2:bb:82:ea:aa:e0:5c:
a3:30:2e:70:21:db:5c:88:47:fd:a8:2c:d2:2a:3a:
6f:58:f3:ae:78:df:a4:af:6c:e7:ad:87:86:f5:f9:
19:f4:57:19:58:94:25:50:e5:6e:6f:2b:49:52:05:
ee:08:de:73:61:a3:37:5e:42:82:b1:7c:d3:2c:44:
07:d0:c8:90:9a:9d:3e:46:dc:79:9f:7f:a4:7c:54:
a2:1f:6a:cc:2c:cc:4a:ac:1f:78:65:0e:7d:86:54:
51:05:ba:8a:03:44:58:8a:38:9d:be:fe:31:c1:40:
c9:f2:89:0a:f0:13:ff:eb:71:90:ff:2f:dc:19:bf:
d3:24:24:2f:c7:cd:ec:00:99:44:e7:5b:76:f8:4c:
eb:1f:e7:2d:17:52:47:d5:83:82:d4:e7:11:73:29:
cb:d4:cb:be:c2:52:e2:e9:5d:a8:f1:c1:95:ff:fa:
72:03:5a:8a:86:df:56:43:1c:b6:10:c3:d3:fc:e9:
51:9f:b0:68:3a:02:37:3f:f1:47:64:e4:59:c9:4d:
a4:b1:68:2d:6e:34:37:7d:5e:8d:12:a1:10:34:04:
c0:b1:e7:83:99:d3:f8:21:af:dc:23:8f:e5:14:9a:
d6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B1:D6:3A:7B:64:1C:D1:F4:36:E6:71:BD:7A:4B:4F:03:FB:44:D1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ObHWOntkHNH0NuZxvXpLTwP7RNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:bf:eb:38:5b:ed:d6:1b:a1:2a:25:5f:db:99:b6:09:2f:b7:
94:fb:f0:50:ca:e7:80:d7:35:92:02:8b:36:76:c8:29:89:96:
a0:06:f2:50:b3:bc:34:6f:98:57:97:85:44:b8:63:77:d2:74:
3a:76:12:0c:c1:5c:a6:7a:03:cd:fc:16:2f:2b:a7:dd:0b:d2:
19:ab:a6:cb:40:ca:cc:77:c1:c8:7d:8a:0f:82:cf:a7:87:be:
49:43:f5:cc:f9:a3:dc:35:d2:7e:ad:d5:32:3c:e6:80:d7:86:
81:5f:b9:b3:3e:97:f0:34:69:fd:22:02:c7:f3:91:42:c7:9c:
2d:49:fa:91:57:f0:6d:72:74:c3:0a:03:7d:12:41:34:d4:f0:
1f:5a:92:20:31:c1:b7:39:68:3a:1b:85:65:c1:6e:c7:ed:b4:
0b:02:fb:72:61:29:ea:f9:9e:ef:2b:3e:0a:3d:d8:01:59:3a:
26:c7:38:0f:ad:5b:a7:8a:1b:8e:b3:b0:d9:cd:d3:33:83:81:
7c:94:92:58:f7:36:e9:1c:dd:c7:70:71:ad:54:1b:63:eb:79:
31:b5:c3:01:96:3e:10:45:39:59:e3:15:01:25:7c:f0:ad:7c:
f3:b6:0d:fe:e5:f0:b9:15:5f:0f:6a:fe:cc:93:2c:c6:16:f2:
6f:f1:0c:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwWuA8FogxDb04xcgo39B/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MTYxNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIxZDYzYTdiNjQxY2QxZjQzNmU2NzFiZDdhNGI0ZjAzZmI0NGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApymbSctqZD+FFu9S1yiHC39WZX88
wbK7guqq4FyjMC5wIdtciEf9qCzSKjpvWPOueN+kr2znrYeG9fkZ9FcZWJQlUOVu
bytJUgXuCN5zYaM3XkKCsXzTLEQH0MiQmp0+Rtx5n3+kfFSiH2rMLMxKrB94ZQ59
hlRRBbqKA0RYijidvv4xwUDJ8okK8BP/63GQ/y/cGb/TJCQvx83sAJlE51t2+Ezr
H+ctF1JH1YOC1OcRcynL1Mu+wlLi6V2o8cGV//pyA1qKht9WQxy2EMPT/OlRn7Bo
OgI3P/FHZORZyU2ksWgtbjQ3fV6NEqEQNATAseeDmdP4Ia/cI4/lFJrWXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDmx1jp7ZBzR9Dbmcb16S08D+0TRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT2JIV09udGtITkgwTnVaeHZYcExUd1A3Uk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACW/6zhb7dYboSolX9uZ
tgkvt5T78FDK54DXNZICizZ2yCmJlqAG8lCzvDRvmFeXhUS4Y3fSdDp2EgzBXKZ6
A838Fi8rp90L0hmrpstAysx3wch9ig+Cz6eHvklD9cz5o9w10n6t1TI85oDXhoFf
ubM+l/A0af0iAsfzkULHnC1J+pFX8G1ydMMKA30SQTTU8B9akiAxwbc5aDobhWXB
bsfttAsC+3JhKer5nu8rPgo92AFZOibHOA+tW6eKG46zsNnN0zODgXyUklj3Nukc
3cdwca1UG2PreTG1wwGWPhBFOVnjFQElfPCtfPO2Df7l8LkVXw9q/syTLMYW8m/x
DCE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:45 2025 by rpki-client