Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OkueYXVB2B5d4fo_C3bPXzUYTUE.roa
File: OkueYXVB2B5d4fo_C3bPXzUYTUE.roa (raw, json)
Hash identifier: dYrmf5h2yigERkNDVgNeJKZq9I7xEFWNaKaJjwZuaA4=
Subject key identifier: 3A:4B:9E:61:75:41:D8:1E:5D:E1:FA:3F:0B:76:CF:5F:35:18:4D:41
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5DF2DC1894D7526BA61AFC814F3F646F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OkueYXVB2B5d4fo_C3bPXzUYTUE.roa
Signing time: Tue 12 Dec 2023 12:14:06 +0000
ROA not before: Tue 12 Dec 2023 12:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5d:f2:dc:18:94:d7:52:6b:a6:1a:fc:81:4f:3f:64:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 12:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a4b9e617541d81e5de1fa3f0b76cf5f35184d41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a2:a9:ed:5b:66:cb:ae:e7:2f:ad:3b:09:ce:
db:69:a7:1d:54:83:ba:88:c6:30:1a:6a:a2:61:56:
82:c0:84:1e:8e:1d:c1:ed:0c:f5:c3:c1:a8:4c:81:
af:79:44:64:6b:eb:67:21:4a:3b:cb:b3:78:7b:fa:
1c:ce:8f:6b:09:12:f0:c0:d4:72:6f:5f:b7:90:46:
f6:87:f2:9a:92:84:bc:24:2b:0f:05:52:3b:4b:32:
10:d3:ef:e6:bb:a9:a2:91:31:27:40:d5:bf:39:c6:
cf:75:56:ff:54:5b:83:ff:f3:5d:29:62:da:87:19:
be:a3:a6:83:43:f7:bb:61:b7:79:a4:1d:27:8f:2b:
04:60:7b:f2:38:0f:8a:62:9c:68:b8:e9:38:6a:14:
ef:3f:ee:3e:08:db:e9:5d:05:ae:0c:f6:b6:31:9e:
63:83:d7:88:a1:5b:88:87:5a:eb:ec:44:36:f6:4a:
a4:d1:0f:d2:50:cf:cb:6a:33:cb:0d:ff:99:5f:75:
4c:28:af:a5:63:19:96:39:a4:26:a7:36:c8:54:ef:
f4:57:e4:0d:13:47:ae:01:91:46:65:b9:ea:fe:5d:
2b:b9:ab:a9:df:d1:40:53:a4:b7:57:7f:d3:e1:ac:
1a:1b:51:ff:21:82:53:f4:9f:65:31:4e:7d:e8:e5:
8a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4B:9E:61:75:41:D8:1E:5D:E1:FA:3F:0B:76:CF:5F:35:18:4D:41
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OkueYXVB2B5d4fo_C3bPXzUYTUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:68:87:0f:e9:1a:ef:2d:81:87:60:e9:d9:3e:95:98:1b:20:
d2:7b:d8:39:47:41:7f:c3:37:93:30:f5:2c:11:db:71:01:86:
cb:f4:09:4d:df:44:21:1e:bd:96:5b:6d:da:97:13:b2:75:a3:
37:be:36:65:7b:80:9a:48:97:28:d9:7c:b8:06:cb:40:df:b2:
9e:18:4c:d9:9f:0a:e5:b7:6f:ec:e0:a3:be:27:04:ab:58:c8:
56:72:1e:5c:b5:65:9f:a9:08:67:0a:df:82:14:be:48:ff:f1:
ff:49:19:89:25:94:b7:08:fe:93:5c:ac:c6:40:d5:4e:fd:15:
ce:1d:2a:29:7e:3c:4e:1b:6b:df:2a:9d:5b:7a:91:cf:32:df:
40:96:b1:66:b5:5b:ab:96:ed:8d:a1:4a:e9:36:7c:ba:3d:ba:
0f:5e:43:08:79:c3:0e:62:7e:ae:d1:09:c3:a1:b0:5a:19:8d:
5f:7d:71:a3:93:57:f0:c0:7e:0b:34:f1:fb:0e:19:f1:0b:0b:
23:04:66:fc:03:72:5f:dd:2c:65:4b:f0:ad:83:ea:81:7c:72:
88:84:48:9c:2d:0a:a9:0a:ea:29:10:55:42:de:3f:a3:a2:f5:
c8:70:0e:2a:40:3b:c8:a8:17:cc:bd:01:cd:e8:e2:1b:6b:64:
41:23:dd:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxd8twYlNdSa6Ya/IFPP2RvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMTIxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTRiOWU2MTc1NDFkODFlNWRlMWZhM2YwYjc2Y2Y1ZjM1MTg0ZDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraKp7Vtmy67nL607Cc7baacdVIO6
iMYwGmqiYVaCwIQejh3B7Qz1w8GoTIGveURka+tnIUo7y7N4e/oczo9rCRLwwNRy
b1+3kEb2h/KakoS8JCsPBVI7SzIQ0+/mu6mikTEnQNW/OcbPdVb/VFuD//NdKWLa
hxm+o6aDQ/e7Ybd5pB0njysEYHvyOA+KYpxouOk4ahTvP+4+CNvpXQWuDPa2MZ5j
g9eIoVuIh1rr7EQ29kqk0Q/SUM/LajPLDf+ZX3VMKK+lYxmWOaQmpzbIVO/0V+QN
E0euAZFGZbnq/l0ruaup39FAU6S3V3/T4awaG1H/IYJT9J9lMU596OWKRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDpLnmF1QdgeXeH6Pwt2z181GE1BMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT2t1ZVlYVkIyQjVkNGZvX0MzYlBYelVZVFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADRohw/pGu8tgYdg6dk+
lZgbINJ72DlHQX/DN5Mw9SwR23EBhsv0CU3fRCEevZZbbdqXE7J1oze+NmV7gJpI
lyjZfLgGy0Dfsp4YTNmfCuW3b+zgo74nBKtYyFZyHly1ZZ+pCGcK34IUvkj/8f9J
GYkllLcI/pNcrMZA1U79Fc4dKil+PE4ba98qnVt6kc8y30CWsWa1W6uW7Y2hSuk2
fLo9ug9eQwh5ww5ifq7RCcOhsFoZjV99caOTV/DAfgs08fsOGfELCyMEZvwDcl/d
LGVL8K2D6oF8coiESJwtCqkK6ikQVULeP6Oi9chwDipAO8ioF8y9Ac3o4htrZEEj
3aQ=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:54:01 2025 by rpki-client