Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OwQsOG1hpV51AbV6UhngQBVQMK8.roa
File: OwQsOG1hpV51AbV6UhngQBVQMK8.roa (raw, json)
Hash identifier: LiW3AmIRQQ0byUk1eJVLIEuNZW6qwu1IqnX8QZXQi4w=
Subject key identifier: 3B:04:2C:38:6D:61:A5:5E:75:01:B5:7A:52:19:E0:40:15:50:30:AF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BF53EC700FB1E88C33D540333912B1715
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OwQsOG1hpV51AbV6UhngQBVQMK8.roa
Signing time: Wed 22 Nov 2023 04:16:53 +0000
ROA not before: Wed 22 Nov 2023 04:16:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f5:3e:c7:00:fb:1e:88:c3:3d:54:03:33:91:2b:17:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 22 04:16:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b042c386d61a55e7501b57a5219e040155030af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2d:9f:c6:fb:bc:2a:26:cd:11:7c:ab:4e:b8:
0b:31:3a:94:3f:6f:dd:e3:f1:f6:36:ce:2b:9c:dc:
32:fa:6f:12:4a:d1:16:99:37:a7:81:a5:36:fa:28:
80:41:12:e1:56:a9:21:e3:53:82:90:dc:66:6f:1b:
bd:ba:bc:7a:6a:62:70:ea:5a:2b:df:88:18:42:2a:
a2:e3:1f:03:fc:69:78:a7:bd:67:9e:74:fc:a6:14:
ef:0c:10:f4:e6:2a:4d:e5:59:d7:19:52:df:fa:2b:
7c:4f:4d:c0:00:e2:7d:54:9f:1f:91:32:a8:6b:45:
5c:01:3f:60:29:32:90:fd:3d:a8:10:4d:c4:c6:a7:
e7:36:39:eb:99:e4:fd:74:bc:ee:e4:b2:a7:c1:dd:
f1:b8:9d:18:96:96:e2:f1:d5:5d:ee:84:a5:5e:ff:
ba:3f:e0:f5:38:02:e6:64:34:b2:e5:ed:66:9c:9a:
08:96:43:ec:78:87:3a:bd:5b:53:1f:6b:7a:a6:2a:
d8:99:a1:db:43:ef:72:46:4b:70:65:be:e3:e0:e1:
48:f8:d7:f1:27:46:dd:af:05:90:95:2d:9d:27:1b:
06:6e:7d:6e:61:70:6a:3a:c6:ae:2d:6e:79:e8:ad:
1c:46:41:94:e7:01:07:a5:1f:7e:56:68:d4:b6:11:
1c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:04:2C:38:6D:61:A5:5E:75:01:B5:7A:52:19:E0:40:15:50:30:AF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OwQsOG1hpV51AbV6UhngQBVQMK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d0:be:12:9d:59:48:8c:49:77:66:0e:11:ed:8e:c4:32:fb:78:
be:47:f7:5f:7d:3f:20:20:ea:cf:fe:1a:c7:4d:f5:b4:bd:17:
10:40:6c:e1:b1:e2:1d:65:4a:ab:0f:45:f9:87:5c:68:dc:08:
ed:d4:96:09:29:40:6a:b3:2e:8e:c8:78:f4:40:78:cc:a7:f6:
83:be:71:f1:57:c0:23:cb:e0:da:79:9f:80:00:c0:62:86:c2:
b9:86:d0:d9:e5:5f:05:17:65:d5:b6:34:2b:67:b9:f9:2e:5f:
68:93:a8:84:ac:5c:54:ec:3c:d1:55:9f:0d:52:b9:a5:74:b4:
8d:e0:87:06:aa:e4:99:23:3c:7d:34:a3:46:39:6f:a8:2f:46:
ff:87:c7:9f:cc:15:ea:63:58:1d:21:8a:87:bd:45:85:63:f8:
22:30:ff:04:9a:0d:24:ff:97:7e:85:3b:22:cc:96:8b:95:6e:
42:79:a6:0f:60:f5:29:33:0e:96:12:71:40:5e:0a:dc:22:9b:
b7:0f:89:d3:17:9e:df:c3:4c:16:de:93:88:13:e8:5a:d7:ff:
66:a5:af:d6:c4:03:a7:ad:75:f3:7a:84:04:7c:02:45:f9:db:
cc:ce:93:95:df:76:f4:ca:55:54:43:c0:f4:ab:ba:c2:d3:4c:
61:11:d9:ee
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv1PscA+x6Iwz1UAzORKxcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIyMDQxNjUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjA0MmMzODZkNjFhNTVlNzUwMWI1N2E1MjE5ZTA0MDE1NTAzMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC2fxvu8KibNEXyrTrgLMTqUP2/d
4/H2Ns4rnNwy+m8SStEWmTengaU2+iiAQRLhVqkh41OCkNxmbxu9urx6amJw6lor
34gYQiqi4x8D/Gl4p71nnnT8phTvDBD05ipN5VnXGVLf+it8T03AAOJ9VJ8fkTKo
a0VcAT9gKTKQ/T2oEE3ExqfnNjnrmeT9dLzu5LKnwd3xuJ0Ylpbi8dVd7oSlXv+6
P+D1OALmZDSy5e1mnJoIlkPseIc6vVtTH2t6pirYmaHbQ+9yRktwZb7j4OFI+Nfx
J0bdrwWQlS2dJxsGbn1uYXBqOsauLW556K0cRkGU5wEHpR9+VmjUthEcdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDsELDhtYaVedQG1elIZ4EAVUDCvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT3dRc09HMWhwVjUxQWJWNlVobmdRQlZRTUs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANC+Ep1ZSIxJd2YOEe2O
xDL7eL5H9199PyAg6s/+GsdN9bS9FxBAbOGx4h1lSqsPRfmHXGjcCO3UlgkpQGqz
Lo7IePRAeMyn9oO+cfFXwCPL4Np5n4AAwGKGwrmG0NnlXwUXZdW2NCtnufkuX2iT
qISsXFTsPNFVnw1SuaV0tI3ghwaq5JkjPH00o0Y5b6gvRv+Hx5/MFepjWB0hioe9
RYVj+CIw/wSaDST/l36FOyLMlouVbkJ5pg9g9SkzDpYScUBeCtwim7cPidMXnt/D
TBbek4gT6FrX/2alr9bEA6etdfN6hAR8AkX528zOk5XfdvTKVVRDwPSrusLTTGER
2e4=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:07:34 2025 by rpki-client