Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SOf-2f2vhzyT6S3oVGio6COWX3Q.roa
File: SOf-2f2vhzyT6S3oVGio6COWX3Q.roa (raw, json)
Hash identifier: cMnPBNSlAP3pZfgiWiU5sVzoyAFl0yQSjSVYLSMP2ws=
Subject key identifier: 48:E7:FE:D9:FD:AF:87:3C:93:E9:2D:E8:54:68:A8:E8:23:96:5F:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0934E6FF1109E3975AE79C0C0E5BF913
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SOf-2f2vhzyT6S3oVGio6COWX3Q.roa
Signing time: Sat 07 Oct 2023 08:15:43 +0000
ROA not before: Sat 07 Oct 2023 08:15:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:09:34:e6:ff:11:09:e3:97:5a:e7:9c:0c:0e:5b:f9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 08:15:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48e7fed9fdaf873c93e92de85468a8e823965f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9b:7f:07:d2:69:53:fd:06:a6:db:23:95:fc:
c8:ec:36:88:15:c9:61:08:d5:6c:24:80:23:01:14:
03:5e:ab:7f:90:88:6d:c3:60:9d:ec:87:9e:31:fe:
b6:02:6f:35:25:87:02:98:39:0d:c6:95:92:ba:be:
b9:23:5e:82:ba:4e:92:f1:74:b3:d6:2b:2f:f2:e0:
e7:73:51:53:1e:42:04:70:58:e3:d6:3b:88:a7:c0:
77:fd:a3:44:21:79:8a:18:b7:e9:65:a3:92:2b:41:
60:eb:33:2f:4e:72:f5:4e:48:7e:4b:7b:8c:be:f9:
04:73:4f:c3:3d:7e:1e:1a:7f:e1:b5:f6:c7:78:f5:
fd:c9:dc:42:1e:07:ff:cb:e6:7c:06:9f:d3:ac:f6:
f4:09:9d:27:aa:dd:7d:b4:a1:2e:d9:5b:92:73:be:
5b:d4:52:15:7c:02:f9:d1:98:92:19:54:98:86:34:
94:95:19:21:c9:f2:c6:d6:fa:82:6a:c6:27:81:d9:
56:bc:3a:42:af:ef:74:3e:84:38:88:d9:44:f5:89:
b4:bd:24:72:34:f3:f4:59:12:c0:98:82:08:82:a4:
ee:dd:83:2f:7c:53:37:4a:af:ce:1e:53:02:5a:ef:
6f:ce:be:9e:6e:f8:88:4b:9a:03:46:71:0b:cb:ea:
e0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E7:FE:D9:FD:AF:87:3C:93:E9:2D:E8:54:68:A8:E8:23:96:5F:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/SOf-2f2vhzyT6S3oVGio6COWX3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:f9:4a:17:68:96:3f:6f:d9:fb:2c:63:39:39:54:2c:d6:91:
b8:02:a7:d7:3c:91:de:d7:31:f9:4f:50:02:96:dc:27:a1:89:
98:43:24:1c:79:cc:9e:d2:5a:0a:92:20:eb:72:4d:3f:a6:40:
c9:e6:b5:39:cd:bd:4a:d8:ec:95:c9:38:16:a0:1a:60:ef:c8:
22:46:14:71:61:44:c3:ee:d3:cb:41:2f:e0:90:d1:51:5a:9c:
5c:86:7d:f5:10:dc:01:f5:51:a1:d6:9a:74:4e:9a:16:be:e9:
6d:32:06:eb:52:05:fb:fd:3e:84:a5:88:e9:a8:d3:6c:9c:d6:
19:7e:40:50:88:d7:59:a3:6c:0b:d1:04:2b:3a:b9:ea:45:1b:
cd:51:fc:9b:4b:91:db:90:60:4a:a6:6b:ef:ac:38:a9:f7:aa:
cb:48:86:71:bb:45:75:69:af:ec:89:48:cb:9a:29:17:fd:21:
94:21:b2:3f:f8:c4:7e:22:fa:9b:23:c1:e9:b5:62:61:ab:d9:
c9:e7:b0:70:f3:0e:ee:aa:4e:0a:a4:e7:95:a9:e7:29:10:5b:
7f:73:65:7c:26:54:99:95:0f:64:2f:6e:7c:d9:1f:80:49:17:
bd:4c:fe:89:cd:e0:cc:7b:fc:c4:b5:55:2e:78:75:e0:9a:7e:
50:7d:5a:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsJNOb/EQnjl1rnnAwOW/kTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MDgxNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGU3ZmVkOWZkYWY4NzNjOTNlOTJkZTg1NDY4YThlODIzOTY1Zjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZt/B9JpU/0GptsjlfzI7DaIFclh
CNVsJIAjARQDXqt/kIhtw2Cd7IeeMf62Am81JYcCmDkNxpWSur65I16Cuk6S8XSz
1isv8uDnc1FTHkIEcFjj1juIp8B3/aNEIXmKGLfpZaOSK0Fg6zMvTnL1Tkh+S3uM
vvkEc0/DPX4eGn/htfbHePX9ydxCHgf/y+Z8Bp/TrPb0CZ0nqt19tKEu2VuSc75b
1FIVfAL50ZiSGVSYhjSUlRkhyfLG1vqCasYngdlWvDpCr+90PoQ4iNlE9Ym0vSRy
NPP0WRLAmIIIgqTu3YMvfFM3Sq/OHlMCWu9vzr6ebviIS5oDRnELy+rgPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEjn/tn9r4c8k+kt6FRoqOgjll90MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvU09mLTJmMnZoenlUNlMzb1ZHaW82Q09XWDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKv5Shdolj9v2fssYzk5
VCzWkbgCp9c8kd7XMflPUAKW3CehiZhDJBx5zJ7SWgqSIOtyTT+mQMnmtTnNvUrY
7JXJOBagGmDvyCJGFHFhRMPu08tBL+CQ0VFanFyGffUQ3AH1UaHWmnROmha+6W0y
ButSBfv9PoSliOmo02yc1hl+QFCI11mjbAvRBCs6uepFG81R/JtLkduQYEqma++s
OKn3qstIhnG7RXVpr+yJSMuaKRf9IZQhsj/4xH4i+psjwem1YmGr2cnnsHDzDu6q
Tgqk55Wp5ykQW39zZXwmVJmVD2QvbnzZH4BJF71M/onN4Mx7/MS1VS54deCaflB9
WoA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:14:19 2025 by rpki-client