Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cOZUPwVrNt_8IfRPi8VTLoTjoMM.roa
File: cOZUPwVrNt_8IfRPi8VTLoTjoMM.roa (raw, json)
Hash identifier: SZOc9oTL4tJ5VUyc1ogHLGKMG53JLvsCEPWJAAW6ryo=
Subject key identifier: 70:E6:54:3F:05:6B:36:DF:FC:21:F4:4F:8B:C5:53:2E:84:E3:A0:C3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4959F1FF9FDAC585203C8DF5606842B5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cOZUPwVrNt_8IfRPi8VTLoTjoMM.roa
Signing time: Fri 08 Dec 2023 12:14:40 +0000
ROA not before: Fri 08 Dec 2023 12:14:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:49:59:f1:ff:9f:da:c5:85:20:3c:8d:f5:60:68:42:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 8 12:14:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70e6543f056b36dffc21f44f8bc5532e84e3a0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3e:14:73:15:9a:5c:59:53:ba:8b:ea:95:17:
c1:39:5e:f9:a0:c4:d9:a3:12:30:dd:c4:93:b7:cd:
0c:55:35:0a:76:7e:fc:32:a8:18:e3:51:b1:ea:4b:
c5:1e:50:59:75:12:e9:39:32:73:7d:0f:0c:62:26:
73:20:e1:b9:92:3e:f6:65:34:9f:8a:e3:9b:cf:c3:
56:3a:c8:e2:40:cd:3e:cd:12:57:01:fb:2e:83:ce:
93:34:bf:2d:59:b0:ea:52:c7:b0:cb:30:b0:07:3f:
9b:18:b1:a9:1b:3e:a2:1a:7a:5b:00:9b:53:3a:05:
98:82:06:5a:2c:d0:a8:60:0d:08:ea:c4:18:6d:fd:
fd:b9:6b:c8:72:b2:59:93:0e:38:be:5f:40:0a:17:
3b:b6:77:b6:ee:54:6f:90:f0:fd:d8:66:a4:9a:28:
5f:ec:da:c7:7a:04:f8:18:e6:0b:cd:85:ab:e2:34:
63:76:0b:d2:9c:7d:37:aa:07:c5:e1:f0:e6:99:c9:
33:b2:a9:8b:74:cf:05:0a:e3:68:1a:d6:38:63:82:
1f:43:82:3c:f9:c8:04:84:b9:e2:af:1f:60:51:a8:
03:72:ab:17:b1:79:7d:ae:5b:d5:95:34:5e:53:38:
d1:4b:53:a6:a1:17:06:c1:be:39:d1:ef:5a:08:b8:
23:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E6:54:3F:05:6B:36:DF:FC:21:F4:4F:8B:C5:53:2E:84:E3:A0:C3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/cOZUPwVrNt_8IfRPi8VTLoTjoMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:45:c1:e6:36:cf:c1:61:bc:ca:83:b9:a8:02:cb:80:31:25:
da:33:e7:6d:3a:7f:70:3e:30:a9:ad:01:e9:84:e3:62:96:05:
f1:b7:11:d1:b4:e4:b0:b3:34:8b:ba:e5:69:ca:bc:ba:58:ac:
83:a9:87:f4:0b:fa:97:e6:2d:e5:84:ea:dc:d9:93:ef:87:0d:
6a:65:77:a5:bb:60:70:7f:e9:86:fb:73:29:78:cf:3c:ea:33:
20:8c:f4:17:1a:d3:34:fb:1a:16:4b:40:bd:61:26:5f:3e:cc:
27:c3:c2:70:8c:51:b0:a7:9e:1f:89:9d:c6:30:2a:60:9a:43:
d3:0d:88:04:f0:52:ee:54:30:74:b4:27:76:ff:86:69:96:22:
d1:59:49:cc:41:0d:63:f8:20:ef:e2:ba:56:c0:97:0d:fb:8e:
4e:86:9a:06:06:0c:76:c3:f3:5e:e0:d8:4c:f1:89:50:cc:9c:
b4:ae:c4:6a:03:df:ed:63:2f:b5:2a:31:58:15:5c:2e:0c:24:
b5:83:52:66:32:2e:5f:d3:c3:79:d6:7a:57:b0:30:70:9b:04:
62:f8:19:7b:ec:34:b5:ec:58:8c:c6:48:25:e2:2d:32:e8:69:
23:d6:c3:2b:43:84:01:2d:22:1e:29:ca:c3:af:15:b0:27:a5:
62:b3:ef:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxJWfH/n9rFhSA8jfVgaEK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA4MTIxNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGU2NTQzZjA1NmIzNmRmZmMyMWY0NGY4YmM1NTMyZTg0ZTNhMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz4UcxWaXFlTuovqlRfBOV75oMTZ
oxIw3cSTt80MVTUKdn78MqgY41Gx6kvFHlBZdRLpOTJzfQ8MYiZzIOG5kj72ZTSf
iuObz8NWOsjiQM0+zRJXAfsug86TNL8tWbDqUsewyzCwBz+bGLGpGz6iGnpbAJtT
OgWYggZaLNCoYA0I6sQYbf39uWvIcrJZkw44vl9AChc7tne27lRvkPD92Gakmihf
7NrHegT4GOYLzYWr4jRjdgvSnH03qgfF4fDmmckzsqmLdM8FCuNoGtY4Y4IfQ4I8
+cgEhLnirx9gUagDcqsXsXl9rlvVlTReUzjRS1OmoRcGwb450e9aCLgjeQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHDmVD8Fazbf/CH0T4vFUy6E46DDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvY09aVVB3VnJOdF84SWZSUGk4VlRMb1Rqb01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIJFweY2z8FhvMqDuagC
y4AxJdoz5206f3A+MKmtAemE42KWBfG3EdG05LCzNIu65WnKvLpYrIOph/QL+pfm
LeWE6tzZk++HDWpld6W7YHB/6Yb7cyl4zzzqMyCM9Bca0zT7GhZLQL1hJl8+zCfD
wnCMUbCnnh+JncYwKmCaQ9MNiATwUu5UMHS0J3b/hmmWItFZScxBDWP4IO/iulbA
lw37jk6GmgYGDHbD817g2EzxiVDMnLSuxGoD3+1jL7UqMVgVXC4MJLWDUmYyLl/T
w3nWelewMHCbBGL4GXvsNLXsWIzGSCXiLTLoaSPWwytDhAEtIh4pysOvFbAnpWKz
7yo=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:00:26 2025 by rpki-client