Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o4vgAsdNjDWN27l3DOjjyDvWwBQ.roa
File: o4vgAsdNjDWN27l3DOjjyDvWwBQ.roa (raw, json)
Hash identifier: cLKoYsB/UYl/UWOlzO0wEGlItf+G6NT/CxiH5k8czg4=
Subject key identifier: A3:8B:E0:02:C7:4D:8C:35:8D:DB:B9:77:0C:E8:E3:C8:3B:D6:C0:14
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABA34CD3C9728B6AE0580B613874F5E48
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o4vgAsdNjDWN27l3DOjjyDvWwBQ.roa
Signing time: Fri 22 Sep 2023 00:05:37 +0000
ROA not before: Fri 22 Sep 2023 00:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:ba34:5e2/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ba:34:cd:3c:97:28:b6:ae:05:80:b6:13:87:4f:5e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 00:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a38be002c74d8c358ddbb9770ce8e3c83bd6c014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3b:a8:26:c1:22:57:8a:59:2e:6c:0e:34:5e:
52:4a:dc:9d:ec:96:14:89:72:36:5d:95:f7:ad:40:
17:69:b5:36:36:db:41:7a:2f:87:40:9d:85:0e:45:
48:4e:3c:b1:bc:b7:a0:51:05:a6:bc:b4:10:07:18:
cf:1b:2c:ef:85:3a:8d:c6:61:de:0a:2b:af:72:ee:
98:4a:2f:5f:36:ad:fa:27:e5:bc:c3:4a:51:70:08:
64:95:42:4c:a6:2a:c0:07:34:46:3d:6b:a2:0a:b4:
07:15:de:84:45:11:1a:25:12:4f:5b:84:fb:7f:9f:
f5:73:d2:c3:90:91:fe:77:f4:3a:91:ae:05:2f:70:
2c:06:6c:fa:fe:ba:c9:e1:89:96:6a:0c:98:14:21:
c0:0a:79:82:88:0f:0b:cb:1c:3e:8b:7c:9a:54:3b:
1c:3f:cf:8e:f3:7e:fb:2c:43:76:af:1e:b3:dc:61:
96:40:17:3a:19:e1:a2:7c:4b:29:8c:5b:6b:02:b4:
1b:69:94:9a:57:c0:f1:59:28:92:c2:32:1b:d0:e7:
dd:c3:3c:ac:56:91:38:83:d9:e8:df:93:0a:bc:15:
2f:ff:1b:60:df:fb:01:4c:ed:5f:35:9e:f9:27:27:
34:bd:1c:36:c4:e4:f5:73:0b:bb:b3:5b:27:77:66:
68:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8B:E0:02:C7:4D:8C:35:8D:DB:B9:77:0C:E8:E3:C8:3B:D6:C0:14
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o4vgAsdNjDWN27l3DOjjyDvWwBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
af:87:7f:b3:57:52:c1:3b:db:88:7f:7c:a2:f2:f8:36:82:32:
02:04:52:81:a3:78:e7:ea:e4:a5:c4:97:62:b0:fa:f4:7c:ca:
cd:5d:dc:6f:3d:5c:3b:09:64:a0:a2:0a:a9:4b:ee:d7:be:99:
a6:30:62:06:46:aa:58:b5:b4:13:47:ed:a7:7d:ed:23:27:b8:
3f:63:44:c9:f8:ea:ab:20:04:1d:18:e7:0d:47:43:3d:d4:36:
49:97:34:da:f7:12:85:d5:7a:9a:ae:dd:eb:c7:09:ca:dc:e9:
20:96:8b:b9:5a:0c:a7:b0:81:65:8f:c8:47:fe:03:c2:3a:52:
72:8c:a4:43:92:8f:f8:0d:fd:89:a7:ea:bb:c6:18:ab:00:c3:
ef:dd:56:a7:c5:b6:6b:2d:8c:d9:4a:36:5f:c8:fc:2b:b9:66:
ed:3a:15:55:9a:7c:96:e7:9b:21:e7:da:dd:00:a3:4a:76:bc:
f9:1a:18:41:63:79:a8:f1:53:88:c5:97:10:35:4d:d5:67:f5:
02:d2:2a:1e:3c:55:94:af:36:49:e9:4f:12:15:e9:82:9a:87:
18:ea:bf:43:2f:f8:7f:10:a5:c0:4b:f0:7d:42:49:29:34:79:
2d:46:4d:b5:1c:5d:e6:74:18:3e:8b:7e:24:b5:92:c2:ae:c7:
1f:d1:a3:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq6NM08lyi2rgWAthOHT15IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMDAwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhiZTAwMmM3NGQ4YzM1OGRkYmI5NzcwY2U4ZTNjODNiZDZjMDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTuoJsEiV4pZLmwONF5SStyd7JYU
iXI2XZX3rUAXabU2NttBei+HQJ2FDkVITjyxvLegUQWmvLQQBxjPGyzvhTqNxmHe
Ciuvcu6YSi9fNq36J+W8w0pRcAhklUJMpirABzRGPWuiCrQHFd6ERREaJRJPW4T7
f5/1c9LDkJH+d/Q6ka4FL3AsBmz6/rrJ4YmWagyYFCHACnmCiA8Lyxw+i3yaVDsc
P8+O8377LEN2rx6z3GGWQBc6GeGifEspjFtrArQbaZSaV8DxWSiSwjIb0Ofdwzys
VpE4g9no35MKvBUv/xtg3/sBTO1fNZ75Jyc0vRw2xOT1cwu7s1snd2ZoxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKOL4ALHTYw1jdu5dwzo48g71sAUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbzR2Z0FzZE5qRFdOMjdsM0RPamp5RHZXd0JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK+Hf7NXUsE724h/fKLy
+DaCMgIEUoGjeOfq5KXEl2Kw+vR8ys1d3G89XDsJZKCiCqlL7te+maYwYgZGqli1
tBNH7ad97SMnuD9jRMn46qsgBB0Y5w1HQz3UNkmXNNr3EoXVepqu3evHCcrc6SCW
i7laDKewgWWPyEf+A8I6UnKMpEOSj/gN/Ymn6rvGGKsAw+/dVqfFtmstjNlKNl/I
/Cu5Zu06FVWafJbnmyHn2t0Ao0p2vPkaGEFjeajxU4jFlxA1TdVn9QLSKh48VZSv
NknpTxIV6YKahxjqv0Mv+H8QpcBL8H1CSSk0eS1GTbUcXeZ0GD6LfiS1ksKuxx/R
oxw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:23:39 2025 by rpki-client