Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o6kgFegZO4MFc-1lDxV92_yovi4.roa
File: o6kgFegZO4MFc-1lDxV92_yovi4.roa (raw, json)
Hash identifier: VKarW3hzO0DP42nao0FVHTfRMYsFdjxULxmiv2udeaI=
Subject key identifier: A3:A9:20:15:E8:19:3B:83:05:73:ED:65:0F:15:7D:DB:FC:A8:BE:2E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7E933722749F744E65C6238A940CE8A4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o6kgFegZO4MFc-1lDxV92_yovi4.roa
Signing time: Mon 18 Dec 2023 20:17:06 +0000
ROA not before: Mon 18 Dec 2023 20:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7e:93:37:22:74:9f:74:4e:65:c6:23:8a:94:0c:e8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 20:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3a92015e8193b830573ed650f157ddbfca8be2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5e:c6:1f:d8:d8:68:f8:c5:ed:4e:18:b4:fe:
da:42:5e:4a:9b:85:0e:d3:68:50:ce:db:e7:bc:fc:
97:76:eb:87:cb:58:0e:d9:82:4f:e8:71:25:5a:7a:
8d:07:4c:c6:66:ee:f7:bd:4a:31:33:54:da:c7:d7:
0d:dc:65:24:3d:76:b6:0b:75:4a:ce:6a:b9:21:0c:
3d:d9:42:ac:01:f6:6e:d5:ea:8e:aa:6c:0e:89:c9:
a7:42:d4:2c:b6:29:38:b7:c9:04:8e:55:a7:8a:47:
d1:9c:0b:ab:bf:0c:e2:6f:01:e8:69:86:a8:bb:9c:
9b:77:75:d7:a9:3d:7e:e8:bf:90:4b:54:45:57:73:
c5:d1:44:35:ef:0a:de:8f:ef:a3:7b:5a:04:f9:0e:
53:ee:cd:a9:9f:c7:6e:9a:a9:66:b6:93:7f:7b:6b:
23:86:42:ff:51:6e:a2:d2:87:1f:60:1c:f8:85:9b:
c9:10:bf:19:6d:e5:7e:81:78:56:b6:a4:5a:bd:dd:
78:40:9b:7e:c9:f7:a6:2f:47:3c:0b:00:72:e2:41:
49:b8:ed:1e:9b:9b:28:19:f8:8a:4c:0a:a4:36:6d:
1d:31:e4:85:e4:cc:73:25:39:e9:16:42:c9:5e:c0:
5f:e6:6a:aa:ed:28:27:ce:a7:55:4d:6f:ee:6c:66:
e9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A9:20:15:E8:19:3B:83:05:73:ED:65:0F:15:7D:DB:FC:A8:BE:2E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o6kgFegZO4MFc-1lDxV92_yovi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:64:77:2c:f3:a9:50:c9:e4:7d:75:d4:4f:38:19:23:94:d7:
9c:c5:b4:5a:4c:3e:be:6a:d4:74:42:09:8c:2f:7b:d8:36:16:
55:25:e2:62:17:5a:99:18:19:7f:1f:8c:d0:8b:02:f2:08:97:
a2:88:73:af:86:b6:86:f5:b6:9d:c1:cd:17:5f:68:e8:ed:99:
29:72:5c:20:88:1c:cf:56:3b:ca:84:ee:c5:9e:a7:74:74:82:
f9:84:5d:bf:6e:8c:fa:06:42:78:fa:bc:27:81:d1:46:7a:c8:
80:b1:67:da:0e:c8:11:5c:f4:6c:a8:6a:c9:9e:6b:fc:e6:c5:
34:77:1c:cf:af:d0:69:90:be:6b:a2:40:1e:d9:5f:76:e2:6c:
71:4c:a2:f0:d2:f0:78:e6:ef:3c:ad:8f:d9:e5:9a:44:3e:a7:
ef:ab:3b:ac:6f:f7:88:38:e1:cb:f9:98:e0:28:66:36:8a:69:
6a:8c:87:1e:c8:b7:13:eb:45:5e:ab:38:e9:c0:92:46:aa:67:
ae:4e:54:d0:2e:34:bb:ae:12:76:c3:2d:1f:fa:2d:4a:45:ea:
f1:e0:38:a8:37:27:a2:bf:1b:0e:8d:5e:03:d9:94:50:56:ae:
97:aa:c5:28:14:50:4e:10:63:7e:2a:8b:16:a7:44:35:3b:a1:
03:80:54:45
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx+kzcidJ90TmXGI4qUDOikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MjAxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2E5MjAxNWU4MTkzYjgzMDU3M2VkNjUwZjE1N2RkYmZjYThiZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz17GH9jYaPjF7U4YtP7aQl5Km4UO
02hQztvnvPyXduuHy1gO2YJP6HElWnqNB0zGZu73vUoxM1Tax9cN3GUkPXa2C3VK
zmq5IQw92UKsAfZu1eqOqmwOicmnQtQstik4t8kEjlWnikfRnAurvwzibwHoaYao
u5ybd3XXqT1+6L+QS1RFV3PF0UQ17wrej++je1oE+Q5T7s2pn8dumqlmtpN/e2sj
hkL/UW6i0ocfYBz4hZvJEL8ZbeV+gXhWtqRavd14QJt+yfemL0c8CwBy4kFJuO0e
m5soGfiKTAqkNm0dMeSF5MxzJTnpFkLJXsBf5mqq7SgnzqdVTW/ubGbplQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKOpIBXoGTuDBXPtZQ8Vfdv8qL4uMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbzZrZ0ZlZ1pPNE1GYy0xbER4VjkyX3lvdmk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG9kdyzzqVDJ5H111E84
GSOU15zFtFpMPr5q1HRCCYwve9g2FlUl4mIXWpkYGX8fjNCLAvIIl6KIc6+Gtob1
tp3BzRdfaOjtmSlyXCCIHM9WO8qE7sWep3R0gvmEXb9ujPoGQnj6vCeB0UZ6yICx
Z9oOyBFc9Gyoasmea/zmxTR3HM+v0GmQvmuiQB7ZX3bibHFMovDS8Hjm7zytj9nl
mkQ+p++rO6xv94g44cv5mOAoZjaKaWqMhx7ItxPrRV6rOOnAkkaqZ65OVNAuNLuu
EnbDLR/6LUpF6vHgOKg3J6K/Gw6NXgPZlFBWrpeqxSgUUE4QY34qixanRDU7oQOA
VEU=
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:14:05 2025 by rpki-client