Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oBbmKki40GTXxfh7pW-Noe1fQfA.roa
File: oBbmKki40GTXxfh7pW-Noe1fQfA.roa (raw, json)
Hash identifier: IW68weriGfN3Y2GylvZir2Vaas4mmxuGUxJ4jGtln3o=
Subject key identifier: A0:16:E6:2A:48:B8:D0:64:D7:C5:F8:7B:A5:6F:8D:A1:ED:5F:41:F0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B834D801538BAA27CF43DD8130F436D5C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oBbmKki40GTXxfh7pW-Noe1fQfA.roa
Signing time: Tue 31 Oct 2023 01:16:16 +0000
ROA not before: Tue 31 Oct 2023 01:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:83:4d:80:15:38:ba:a2:7c:f4:3d:d8:13:0f:43:6d:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 01:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a016e62a48b8d064d7c5f87ba56f8da1ed5f41f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:78:aa:cd:b9:d2:12:85:3e:5e:6c:a1:8e:d3:
a2:bb:dc:f4:53:f6:f4:aa:f8:8c:b5:29:09:de:e0:
5c:07:f2:0c:3e:db:c2:d8:66:f6:a2:45:c6:d2:49:
9a:0e:5f:de:bc:9c:42:96:7e:e6:db:94:07:91:df:
66:17:a3:62:87:4c:81:8e:90:d4:82:1a:cd:30:42:
49:09:9b:9d:f9:9c:4c:8e:89:45:90:15:15:31:0a:
25:5f:56:3c:7f:66:a4:a3:02:1e:99:db:ee:5a:4b:
c2:60:7f:e4:b5:c5:91:cc:d9:14:40:d2:c1:12:a9:
42:26:cb:91:e0:0c:1f:b8:a7:6e:c2:d4:b0:ee:a9:
26:86:2f:63:41:0b:ae:c4:92:2f:fb:ef:7b:8f:c0:
fb:07:cb:51:a2:07:73:3d:22:83:f2:a4:e7:51:16:
f2:6e:ff:9e:c3:da:73:01:5d:06:9f:f5:10:2c:e0:
bc:ea:a8:01:51:5f:21:6b:3b:f2:ff:50:47:2f:30:
e4:98:74:f6:d5:a2:89:0f:ec:fe:3e:ea:3b:1f:06:
aa:fd:d8:64:a5:54:3b:88:fb:24:36:7a:a8:2f:a4:
3c:9a:bb:69:96:f8:ef:05:74:a1:1e:0b:a5:9f:21:
aa:72:14:2f:a1:70:a2:83:84:f6:6c:db:b8:ae:97:
c1:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:16:E6:2A:48:B8:D0:64:D7:C5:F8:7B:A5:6F:8D:A1:ED:5F:41:F0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oBbmKki40GTXxfh7pW-Noe1fQfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:ab:48:ed:6b:fe:b9:1c:4d:24:b0:a0:af:9b:8b:a7:fc:87:
4d:f5:cc:4b:84:d1:74:13:b4:79:58:79:8f:20:a4:59:ba:65:
40:8b:ba:2d:3e:43:96:54:b9:8f:56:8f:13:f1:5b:a3:cf:a4:
2a:1c:af:1e:7b:8e:c1:77:ff:af:ee:20:b5:92:f8:4a:b2:64:
16:25:43:d7:d4:65:31:df:49:50:20:e1:19:ef:51:3a:4b:76:
6c:40:ae:90:33:d1:c3:7b:83:b6:2e:4b:4b:89:60:92:59:6f:
64:27:fa:48:3b:7b:cf:76:ef:39:15:ed:03:c8:40:d8:33:04:
17:01:89:67:8b:ed:e7:98:7c:e5:0c:ae:a1:bd:2a:c3:e0:b1:
3a:f0:d1:ff:f5:d4:c4:62:50:84:8b:9e:01:4e:b2:03:46:27:
e9:52:07:6c:1e:c8:bf:f8:17:12:e5:8d:88:16:f7:f0:6b:89:
bf:78:c7:55:27:15:ec:db:b0:00:8c:41:8c:1d:8a:55:92:ba:
25:0b:e5:2d:27:96:80:6a:3d:10:ee:68:ab:2f:1a:5a:09:7f:
b2:ba:6c:8a:ef:b6:fd:98:99:64:97:06:a1:6a:54:aa:78:47:
76:3b:c6:91:56:ae:8f:65:5e:e6:6c:f7:7d:a1:f2:9f:4d:ba:
d0:e9:4c:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuDTYAVOLqifPQ92BMPQ21cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMDExNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDE2ZTYyYTQ4YjhkMDY0ZDdjNWY4N2JhNTZmOGRhMWVkNWY0MWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXiqzbnSEoU+XmyhjtOiu9z0U/b0
qviMtSkJ3uBcB/IMPtvC2Gb2okXG0kmaDl/evJxCln7m25QHkd9mF6Nih0yBjpDU
ghrNMEJJCZud+ZxMjolFkBUVMQolX1Y8f2akowIemdvuWkvCYH/ktcWRzNkUQNLB
EqlCJsuR4AwfuKduwtSw7qkmhi9jQQuuxJIv++97j8D7B8tRogdzPSKD8qTnURby
bv+ew9pzAV0Gn/UQLOC86qgBUV8hazvy/1BHLzDkmHT21aKJD+z+Puo7Hwaq/dhk
pVQ7iPskNnqoL6Q8mrtplvjvBXShHgulnyGqchQvoXCig4T2bNu4rpfBxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKAW5ipIuNBk18X4e6VvjaHtX0HwMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb0JibUtraTQwR1RYeGZoN3BXLU5vZTFmUWZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHOrSO1r/rkcTSSwoK+b
i6f8h031zEuE0XQTtHlYeY8gpFm6ZUCLui0+Q5ZUuY9WjxPxW6PPpCocrx57jsF3
/6/uILWS+EqyZBYlQ9fUZTHfSVAg4RnvUTpLdmxArpAz0cN7g7YuS0uJYJJZb2Qn
+kg7e8927zkV7QPIQNgzBBcBiWeL7eeYfOUMrqG9KsPgsTrw0f/11MRiUISLngFO
sgNGJ+lSB2weyL/4FxLljYgW9/Brib94x1UnFezbsACMQYwdilWSuiUL5S0nloBq
PRDuaKsvGloJf7K6bIrvtv2YmWSXBqFqVKp4R3Y7xpFWro9lXuZs932h8p9NutDp
TCw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:39:21 2025 by rpki-client