Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oG1k2YtECHPCQy2DSZyNYamYqkE.roa
File: oG1k2YtECHPCQy2DSZyNYamYqkE.roa (raw, json)
Hash identifier: YSGgz9GF8TWOEPK6OfTNFfA76uV0z52BgfUVoNYivI4=
Subject key identifier: A0:6D:64:D9:8B:44:08:73:C2:43:2D:83:49:9C:8D:61:A9:98:AA:41
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB2E8366F3E9503E3A024FEB45F6432D6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oG1k2YtECHPCQy2DSZyNYamYqkE.roa
Signing time: Wed 20 Sep 2023 14:04:37 +0000
ROA not before: Wed 20 Sep 2023 14:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:b2e7:d257/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:e8:36:6f:3e:95:03:e3:a0:24:fe:b4:5f:64:32:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 14:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a06d64d98b440873c2432d83499c8d61a998aa41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c1:20:74:4e:84:70:e7:e3:f7:74:c4:fe:c6:
76:0d:73:ec:19:7a:83:5c:82:18:e4:c1:e2:6e:91:
73:e0:7f:8b:f2:d7:ba:c1:f8:67:42:ce:3a:6c:78:
f2:d7:93:6a:be:db:82:60:25:0e:13:bc:af:e7:4a:
5b:cc:91:b6:8d:61:ad:77:79:ed:a0:cc:09:63:ed:
f1:6d:31:76:79:a5:e9:65:10:57:92:32:ea:ef:ee:
5b:f8:d2:82:b5:35:ea:04:4b:0f:8a:48:ad:36:5c:
31:32:6d:0f:74:13:ac:97:1c:2a:a8:41:7b:31:32:
84:70:7b:e2:47:5e:ad:f6:b7:99:6e:01:e2:0f:40:
a3:c4:94:72:4c:8b:09:4b:04:6c:0c:79:f6:c8:c5:
95:49:f5:22:26:c2:13:c6:89:e3:cf:a2:fc:f4:c8:
bb:79:9d:49:cf:61:a0:e2:ef:02:61:79:15:d9:e4:
60:d7:93:2e:25:55:d6:94:48:19:18:1d:f3:22:02:
67:29:b5:24:fc:ea:01:af:cd:b0:73:dd:3b:c7:07:
6e:35:0e:f5:7f:f7:c8:8e:7e:a8:1b:fa:1e:f9:bf:
69:94:6b:70:8d:5a:18:7a:73:dd:87:bb:e3:e3:29:
07:ac:d6:2b:f9:16:6b:be:7d:66:57:0b:97:54:24:
33:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:6D:64:D9:8B:44:08:73:C2:43:2D:83:49:9C:8D:61:A9:98:AA:41
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oG1k2YtECHPCQy2DSZyNYamYqkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:f3:32:9b:5d:52:79:b6:b4:db:3c:cc:3e:f0:de:19:77:a5:
8b:61:ad:a2:95:b5:1b:0b:06:2b:3d:61:62:45:d0:91:43:b2:
48:93:64:83:e4:03:fa:91:ee:5b:79:c1:be:4e:4f:3f:48:15:
da:ed:01:2c:1c:93:74:a2:a8:34:dd:4b:2c:dd:49:cf:b1:ef:
55:11:d3:16:e7:b3:a8:57:4c:02:0b:23:8f:5b:84:a9:38:c0:
86:ec:51:92:fd:3b:38:96:c0:73:be:44:66:10:1b:81:87:dc:
2f:cf:c7:69:97:17:7a:b0:5b:d2:b6:88:29:d9:7f:52:4c:2c:
b5:f0:bc:67:23:4f:56:f2:ff:71:0a:01:f7:73:d7:86:1c:43:
4a:4a:2b:66:f8:1d:9d:f1:f3:24:33:f6:b9:f6:8f:e1:32:07:
ba:74:67:c1:cf:71:55:04:ed:74:bf:72:29:5a:e8:fe:42:f2:
cc:d7:63:dc:d4:a7:56:f1:ea:73:f9:d2:58:0d:74:71:e7:63:
4a:d3:16:85:2a:b2:d3:ad:93:d7:37:de:c3:30:91:83:26:3e:
26:e4:58:11:e7:c1:dd:13:c5:6f:91:ba:d2:06:0c:09:9e:da:
3d:89:11:85:b2:f1:92:07:43:05:bb:44:c1:97:3b:0d:74:10:
ab:17:00:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqy6DZvPpUD46Ak/rRfZDLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMTQwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDZkNjRkOThiNDQwODczYzI0MzJkODM0OTljOGQ2MWE5OThhYTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMEgdE6EcOfj93TE/sZ2DXPsGXqD
XIIY5MHibpFz4H+L8te6wfhnQs46bHjy15NqvtuCYCUOE7yv50pbzJG2jWGtd3nt
oMwJY+3xbTF2eaXpZRBXkjLq7+5b+NKCtTXqBEsPikitNlwxMm0PdBOslxwqqEF7
MTKEcHviR16t9reZbgHiD0CjxJRyTIsJSwRsDHn2yMWVSfUiJsITxonjz6L89Mi7
eZ1Jz2Gg4u8CYXkV2eRg15MuJVXWlEgZGB3zIgJnKbUk/OoBr82wc907xwduNQ71
f/fIjn6oG/oe+b9plGtwjVoYenPdh7vj4ykHrNYr+RZrvn1mVwuXVCQz0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKBtZNmLRAhzwkMtg0mcjWGpmKpBMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb0cxazJZdEVDSFBDUXkyRFNaeU5ZYW1ZcWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK3zMptdUnm2tNs8zD7w
3hl3pYthraKVtRsLBis9YWJF0JFDskiTZIPkA/qR7lt5wb5OTz9IFdrtASwck3Si
qDTdSyzdSc+x71UR0xbns6hXTAILI49bhKk4wIbsUZL9OziWwHO+RGYQG4GH3C/P
x2mXF3qwW9K2iCnZf1JMLLXwvGcjT1by/3EKAfdz14YcQ0pKK2b4HZ3x8yQz9rn2
j+EyB7p0Z8HPcVUE7XS/cila6P5C8szXY9zUp1bx6nP50lgNdHHnY0rTFoUqstOt
k9c33sMwkYMmPibkWBHnwd0TxW+RutIGDAme2j2JEYWy8ZIHQwW7RMGXOw10EKsX
ALU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:45:07 2025 by rpki-client