Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oJb2cpLktyRE4oeuDKN4sqgiNfo.roa
File: oJb2cpLktyRE4oeuDKN4sqgiNfo.roa (raw, json)
Hash identifier: xQHDsxlwb4ZcZvLqOu5NVppzYEMfo0k9pqSy9nKwBDQ=
Subject key identifier: A0:96:F6:72:92:E4:B7:24:44:E2:87:AE:0C:A3:78:B2:A8:22:35:FA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C186F6B7EDA80920B1B077E72421AD750
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oJb2cpLktyRE4oeuDKN4sqgiNfo.roa
Signing time: Wed 29 Nov 2023 00:16:44 +0000
ROA not before: Wed 29 Nov 2023 00:16:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:18:6f:6b:7e:da:80:92:0b:1b:07:7e:72:42:1a:d7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 29 00:16:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a096f67292e4b72444e287ae0ca378b2a82235fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:5c:42:50:20:be:a2:53:e3:21:45:c8:0f:56:
09:96:c6:c3:c2:83:24:eb:aa:2c:b3:1f:6c:3f:0f:
20:85:01:dd:6c:34:6e:36:2a:f9:f5:80:06:56:e0:
a6:64:a8:01:72:bf:4d:eb:e2:0e:52:10:d0:3f:16:
1a:c0:62:c4:e8:56:ed:0f:1e:83:d0:83:32:86:1e:
4a:10:1d:fd:cc:60:5b:0b:03:a8:ee:28:d0:20:28:
48:e9:af:84:e6:eb:ef:dd:fc:82:4d:4e:33:13:9b:
c0:73:1a:ea:77:7a:05:a9:4b:d4:0c:78:36:17:67:
4c:df:b1:0e:ee:a2:90:b2:9d:a3:5c:7a:7d:a2:9c:
42:88:d7:69:86:90:58:77:ef:f0:87:70:de:a8:8c:
48:ba:59:4d:7b:c0:69:1a:7f:d2:ae:a7:7d:5d:3e:
40:61:5e:13:43:0e:66:49:3b:7e:f5:03:c5:87:ed:
03:81:76:38:5d:96:6f:d4:9a:9f:3f:78:0e:10:c5:
6d:2a:00:a0:89:84:2a:46:65:46:0a:d5:47:0a:4a:
0a:ae:4d:e2:7a:89:6f:d8:43:2f:68:e6:bb:3d:4e:
26:d1:82:cc:21:61:a5:32:56:a3:eb:b7:47:5b:39:
59:73:ed:59:54:9d:7a:93:a9:d8:0c:f4:6b:a9:ac:
f3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:96:F6:72:92:E4:B7:24:44:E2:87:AE:0C:A3:78:B2:A8:22:35:FA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oJb2cpLktyRE4oeuDKN4sqgiNfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:61:a1:e6:95:1e:c3:d4:5f:7b:21:ed:5e:65:11:02:ef:75:
64:5e:7c:20:79:a2:7c:59:b2:6b:8c:e9:18:f9:f2:99:fd:e5:
5b:cf:27:25:31:3e:cb:84:a7:c6:65:62:a0:bb:13:20:0a:a4:
a9:5a:a7:31:c3:3a:c3:b7:26:6a:27:c5:b2:91:d7:62:5c:d8:
74:a5:d9:40:d0:49:6b:d7:b6:24:04:c4:1a:d4:6a:95:3e:64:
f5:a1:dd:c5:4a:78:3e:cf:73:fe:5d:57:f3:cd:30:db:0f:83:
b7:3c:8b:58:dc:c0:d9:dc:f4:43:7f:ca:98:78:bd:ae:60:ae:
f1:bb:be:79:e9:35:7e:40:7e:24:a7:f2:57:28:cf:88:9d:5a:
65:b7:1e:c3:de:9d:f5:da:c2:a0:b9:38:92:b0:da:b2:85:0f:
c4:e2:bc:1e:0e:a1:7e:62:ac:7f:62:2c:27:2f:f5:1a:79:41:
dd:ea:1c:3a:18:6b:17:d0:8e:c6:ea:8a:fe:34:1e:67:53:58:
13:e3:2f:e8:a4:b2:a4:0b:5d:5b:c5:60:75:48:75:27:a5:84:
8e:3b:0f:cd:db:8e:ad:07:aa:6f:7e:a3:17:d8:e6:8a:b0:42:
d8:a7:cb:40:70:2b:cd:e0:e6:7e:e8:2a:5f:89:49:ea:4d:3b:
61:eb:1a:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwYb2t+2oCSCxsHfnJCGtdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI5MDAxNjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDk2ZjY3MjkyZTRiNzI0NDRlMjg3YWUwY2EzNzhiMmE4MjIzNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVxCUCC+olPjIUXID1YJlsbDwoMk
66ossx9sPw8ghQHdbDRuNir59YAGVuCmZKgBcr9N6+IOUhDQPxYawGLE6FbtDx6D
0IMyhh5KEB39zGBbCwOo7ijQIChI6a+E5uvv3fyCTU4zE5vAcxrqd3oFqUvUDHg2
F2dM37EO7qKQsp2jXHp9opxCiNdphpBYd+/wh3DeqIxIullNe8BpGn/Srqd9XT5A
YV4TQw5mSTt+9QPFh+0DgXY4XZZv1JqfP3gOEMVtKgCgiYQqRmVGCtVHCkoKrk3i
eolv2EMvaOa7PU4m0YLMIWGlMlaj67dHWzlZc+1ZVJ16k6nYDPRrqazz3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKCW9nKS5LckROKHrgyjeLKoIjX6MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb0piMmNwTGt0eVJFNG9ldURLTjRzcWdpTmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJdhoeaVHsPUX3sh7V5l
EQLvdWRefCB5onxZsmuM6Rj58pn95VvPJyUxPsuEp8ZlYqC7EyAKpKlapzHDOsO3
JmonxbKR12Jc2HSl2UDQSWvXtiQExBrUapU+ZPWh3cVKeD7Pc/5dV/PNMNsPg7c8
i1jcwNnc9EN/yph4va5grvG7vnnpNX5AfiSn8lcoz4idWmW3HsPenfXawqC5OJKw
2rKFD8TivB4OoX5irH9iLCcv9Rp5Qd3qHDoYaxfQjsbqiv40HmdTWBPjL+iksqQL
XVvFYHVIdSelhI47D83bjq0Hqm9+oxfY5oqwQtiny0BwK83g5n7oKl+JSepNO2Hr
GrA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:14:24 2025 by rpki-client