Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oL3jiqug1aTzEpaazSAV_uj1vy8.roa
File: oL3jiqug1aTzEpaazSAV_uj1vy8.roa (raw, json)
Hash identifier: bCkrsq/7YLm0opCZxUy72RnwzoEZnSlqcTJGB2rAYLs=
Subject key identifier: A0:BD:E3:8A:AB:A0:D5:A4:F3:12:96:9A:CD:20:15:FE:E8:F5:BF:2F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA94205528265A49EA704EA5F819F49D3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oL3jiqug1aTzEpaazSAV_uj1vy8.roa
Signing time: Tue 07 Nov 2023 10:09:18 +0000
ROA not before: Tue 07 Nov 2023 10:09:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:42:05:52:82:65:a4:9e:a7:04:ea:5f:81:9f:49:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 10:09:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0bde38aaba0d5a4f312969acd2015fee8f5bf2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:38:e9:d4:64:77:2a:57:c2:a1:54:0f:8f:7c:
de:0d:ca:62:b0:fd:f5:76:33:76:60:62:b4:58:48:
dc:a1:fc:06:e1:2f:af:5f:75:a9:b5:7b:db:e6:47:
2f:e5:db:28:c1:7a:bd:10:e2:1d:84:81:98:af:4a:
fb:bd:29:27:90:4a:89:99:cc:75:9e:98:ff:40:1b:
3b:16:2a:e3:ea:12:cb:ab:07:1c:25:87:a5:ef:6e:
a1:18:02:9c:6d:87:6b:b9:f0:6e:a5:ea:ba:15:05:
75:6e:15:d9:51:9f:3c:d3:12:ed:4e:cf:e0:3e:26:
5a:c1:7f:aa:20:9a:69:19:79:ea:f9:9f:24:a9:1b:
c7:5b:e0:87:3d:dd:13:cd:16:3e:69:38:48:9b:cf:
e4:61:6f:36:33:91:24:c3:ca:26:36:55:a9:90:53:
d3:be:ef:43:9c:76:3f:32:5d:18:62:bd:f9:a4:9f:
bd:b5:1a:69:ba:ec:93:6e:f6:75:ea:d4:b5:20:b0:
91:34:47:8b:dc:e2:7e:4e:72:5f:8f:ef:a1:a8:67:
89:83:e1:e3:b6:83:94:91:e2:bd:72:23:b2:06:d5:
eb:84:f8:86:a7:3d:1e:99:c1:57:eb:c1:ef:85:85:
47:27:e7:28:61:4a:c8:25:91:e2:4c:ec:86:9d:5b:
93:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BD:E3:8A:AB:A0:D5:A4:F3:12:96:9A:CD:20:15:FE:E8:F5:BF:2F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oL3jiqug1aTzEpaazSAV_uj1vy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:f2:17:9c:1d:62:e2:2b:56:2e:c1:55:ce:04:87:6c:f1:f8:
82:be:a1:1e:75:09:09:e2:01:d1:8e:80:5d:48:64:be:05:51:
3c:c3:fb:42:b2:73:68:b3:da:12:7e:32:2f:84:87:a7:76:d1:
47:9f:3a:d9:4b:91:db:92:4b:b3:f0:56:f6:97:34:ce:1f:ba:
8c:05:17:e1:bb:8c:10:53:14:a1:db:75:04:f4:e0:1d:dc:54:
74:98:18:db:bf:bc:54:53:53:c1:5b:2e:63:0d:76:56:0a:26:
ce:54:49:2c:3f:1c:69:37:c2:b7:fa:ab:01:d9:a1:9a:f6:e2:
ab:a3:38:89:f0:38:c4:70:4d:a1:d7:e4:47:8e:b6:2b:07:af:
f1:f5:a8:09:d1:04:6e:19:d9:e7:0f:d5:09:53:27:45:c9:09:
f1:8a:64:cd:2e:f3:24:97:3e:f4:6b:2f:40:1a:28:74:b9:5f:
20:76:bb:ba:bc:41:3c:73:a6:8f:ed:df:6d:ca:19:88:d2:20:
21:3a:9a:50:21:8a:68:45:4f:6d:95:21:74:b5:7c:fe:91:be:
bf:35:90:de:f9:b0:da:7d:24:3d:b3:86:b6:54:b8:ff:f3:26:
e8:0a:68:08:58:d8:66:cd:d0:a6:e2:48:b0:42:ea:fb:36:29:
31:a7:82:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYupQgVSgmWknqcE6l+Bn0nTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MTAwOTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGJkZTM4YWFiYTBkNWE0ZjMxMjk2OWFjZDIwMTVmZWU4ZjViZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozjp1GR3KlfCoVQPj3zeDcpisP31
djN2YGK0WEjcofwG4S+vX3WptXvb5kcv5dsowXq9EOIdhIGYr0r7vSknkEqJmcx1
npj/QBs7Firj6hLLqwccJYel726hGAKcbYdrufBupeq6FQV1bhXZUZ880xLtTs/g
PiZawX+qIJppGXnq+Z8kqRvHW+CHPd0TzRY+aThIm8/kYW82M5Ekw8omNlWpkFPT
vu9DnHY/Ml0YYr35pJ+9tRppuuyTbvZ16tS1ILCRNEeL3OJ+TnJfj++hqGeJg+Hj
toOUkeK9ciOyBtXrhPiGpz0emcFX68HvhYVHJ+coYUrIJZHiTOyGnVuTfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKC944qroNWk8xKWms0gFf7o9b8vMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb0wzamlxdWcxYVR6RXBhYXpTQVZfdWoxdnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFLyF5wdYuIrVi7BVc4E
h2zx+IK+oR51CQniAdGOgF1IZL4FUTzD+0Kyc2iz2hJ+Mi+Eh6d20UefOtlLkduS
S7PwVvaXNM4fuowFF+G7jBBTFKHbdQT04B3cVHSYGNu/vFRTU8FbLmMNdlYKJs5U
SSw/HGk3wrf6qwHZoZr24qujOInwOMRwTaHX5EeOtisHr/H1qAnRBG4Z2ecP1QlT
J0XJCfGKZM0u8ySXPvRrL0AaKHS5XyB2u7q8QTxzpo/t323KGYjSICE6mlAhimhF
T22VIXS1fP6Rvr81kN75sNp9JD2zhrZUuP/zJugKaAhY2GbN0KbiSLBC6vs2KTGn
gh0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:13:55 2025 by rpki-client