Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/olX5N2ynkWMmnOMcanu8YBM9Pz8.roa
File: olX5N2ynkWMmnOMcanu8YBM9Pz8.roa (raw, json)
Hash identifier: IPJb79HI1tGgyHxaXFcTcCM91Ml6Y4lEbVY/nsuGdyk=
Subject key identifier: A2:55:F9:37:6C:A7:91:63:26:9C:E3:1C:6A:7B:BC:60:13:3D:3F:3F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABFFFF4BD6942FF7316CCB3E1018BE477
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/olX5N2ynkWMmnOMcanu8YBM9Pz8.roa
Signing time: Sat 23 Sep 2023 03:05:37 +0000
ROA not before: Sat 23 Sep 2023 03:05:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:bfff:338b/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bf:ff:f4:bd:69:42:ff:73:16:cc:b3:e1:01:8b:e4:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 23 03:05:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a255f9376ca79163269ce31c6a7bbc60133d3f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e3:88:f0:c8:93:fb:d0:59:fd:80:8b:94:ac:
ef:53:9a:a1:8c:5a:72:34:85:4b:ed:98:d8:56:91:
3c:87:b2:14:25:f3:f6:00:9a:f2:c7:9a:36:db:4a:
72:4f:29:52:21:ea:fb:e2:89:1f:42:48:77:68:72:
e8:b3:62:8c:af:04:da:f1:11:5c:50:af:cf:9d:b1:
a3:ae:d7:cf:72:c1:14:19:1d:00:06:3e:ef:0c:78:
a4:34:8e:3f:f2:fb:d3:26:59:1e:28:45:64:7e:c7:
6e:d4:3e:2a:04:45:b8:1f:5e:6d:1e:b7:fa:de:8e:
19:25:f3:8b:dc:e9:0e:8b:71:3b:24:95:dc:03:bf:
e6:9f:7a:2e:bf:69:2b:9e:9b:ae:e0:f5:46:e7:42:
91:2c:67:72:29:98:3c:f0:57:70:5c:55:0c:21:b3:
6f:b2:5f:fd:3f:83:5d:52:ce:b1:98:a9:c2:5e:4a:
00:0c:ed:b8:7f:1a:ee:e1:72:e2:c6:76:29:71:4f:
a4:e8:2d:b7:14:1f:26:cf:84:33:75:b0:5f:10:5a:
e4:9a:dd:0f:31:f5:80:83:07:d7:47:0b:da:de:4a:
9c:da:94:7e:ea:10:d2:ee:cf:83:f7:0e:bb:49:1c:
27:d7:5d:af:41:2f:5a:33:2e:51:1b:f4:92:06:ae:
0c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:55:F9:37:6C:A7:91:63:26:9C:E3:1C:6A:7B:BC:60:13:3D:3F:3F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/olX5N2ynkWMmnOMcanu8YBM9Pz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:bb:ed:ba:9c:47:3b:c3:a9:20:7b:d1:04:d9:43:0c:3b:ba:
82:92:b3:b9:b7:e8:0c:77:48:fc:a9:58:66:03:47:5a:a7:1a:
0a:89:f8:b6:e8:2a:0a:24:bb:70:a9:83:a9:2c:3c:ef:7b:7b:
8b:3e:08:91:62:16:d7:d2:5a:16:d1:ca:a7:32:6f:c9:54:bb:
e1:0f:74:7b:0e:79:fb:d1:09:12:a2:43:79:84:4c:8f:64:e8:
71:7f:07:f3:99:1c:79:47:36:e1:33:46:1f:23:13:e2:5b:b1:
0c:0c:e1:58:d9:5f:07:e7:c2:4f:c7:03:f3:cd:51:18:c6:55:
a4:c1:51:21:a3:fd:53:06:df:59:fc:ea:c3:89:5c:52:22:04:
06:50:b0:1f:f1:84:f2:44:47:6e:2c:24:c2:b1:8d:09:82:70:
c3:c9:b6:a4:a4:cb:5e:40:13:5c:b6:87:de:f3:3f:8d:f9:11:
27:5c:6c:5b:a0:a5:f4:81:46:83:89:61:85:c9:30:22:56:08:
9e:ab:9d:6a:f3:d9:fb:62:05:b5:82:38:a6:ff:b1:89:ae:47:
23:35:43:fc:19:ce:8d:1c:0b:41:8e:8e:b4:7b:05:96:d5:39:
2a:3d:5e:f1:e5:ef:43:82:d6:3c:0a:48:40:e9:f0:be:fa:c9:
df:99:a0:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq///S9aUL/cxbMs+EBi+R3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIzMDMwNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjU1ZjkzNzZjYTc5MTYzMjY5Y2UzMWM2YTdiYmM2MDEzM2QzZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuOI8MiT+9BZ/YCLlKzvU5qhjFpy
NIVL7ZjYVpE8h7IUJfP2AJryx5o220pyTylSIer74okfQkh3aHLos2KMrwTa8RFc
UK/PnbGjrtfPcsEUGR0ABj7vDHikNI4/8vvTJlkeKEVkfsdu1D4qBEW4H15tHrf6
3o4ZJfOL3OkOi3E7JJXcA7/mn3ouv2krnpuu4PVG50KRLGdyKZg88FdwXFUMIbNv
sl/9P4NdUs6xmKnCXkoADO24fxru4XLixnYpcU+k6C23FB8mz4QzdbBfEFrkmt0P
MfWAgwfXRwva3kqc2pR+6hDS7s+D9w67SRwn112vQS9aMy5RG/SSBq4MzQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJV+Tdsp5FjJpzjHGp7vGATPT8/MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb2xYNU4yeW5rV01tbk9NY2FudThZQk05UHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJy77bqcRzvDqSB70QTZ
Qww7uoKSs7m36Ax3SPypWGYDR1qnGgqJ+LboKgoku3Cpg6ksPO97e4s+CJFiFtfS
WhbRyqcyb8lUu+EPdHsOefvRCRKiQ3mETI9k6HF/B/OZHHlHNuEzRh8jE+JbsQwM
4VjZXwfnwk/HA/PNURjGVaTBUSGj/VMG31n86sOJXFIiBAZQsB/xhPJER24sJMKx
jQmCcMPJtqSky15AE1y2h97zP435ESdcbFugpfSBRoOJYYXJMCJWCJ6rnWrz2fti
BbWCOKb/sYmuRyM1Q/wZzo0cC0GOjrR7BZbVOSo9XvHl70OC1jwKSEDp8L76yd+Z
oDE=
-----END CERTIFICATE-----
Generated at Wed Jun 11 09:34:10 2025 by rpki-client