Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/omT7RupDs7I4XGCn9rh3rSKLKYo.roa
File: omT7RupDs7I4XGCn9rh3rSKLKYo.roa (raw, json)
Hash identifier: Qs8O5Bh5cLNGuJ4V58V2S3pe+AbeY8G0FS6iIfW2V9U=
Subject key identifier: A2:64:FB:46:EA:43:B3:B2:38:5C:60:A7:F6:B8:77:AD:22:8B:29:8A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B1FB93F04736A0E7610E2AE92225B13BD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/omT7RupDs7I4XGCn9rh3rSKLKYo.roa
Signing time: Wed 11 Oct 2023 17:11:55 +0000
ROA not before: Wed 11 Oct 2023 17:11:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1f:b9:3f:04:73:6a:0e:76:10:e2:ae:92:22:5b:13:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 11 17:11:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a264fb46ea43b3b2385c60a7f6b877ad228b298a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:55:ac:76:9c:18:df:80:c1:ad:98:2a:a3:68:
ad:e3:26:6d:2e:a8:30:e5:74:8a:6e:fb:b3:ad:99:
68:9b:bc:f8:76:ae:50:9d:50:2e:6c:b0:d0:8c:39:
83:48:fc:08:92:f4:39:d5:61:68:b6:a0:03:6a:de:
d0:17:ea:4b:0a:8c:66:68:1b:b0:cd:ec:3a:bc:ac:
93:75:b3:6b:92:21:04:42:21:cc:c0:e7:4c:ed:9f:
e2:6f:66:11:43:e6:b2:2a:5a:4c:ec:a3:3e:a7:68:
a7:58:58:32:b2:9d:fb:fc:a3:4a:05:19:58:0a:a8:
8c:b1:08:da:10:57:3e:73:7c:79:f0:97:42:d1:fb:
e2:dc:48:dc:df:18:71:33:82:3e:8c:5d:04:bd:48:
94:9c:a2:77:7a:49:6a:b6:3e:4d:77:1f:af:ab:25:
e0:10:6d:0c:fd:a5:d0:df:6b:7e:5d:a3:20:11:71:
ff:46:95:41:3e:88:7c:ff:54:ff:a5:29:11:28:2c:
9b:54:23:f1:e2:e2:52:9d:12:7e:b1:80:09:ae:4e:
34:08:a4:5e:9c:a2:06:31:d2:ff:0e:e3:4e:f7:ec:
d6:3a:95:bd:ad:a9:dc:57:a2:e7:5a:3f:6b:93:db:
d8:90:9e:02:78:d8:63:60:03:98:04:91:67:f1:87:
ee:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:64:FB:46:EA:43:B3:B2:38:5C:60:A7:F6:B8:77:AD:22:8B:29:8A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/omT7RupDs7I4XGCn9rh3rSKLKYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:2b:1d:bc:d9:b7:2e:13:b9:7f:b5:eb:1c:be:16:f4:55:11:
46:ab:15:6f:31:c9:81:d0:11:93:8b:a4:bd:04:53:bc:69:5f:
f3:13:e7:d1:41:34:63:9f:21:df:1e:3e:e9:96:45:bd:d1:34:
f0:da:41:4d:be:7a:22:4c:70:d3:9a:fe:c9:9d:f4:3d:73:9f:
6a:91:4b:93:8e:6d:e0:33:61:8c:21:48:dd:ad:a8:92:b1:ba:
b8:42:e8:30:c5:bc:61:82:96:12:66:23:7d:59:e0:1e:38:9c:
70:13:ca:6a:66:f6:52:c7:89:68:a0:b6:1c:8c:1e:af:19:5c:
47:81:4d:a6:f8:ea:4e:f5:06:6d:87:7e:a8:bf:f7:16:fb:5f:
e1:37:8d:ef:d4:ef:b3:1c:64:78:c5:e6:40:61:97:7f:58:c6:
e4:9f:8a:7b:cc:0f:7b:98:54:3b:98:d1:8d:9b:de:4d:86:5b:
04:90:ca:48:1b:41:a3:fb:16:8a:11:da:4f:c4:1c:f7:2f:8a:
f3:c4:79:aa:c2:c2:4c:2f:08:2a:8b:ff:74:8f:ca:64:a6:2c:
89:2f:94:6a:2b:84:d5:e9:4c:8a:ee:50:e3:d1:bc:b9:af:66:
73:21:1d:42:be:90:b2:f5:43:ae:e9:dd:24:7f:2f:40:b9:7b:
12:f2:b7:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsfuT8Ec2oOdhDirpIiWxO9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDExMTcxMTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY0ZmI0NmVhNDNiM2IyMzg1YzYwYTdmNmI4NzdhZDIyOGIyOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1WsdpwY34DBrZgqo2it4yZtLqgw
5XSKbvuzrZlom7z4dq5QnVAubLDQjDmDSPwIkvQ51WFotqADat7QF+pLCoxmaBuw
zew6vKyTdbNrkiEEQiHMwOdM7Z/ib2YRQ+ayKlpM7KM+p2inWFgysp37/KNKBRlY
CqiMsQjaEFc+c3x58JdC0fvi3Ejc3xhxM4I+jF0EvUiUnKJ3eklqtj5Ndx+vqyXg
EG0M/aXQ32t+XaMgEXH/RpVBPoh8/1T/pSkRKCybVCPx4uJSnRJ+sYAJrk40CKRe
nKIGMdL/DuNO9+zWOpW9rancV6LnWj9rk9vYkJ4CeNhjYAOYBJFn8YfuWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJk+0bqQ7OyOFxgp/a4d60iiymKMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb21UN1J1cERzN0k0WEdDbjlyaDNyU0tMS1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADgrHbzZty4TuX+16xy+
FvRVEUarFW8xyYHQEZOLpL0EU7xpX/MT59FBNGOfId8ePumWRb3RNPDaQU2+eiJM
cNOa/smd9D1zn2qRS5OObeAzYYwhSN2tqJKxurhC6DDFvGGClhJmI31Z4B44nHAT
ympm9lLHiWigthyMHq8ZXEeBTab46k71Bm2Hfqi/9xb7X+E3je/U77McZHjF5kBh
l39YxuSfinvMD3uYVDuY0Y2b3k2GWwSQykgbQaP7FooR2k/EHPcvivPEearCwkwv
CCqL/3SPymSmLIkvlGorhNXpTIruUOPRvLmvZnMhHUK+kLL1Q67p3SR/L0C5exLy
tzk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:08:48 2025 by rpki-client