Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oqYi7CDIBBnBwMfK27E7Tjij5yY.roa
File: oqYi7CDIBBnBwMfK27E7Tjij5yY.roa (raw, json)
Hash identifier: s3pM4bZCyOZCCV6YQ0xeiIBnA0RzigyBCCW/6R/HF60=
Subject key identifier: A2:A6:22:EC:20:C8:04:19:C1:C0:C7:CA:DB:B1:3B:4E:38:A3:E7:26
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5144410058DBDEE35BDEE7B8BE6AC347
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oqYi7CDIBBnBwMfK27E7Tjij5yY.roa
Signing time: Sun 10 Dec 2023 01:07:56 +0000
ROA not before: Sun 10 Dec 2023 01:07:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:5141:2484/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:51:44:41:00:58:db:de:e3:5b:de:e7:b8:be:6a:c3:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 01:07:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a622ec20c80419c1c0c7cadbb13b4e38a3e726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5b:36:a8:ad:2b:fb:77:69:4b:e2:92:50:ad:
8d:68:7d:85:60:a1:d2:8b:ae:66:82:b8:52:e4:1d:
eb:a8:26:db:9b:7b:60:f9:a7:89:30:65:88:09:ae:
1c:87:45:ef:19:7e:28:4a:ca:6a:a4:27:41:17:b3:
21:e6:24:ca:09:80:3d:b0:f8:33:cf:f6:ae:2e:27:
0e:0d:b2:c5:d3:a5:ab:77:46:be:36:fc:aa:91:af:
b5:d7:47:b2:fa:35:95:58:0c:11:39:9a:f1:7f:62:
57:cc:8e:8b:9d:33:2a:97:48:9f:bb:64:04:40:5e:
82:51:e9:0e:40:b3:15:44:1d:71:1b:cd:89:f7:ca:
9f:d1:71:d8:72:be:18:4d:54:4b:c2:98:6a:51:da:
d1:de:70:f1:cf:84:2e:74:be:16:17:2d:7a:68:6a:
da:7b:f3:a7:78:ea:f2:26:55:47:b9:60:22:7d:82:
b4:63:04:e8:bb:cb:30:22:08:8c:00:2e:12:2f:4e:
64:ce:0f:da:33:cd:5e:40:df:94:7b:d8:df:ea:69:
80:c7:b0:c7:6c:8a:1c:0c:3c:1a:d2:80:b3:87:23:
79:66:72:70:4b:1f:a7:3c:c2:c4:57:e8:a2:5f:fd:
fe:50:61:5f:6d:9b:fd:bd:69:93:a5:3c:9e:4a:88:
1b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A6:22:EC:20:C8:04:19:C1:C0:C7:CA:DB:B1:3B:4E:38:A3:E7:26
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oqYi7CDIBBnBwMfK27E7Tjij5yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:dc:c2:cb:ef:95:1f:93:e6:5c:a2:33:cc:af:77:71:f9:07:
68:de:7c:a2:70:14:3b:0c:f3:d1:25:3a:b7:0f:86:94:06:dd:
11:4e:e5:b9:b4:33:7b:5d:55:bb:45:51:93:68:19:78:cf:18:
30:63:6d:14:58:af:6f:f7:57:e6:02:d8:bf:11:67:51:31:5e:
7b:f7:17:27:be:92:94:2b:49:8c:95:34:3a:81:fa:da:82:a5:
70:f9:f1:a8:af:1c:72:32:c4:d2:f2:ab:16:a9:86:32:33:97:
81:d3:42:57:3a:0c:27:96:2e:96:95:0d:ff:ee:12:9f:cd:d4:
16:d2:33:1b:fc:5e:3a:15:c5:15:fc:4f:9d:2a:67:78:99:24:
66:3b:73:2d:1e:4b:7e:01:7a:fe:2d:41:da:b0:74:82:fe:a1:
9b:93:d3:09:c6:48:4a:54:4e:5e:ae:0a:65:86:d5:c8:2c:98:
9e:aa:d3:3d:e9:a8:12:ee:38:81:ef:ef:28:3b:af:57:d5:21:
4f:90:97:fa:bb:86:f6:9d:a4:d6:8b:28:1d:47:5b:a4:7e:38:
ae:fd:47:93:fa:f5:23:e6:ed:47:d3:d5:5f:37:91:a3:b5:58:
ff:fc:fd:c5:39:e8:3f:c1:fe:ec:a6:65:0f:1d:ce:28:cf:08:
e2:41:3a:3a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxRREEAWNve41ve57i+asNHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMDEwNzU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmE2MjJlYzIwYzgwNDE5YzFjMGM3Y2FkYmIxM2I0ZTM4YTNlNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmls2qK0r+3dpS+KSUK2NaH2FYKHS
i65mgrhS5B3rqCbbm3tg+aeJMGWICa4ch0XvGX4oSspqpCdBF7Mh5iTKCYA9sPgz
z/auLicODbLF06Wrd0a+Nvyqka+110ey+jWVWAwROZrxf2JXzI6LnTMql0ifu2QE
QF6CUekOQLMVRB1xG82J98qf0XHYcr4YTVRLwphqUdrR3nDxz4QudL4WFy16aGra
e/OneOryJlVHuWAifYK0YwTou8swIgiMAC4SL05kzg/aM81eQN+Ue9jf6mmAx7DH
bIocDDwa0oCzhyN5ZnJwSx+nPMLEV+iiX/3+UGFfbZv9vWmTpTyeSogbOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKKmIuwgyAQZwcDHytuxO044o+cmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb3FZaTdDRElCQm5Cd01mSzI3RTdUamlqNXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAfcwsvvlR+T5lyiM8yv
d3H5B2jefKJwFDsM89ElOrcPhpQG3RFO5bm0M3tdVbtFUZNoGXjPGDBjbRRYr2/3
V+YC2L8RZ1ExXnv3Fye+kpQrSYyVNDqB+tqCpXD58aivHHIyxNLyqxaphjIzl4HT
Qlc6DCeWLpaVDf/uEp/N1BbSMxv8XjoVxRX8T50qZ3iZJGY7cy0eS34Bev4tQdqw
dIL+oZuT0wnGSEpUTl6uCmWG1cgsmJ6q0z3pqBLuOIHv7yg7r1fVIU+Ql/q7hvad
pNaLKB1HW6R+OK79R5P69SPm7UfT1V83kaO1WP/8/cU56D/B/uymZQ8dzijPCOJB
Ojo=
-----END CERTIFICATE-----
Generated at Tue Apr 22 05:14:48 2025 by rpki-client