Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ox3wxHvX2y9-EZV3oqf9fY2bBxM.roa
File: ox3wxHvX2y9-EZV3oqf9fY2bBxM.roa (raw, json)
Hash identifier: 0rmHqqdowzhAK+NfteUxbMZ1BOe7ZRn1j3wwYSdJP1c=
Subject key identifier: A3:1D:F0:C4:7B:D7:DB:2F:7E:11:95:77:A2:A7:FD:7D:8D:9B:07:13
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3F044A53E766F671C7ECB09662DAAFFC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ox3wxHvX2y9-EZV3oqf9fY2bBxM.roa
Signing time: Wed 06 Dec 2023 12:04:54 +0000
ROA not before: Wed 06 Dec 2023 12:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:3f03:e3c3/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:04:4a:53:e7:66:f6:71:c7:ec:b0:96:62:da:af:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 12:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a31df0c47bd7db2f7e119577a2a7fd7d8d9b0713
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:06:4d:af:23:1f:25:65:92:ab:6e:20:7c:f3:
23:8e:d4:ba:df:ce:57:81:4b:c0:5c:2e:9c:87:c7:
50:fa:3e:33:a1:42:cf:4d:c3:a8:24:44:49:60:ee:
d1:ca:1c:d2:86:71:bc:28:81:65:3f:0a:d7:65:8d:
79:00:a6:68:96:2c:7f:f0:5b:60:10:6f:cd:c2:7f:
bb:76:d5:53:cb:0a:7a:68:e8:3e:04:f5:7c:6e:9a:
cf:3b:6d:98:78:cc:6f:cd:e8:9c:59:c4:95:3c:de:
6f:2a:39:88:4c:c1:cc:a1:e0:a4:1e:82:86:14:a1:
5d:cb:0a:ac:72:a1:04:d5:dc:f3:08:04:42:21:2c:
f4:14:27:04:89:dd:2f:11:28:7a:46:bc:be:a1:9c:
c6:29:3a:9b:1a:f2:3e:52:cb:5f:66:01:e8:54:04:
e1:fc:34:c6:ea:5d:bf:66:1e:b6:47:fc:05:35:9d:
44:a2:62:04:00:e8:e4:3c:8e:54:8f:84:d4:93:34:
aa:df:7d:80:1a:e9:33:b0:51:9f:a6:c4:07:43:a5:
5b:a1:21:99:44:64:66:ad:6c:6b:a5:0f:0b:a8:67:
96:84:30:98:c3:93:dc:2a:8f:7d:16:5d:6b:a7:31:
d8:28:12:be:73:1d:15:4d:63:4e:c2:6c:af:04:a4:
2d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1D:F0:C4:7B:D7:DB:2F:7E:11:95:77:A2:A7:FD:7D:8D:9B:07:13
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ox3wxHvX2y9-EZV3oqf9fY2bBxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5b:ad:9c:7c:48:ec:b5:d3:7f:a3:67:5d:43:97:2c:88:bb:b0:
62:9f:22:97:be:ce:a8:e8:f8:da:e7:24:d7:78:fa:24:4e:8f:
5d:3e:55:10:8f:b4:0d:b7:d8:33:55:a9:df:b1:b2:bf:c8:22:
92:9d:8a:8b:54:84:49:35:4c:9e:d7:88:7f:c0:26:48:89:92:
3f:37:00:8d:06:8a:e9:d5:c7:d6:91:53:04:0c:fb:03:0d:48:
7f:56:5b:b4:20:23:25:4e:d9:1d:0e:5c:85:36:ba:b4:f6:9b:
1e:d8:0a:82:4b:f2:22:85:2b:c8:eb:9f:35:27:db:16:ce:d2:
50:9f:ad:91:d4:82:63:53:45:58:5b:67:b1:97:2c:71:0d:9c:
b6:94:7d:6a:d2:5d:6c:9b:7e:14:1d:46:1f:18:58:be:a3:27:
54:27:1e:e7:36:30:97:ed:a4:54:da:12:36:61:db:74:4a:18:
b5:e5:9c:10:23:19:51:a2:89:f3:97:6f:af:b7:d4:bd:b0:fa:
55:ae:7a:e5:77:61:0a:f4:01:f8:dc:1c:e4:c7:a2:4d:1a:93:
e7:01:f9:ac:a7:bf:97:64:31:cf:f1:07:59:00:fc:5d:c4:ad:
e0:7d:9a:01:02:4a:07:85:da:2f:e0:4d:26:a8:43:8e:a0:44:
b0:62:1e:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw/BEpT52b2ccfssJZi2q/8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MTIwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzFkZjBjNDdiZDdkYjJmN2UxMTk1NzdhMmE3ZmQ3ZDhkOWIwNzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgZNryMfJWWSq24gfPMjjtS6385X
gUvAXC6ch8dQ+j4zoULPTcOoJERJYO7RyhzShnG8KIFlPwrXZY15AKZolix/8Ftg
EG/Nwn+7dtVTywp6aOg+BPV8bprPO22YeMxvzeicWcSVPN5vKjmITMHMoeCkHoKG
FKFdywqscqEE1dzzCARCISz0FCcEid0vESh6Rry+oZzGKTqbGvI+UstfZgHoVATh
/DTG6l2/Zh62R/wFNZ1EomIEAOjkPI5Uj4TUkzSq332AGukzsFGfpsQHQ6VboSGZ
RGRmrWxrpQ8LqGeWhDCYw5PcKo99Fl1rpzHYKBK+cx0VTWNOwmyvBKQtowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKMd8MR719svfhGVd6Kn/X2NmwcTMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb3gzd3hIdlgyeTktRVpWM29xZjlmWTJiQnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFutnHxI7LXTf6NnXUOX
LIi7sGKfIpe+zqjo+NrnJNd4+iROj10+VRCPtA232DNVqd+xsr/IIpKdiotUhEk1
TJ7XiH/AJkiJkj83AI0GiunVx9aRUwQM+wMNSH9WW7QgIyVO2R0OXIU2urT2mx7Y
CoJL8iKFK8jrnzUn2xbO0lCfrZHUgmNTRVhbZ7GXLHENnLaUfWrSXWybfhQdRh8Y
WL6jJ1QnHuc2MJftpFTaEjZh23RKGLXlnBAjGVGiifOXb6+31L2w+lWueuV3YQr0
AfjcHOTHok0ak+cB+aynv5dkMc/xB1kA/F3EreB9mgECSgeF2i/gTSaoQ46gRLBi
HlE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:09:22 2025 by rpki-client