Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOA0cbgkX_1-k4eRzrrRlhpMmA4.roa
File: rOA0cbgkX_1-k4eRzrrRlhpMmA4.roa (raw, json)
Hash identifier: 3KPnyXOGczIEuLXVCCQCxIOWyIJt9LsYGe4ivDgzowI=
Subject key identifier: AC:E0:34:71:B8:24:5F:FD:7E:93:87:91:CE:BA:D1:96:1A:4C:98:0E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C691A6381CF640EA2B5D1A2E9E7C7F51A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOA0cbgkX_1-k4eRzrrRlhpMmA4.roa
Signing time: Thu 14 Dec 2023 16:13:06 +0000
ROA not before: Thu 14 Dec 2023 16:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:69:1a:63:81:cf:64:0e:a2:b5:d1:a2:e9:e7:c7:f5:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 16:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ace03471b8245ffd7e938791cebad1961a4c980e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:56:43:9a:fc:63:4b:48:2b:ae:7d:24:96:82:
0a:c1:d0:57:cf:72:96:6f:00:88:17:62:a7:d6:65:
c9:87:d3:d4:d9:14:fb:f7:a1:3e:cb:1f:63:b7:cf:
d0:55:05:2b:2f:24:df:01:d6:ff:5e:61:6b:26:12:
05:90:3c:74:02:2d:57:a9:f6:48:42:50:7a:34:c3:
73:37:95:44:58:bc:ea:b4:b2:b0:91:30:2c:63:32:
7d:65:6c:a6:89:27:1d:1d:90:00:87:ba:c9:72:08:
df:0e:f3:14:5b:99:1c:60:94:32:ec:f9:94:7d:0e:
1f:8f:b7:7c:bc:0a:3a:4d:56:24:47:46:d7:92:91:
05:3f:50:b8:9b:5e:6c:71:db:6e:69:e5:23:90:69:
83:f8:61:fb:38:db:9b:c4:e1:bb:af:b2:4e:35:87:
27:62:53:a1:9c:75:88:83:a7:45:12:ce:16:20:e3:
a9:a0:7b:0b:97:96:23:7f:06:7b:d2:8e:9b:19:0e:
2a:65:69:f2:9d:cf:50:95:4e:35:b4:d6:3a:65:4f:
e1:d5:a3:1e:db:d1:82:c4:1f:83:52:4e:7a:29:b5:
9f:4e:ba:ab:e3:b0:b2:73:e7:fe:95:6c:58:f8:0c:
50:32:42:93:1b:1a:2b:fc:c3:91:ca:2e:d4:6f:d6:
8b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E0:34:71:B8:24:5F:FD:7E:93:87:91:CE:BA:D1:96:1A:4C:98:0E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOA0cbgkX_1-k4eRzrrRlhpMmA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:fd:70:c7:04:5a:fc:cf:26:26:6c:99:91:f5:52:a3:1a:4b:
3d:6f:cd:c5:0a:96:e7:d6:c2:71:3e:b7:88:d3:b7:70:2c:e8:
d1:23:12:d8:5d:d8:fa:ec:91:0b:a0:66:ad:4e:e9:57:85:44:
1b:63:af:8f:97:99:76:b3:80:63:e4:dd:35:4f:a4:6c:ee:ef:
54:37:c9:0c:ce:59:a7:3f:5a:58:26:12:5a:b8:09:04:43:80:
4b:e5:8d:89:f4:28:5e:d0:26:99:12:89:66:38:e4:1a:be:2c:
ee:d0:8f:ea:01:fb:17:69:44:56:54:2c:cb:84:db:3a:cb:07:
81:10:eb:0f:5b:35:12:d4:23:7e:8c:a4:29:9e:bf:96:fa:0b:
9b:43:bb:8b:f6:91:ec:61:48:f8:ab:5d:f4:a4:f0:aa:4f:b9:
3d:fd:89:c3:fe:5f:c3:ed:23:06:16:f5:2d:17:0f:5c:06:a0:
88:c0:a9:4d:09:d3:d2:3b:bc:c3:d6:7f:be:87:72:58:56:ff:
4c:f1:9b:df:a9:e5:9a:59:82:25:ff:2e:03:ab:23:f1:fc:ca:
3b:e7:b9:14:29:7e:50:a5:ff:bb:42:b9:0a:f4:aa:6a:8c:03:
a3:24:cb:eb:86:e1:c3:cf:ba:20:c6:ff:ba:28:34:57:9d:13:
e7:98:c7:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxpGmOBz2QOorXRounnx/UaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MTYxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2UwMzQ3MWI4MjQ1ZmZkN2U5Mzg3OTFjZWJhZDE5NjFhNGM5ODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlZDmvxjS0grrn0kloIKwdBXz3KW
bwCIF2Kn1mXJh9PU2RT796E+yx9jt8/QVQUrLyTfAdb/XmFrJhIFkDx0Ai1XqfZI
QlB6NMNzN5VEWLzqtLKwkTAsYzJ9ZWymiScdHZAAh7rJcgjfDvMUW5kcYJQy7PmU
fQ4fj7d8vAo6TVYkR0bXkpEFP1C4m15scdtuaeUjkGmD+GH7ONubxOG7r7JONYcn
YlOhnHWIg6dFEs4WIOOpoHsLl5YjfwZ70o6bGQ4qZWnync9QlU41tNY6ZU/h1aMe
29GCxB+DUk56KbWfTrqr47Cyc+f+lWxY+AxQMkKTGxor/MORyi7Ub9aLDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzgNHG4JF/9fpOHkc660ZYaTJgOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvck9BMGNiZ2tYXzEtazRlUnpyclJsaHBNbUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFn9cMcEWvzPJiZsmZH1
UqMaSz1vzcUKlufWwnE+t4jTt3As6NEjEthd2PrskQugZq1O6VeFRBtjr4+XmXaz
gGPk3TVPpGzu71Q3yQzOWac/WlgmElq4CQRDgEvljYn0KF7QJpkSiWY45Bq+LO7Q
j+oB+xdpRFZULMuE2zrLB4EQ6w9bNRLUI36MpCmev5b6C5tDu4v2kexhSPirXfSk
8KpPuT39icP+X8PtIwYW9S0XD1wGoIjAqU0J09I7vMPWf76HclhW/0zxm9+p5ZpZ
giX/LgOrI/H8yjvnuRQpflCl/7tCuQr0qmqMA6Mky+uG4cPPuiDG/7ooNFedE+eY
x1A=
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:42:50 2025 by rpki-client