Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOU-0rl4mjTBBDvSFSFMkQonBw0.roa
File: rOU-0rl4mjTBBDvSFSFMkQonBw0.roa (raw, json)
Hash identifier: kqTaX4GiLLAyawUeUkieirocCMwrzh9W/0LmwoQUExY=
Subject key identifier: AC:E5:3E:D2:B9:78:9A:34:C1:04:3B:D2:15:21:4C:91:0A:27:07:0D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC9751C27C4A3A362EA0F70EF2FED1C75
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOU-0rl4mjTBBDvSFSFMkQonBw0.roa
Signing time: Mon 13 Nov 2023 16:12:57 +0000
ROA not before: Mon 13 Nov 2023 16:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:75:1c:27:c4:a3:a3:62:ea:0f:70:ef:2f:ed:1c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 16:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ace53ed2b9789a34c1043bd215214c910a27070d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:65:8b:5b:50:d4:89:9c:eb:52:b3:45:74:85:
c0:6a:71:5b:c5:f8:96:83:87:54:39:84:83:8c:4e:
a9:8b:fb:50:eb:2e:67:61:73:6f:08:26:82:f4:a7:
9b:45:6a:7f:97:ab:8c:8a:05:75:e6:0b:fe:c7:04:
f9:77:52:cd:66:05:66:51:78:d6:3c:d0:91:cb:3e:
fe:c4:49:ac:52:23:1c:45:e6:f3:ba:42:fb:09:a4:
a9:a6:bb:73:82:24:fc:61:72:a1:aa:a4:f3:a1:41:
96:a7:10:66:89:d2:c5:8c:fb:3f:de:b7:4d:b1:6c:
1a:3f:6c:ba:f9:e7:f7:d6:6f:8a:93:a3:d2:ff:53:
64:a2:5a:9f:15:29:8a:14:69:cc:3f:35:67:4a:ca:
ad:db:aa:aa:37:2b:5d:36:c9:82:c3:4c:40:a8:dd:
bc:d6:ce:1d:88:a4:d6:fa:aa:61:44:f2:d5:c3:1a:
56:28:fb:ad:57:ff:f9:60:59:b8:fd:17:49:f8:60:
6e:2b:4a:3d:d8:11:6e:5a:c6:65:3f:32:c7:1a:4c:
0a:25:6f:d6:a5:80:2b:62:69:99:03:d3:36:4b:0d:
2e:81:9c:03:ef:71:4d:97:81:bd:74:ca:84:c3:ae:
90:0b:bb:7c:77:41:02:31:6e:b3:98:df:a8:2d:a4:
55:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:E5:3E:D2:B9:78:9A:34:C1:04:3B:D2:15:21:4C:91:0A:27:07:0D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/rOU-0rl4mjTBBDvSFSFMkQonBw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:28:41:26:56:a3:f7:56:0d:53:62:22:0b:e6:7a:05:e4:11:
d4:04:be:81:f5:94:ce:86:7a:26:a9:b4:10:5b:3f:21:1e:b0:
90:8e:b2:1c:48:df:00:0e:64:18:ad:60:36:7c:df:66:05:7f:
bd:62:88:6a:15:05:56:37:dd:05:7f:08:1c:e2:a0:2d:40:cf:
c3:42:ad:0e:61:d9:d0:8b:33:94:96:2f:fe:d8:c1:2a:62:55:
98:ac:cd:f9:5d:6c:df:b6:ac:0e:c3:3a:6a:ce:1c:a5:a5:55:
62:f2:e2:b2:0b:7d:b9:af:61:41:40:d7:8c:9c:40:4b:68:f4:
e4:da:dc:6d:81:f0:61:d5:cf:7a:ea:d2:7e:4d:05:f8:85:2f:
99:79:dd:3a:7f:d5:a3:e8:dc:68:0d:12:12:e5:fd:3b:b4:02:
39:2a:6a:8a:81:63:67:aa:a8:a2:cb:48:f7:44:3e:ae:c8:4d:
98:a6:77:c0:0d:23:aa:31:42:4b:54:f5:5a:f4:fd:19:5d:43:
8c:c6:bf:eb:aa:5d:22:8a:a6:98:90:6d:58:5f:b4:63:9e:c8:
88:c2:c0:2c:1b:9d:e9:99:47:b7:79:42:bb:31:ff:f9:eb:ba:
5b:05:5b:17:3f:e7:02:72:25:b4:95:7d:06:ca:0c:36:f6:ae:
a0:52:c5:c4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvJdRwnxKOjYuoPcO8v7Rx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMTYxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2U1M2VkMmI5Nzg5YTM0YzEwNDNiZDIxNTIxNGM5MTBhMjcwNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGWLW1DUiZzrUrNFdIXAanFbxfiW
g4dUOYSDjE6pi/tQ6y5nYXNvCCaC9KebRWp/l6uMigV15gv+xwT5d1LNZgVmUXjW
PNCRyz7+xEmsUiMcRebzukL7CaSpprtzgiT8YXKhqqTzoUGWpxBmidLFjPs/3rdN
sWwaP2y6+ef31m+Kk6PS/1NkolqfFSmKFGnMPzVnSsqt26qqNytdNsmCw0xAqN28
1s4diKTW+qphRPLVwxpWKPutV//5YFm4/RdJ+GBuK0o92BFuWsZlPzLHGkwKJW/W
pYArYmmZA9M2Sw0ugZwD73FNl4G9dMqEw66QC7t8d0ECMW6zmN+oLaRVRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzlPtK5eJo0wQQ70hUhTJEKJwcNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvck9VLTBybDRtalRCQkR2U0ZTRk1rUW9uQncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKgoQSZWo/dWDVNiIgvm
egXkEdQEvoH1lM6GeiaptBBbPyEesJCOshxI3wAOZBitYDZ832YFf71iiGoVBVY3
3QV/CBzioC1Az8NCrQ5h2dCLM5SWL/7YwSpiVZiszfldbN+2rA7DOmrOHKWlVWLy
4rILfbmvYUFA14ycQEto9OTa3G2B8GHVz3rq0n5NBfiFL5l53Tp/1aPo3GgNEhLl
/Tu0AjkqaoqBY2eqqKLLSPdEPq7ITZimd8ANI6oxQktU9Vr0/RldQ4zGv+uqXSKK
ppiQbVhftGOeyIjCwCwbnemZR7d5Qrsx//nrulsFWxc/5wJyJbSVfQbKDDb2rqBS
xcQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:33:37 2025 by rpki-client