Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/usOtpGoknEbgJv9SNtsnNQZ8aFU.roa
File: usOtpGoknEbgJv9SNtsnNQZ8aFU.roa (raw, json)
Hash identifier: QVWOd4Cn+xe9NtvZj11gHSPTJeFWudwLkCzJZmXq94A=
Subject key identifier: BA:C3:AD:A4:6A:24:9C:46:E0:26:FF:52:36:DB:27:35:06:7C:68:55
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3ABFA8A0B34D63EE7FC16D96DF90DEFB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/usOtpGoknEbgJv9SNtsnNQZ8aFU.roa
Signing time: Mon 16 Oct 2023 23:08:40 +0000
ROA not before: Mon 16 Oct 2023 23:08:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:3abb:b07f/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3a:bf:a8:a0:b3:4d:63:ee:7f:c1:6d:96:df:90:de:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 16 23:08:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bac3ada46a249c46e026ff5236db2735067c6855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:aa:a0:7f:4a:61:8d:12:c6:24:67:e4:f5:c2:
d4:22:31:74:b1:a6:1e:ef:56:42:59:f6:0f:34:2b:
08:b0:14:ca:35:39:c0:9e:d9:24:6a:1d:4c:b2:bd:
36:70:92:d7:01:49:fa:f4:a7:4b:b5:ce:b3:5e:77:
3e:ef:ea:51:9d:27:57:ba:22:df:3e:5e:0b:f9:34:
e3:58:59:7d:96:49:92:a6:36:ee:8a:62:56:ad:e0:
58:4f:78:60:fe:ba:6a:1f:7a:da:85:a6:29:50:76:
e4:43:29:d5:9f:ee:65:e4:cd:34:a9:f9:6c:a2:8b:
17:42:64:7b:df:d7:53:a5:df:39:bb:4b:3f:be:35:
cc:ac:ed:2b:81:02:6f:9a:1a:b2:d1:c3:fa:0a:b5:
79:3b:b3:ca:8e:7d:65:ac:e3:b2:1e:36:da:93:f5:
86:12:41:b9:47:7c:ac:8d:46:b7:a0:7f:95:ed:8d:
32:58:f6:6c:e8:38:ed:e8:19:76:06:11:c5:1e:44:
c9:08:3e:e0:89:bd:4d:3e:cd:9d:f9:c6:b6:83:2e:
89:a6:97:ad:d5:16:34:8d:87:54:58:c7:03:c2:48:
1a:0b:14:cf:41:68:c9:64:a2:c0:4a:34:60:d0:3b:
da:89:b2:20:f0:ad:af:e5:e4:4b:9f:60:0e:27:00:
07:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C3:AD:A4:6A:24:9C:46:E0:26:FF:52:36:DB:27:35:06:7C:68:55
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/usOtpGoknEbgJv9SNtsnNQZ8aFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:89:c8:39:77:90:86:9b:ef:55:85:0b:62:cf:69:ed:9e:c0:
6c:dd:9f:01:1b:1c:d0:e5:d5:e7:12:87:7b:e0:aa:d3:f2:35:
00:7e:11:b5:5a:89:2a:0e:cd:0b:90:01:8e:14:36:96:17:d9:
22:ba:f7:bb:67:0a:b3:40:7e:ba:07:9e:bb:74:94:3e:1b:f0:
7a:45:5d:74:b8:76:f9:57:27:6e:2a:fb:ca:ea:94:72:d7:7e:
37:9f:dd:70:df:d2:5e:17:6c:04:45:5c:43:80:b5:1b:4c:93:
c3:2b:e3:a0:cc:31:b1:18:6a:46:99:2c:fe:c5:0d:a4:a6:e8:
c5:09:b0:3e:a9:07:95:6f:8e:20:28:fe:d1:c5:16:05:46:72:
e8:99:c3:97:97:1a:32:1b:fd:40:9a:53:95:7b:da:42:21:e8:
00:9f:cf:20:a8:95:37:c3:42:83:86:27:15:56:4d:0c:6a:e1:
aa:41:33:36:36:fb:f7:ef:ce:ec:2d:35:49:f9:ca:67:35:cc:
48:e7:74:77:ff:99:0b:47:7e:38:c5:a3:c7:39:7d:03:01:5a:
ef:14:52:5c:37:35:74:20:17:a8:1e:82:1c:6d:35:97:ad:d4:
6a:fc:70:7f:a4:ab:c6:1f:58:e4:3a:70:d9:95:cc:1b:3f:02:
8e:04:09:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs6v6igs01j7n/BbZbfkN77MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE2MjMwODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWMzYWRhNDZhMjQ5YzQ2ZTAyNmZmNTIzNmRiMjczNTA2N2M2ODU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKqgf0phjRLGJGfk9cLUIjF0saYe
71ZCWfYPNCsIsBTKNTnAntkkah1Msr02cJLXAUn69KdLtc6zXnc+7+pRnSdXuiLf
Pl4L+TTjWFl9lkmSpjbuimJWreBYT3hg/rpqH3rahaYpUHbkQynVn+5l5M00qfls
oosXQmR739dTpd85u0s/vjXMrO0rgQJvmhqy0cP6CrV5O7PKjn1lrOOyHjbak/WG
EkG5R3ysjUa3oH+V7Y0yWPZs6Djt6Bl2BhHFHkTJCD7gib1NPs2d+ca2gy6Jppet
1RY0jYdUWMcDwkgaCxTPQWjJZKLASjRg0DvaibIg8K2v5eRLn2AOJwAH2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLrDraRqJJxG4Cb/UjbbJzUGfGhVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdXNPdHBHb2tuRWJnSnY5U050c25OUVo4YUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFWJyDl3kIab71WFC2LP
ae2ewGzdnwEbHNDl1ecSh3vgqtPyNQB+EbVaiSoOzQuQAY4UNpYX2SK697tnCrNA
froHnrt0lD4b8HpFXXS4dvlXJ24q+8rqlHLXfjef3XDf0l4XbARFXEOAtRtMk8Mr
46DMMbEYakaZLP7FDaSm6MUJsD6pB5VvjiAo/tHFFgVGcuiZw5eXGjIb/UCaU5V7
2kIh6ACfzyColTfDQoOGJxVWTQxq4apBMzY2+/fvzuwtNUn5ymc1zEjndHf/mQtH
fjjFo8c5fQMBWu8UUlw3NXQgF6geghxtNZet1Gr8cH+kq8YfWOQ6cNmVzBs/Ao4E
CUY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:38:23 2025 by rpki-client