Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wOLvDw9ygyidcH-m0yLlTVwPw4Y.roa
File: wOLvDw9ygyidcH-m0yLlTVwPw4Y.roa (raw, json)
Hash identifier: h2ph2aOXZX/I/xHPuMHprY5soAcCs9XiP6cUAJ5WPkA=
Subject key identifier: C0:E2:EF:0F:0F:72:83:28:9D:70:7F:A6:D3:22:E5:4D:5C:0F:C3:86
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AEBCCC43DD0F9F8B424819655D4091FBE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wOLvDw9ygyidcH-m0yLlTVwPw4Y.roa
Signing time: Sun 01 Oct 2023 15:12:59 +0000
ROA not before: Sun 01 Oct 2023 15:12:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:eb:cc:c4:3d:d0:f9:f8:b4:24:81:96:55:d4:09:1f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 15:12:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0e2ef0f0f7283289d707fa6d322e54d5c0fc386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:eb:59:d3:2e:19:cd:19:fd:2d:98:f2:8e:8a:
ba:fb:1d:01:be:29:b6:ed:a4:04:03:3a:97:d5:9b:
d9:48:15:b6:21:b5:f8:55:87:4f:5c:91:4d:0b:d0:
de:a6:53:4d:b9:86:5c:0d:6f:d1:30:a8:a4:3e:c5:
b6:fd:aa:b8:1e:cc:15:ac:9d:99:8d:ed:76:40:3a:
00:89:d4:1e:0c:5f:ea:97:80:76:a6:e7:ec:f0:3d:
52:e7:d1:95:39:3c:5a:2a:79:ec:bd:cc:37:a0:23:
57:fc:be:37:5b:fb:a3:55:8b:5c:7f:86:a5:b4:5c:
70:39:af:a1:e3:db:af:93:1c:07:b4:c2:7b:44:08:
3f:4a:e4:dd:14:9e:20:f1:93:94:bd:7b:bf:a5:1d:
c0:da:d6:ac:d2:51:23:38:86:5a:f7:d0:ca:10:7e:
fa:65:f2:02:06:be:d3:8c:29:d0:1f:4f:37:54:66:
47:a1:55:5b:97:e8:64:78:4f:3c:04:3a:6c:7d:0e:
52:22:c9:fa:f4:ad:d7:be:16:9a:20:01:16:e4:02:
c0:58:bc:39:1d:5a:a4:ca:75:dc:b9:2e:66:ef:5f:
7f:c5:8c:0b:b7:96:f7:ff:8f:aa:36:0f:35:67:fe:
ef:d6:5b:4e:39:53:2a:2b:45:7f:26:2d:5a:62:a2:
3d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E2:EF:0F:0F:72:83:28:9D:70:7F:A6:D3:22:E5:4D:5C:0F:C3:86
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/wOLvDw9ygyidcH-m0yLlTVwPw4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ca:b6:f9:f2:bd:01:33:29:90:8f:48:17:b6:ae:14:d4:d5:d3:
e5:aa:b9:a9:06:3c:29:70:4d:74:d7:0a:2d:bd:03:3d:f4:04:
74:d1:b6:e9:6b:89:f3:67:3b:9e:3b:dc:98:bf:62:8d:5f:19:
50:09:39:5b:65:9c:a7:b4:09:18:ad:3c:9a:98:ce:06:16:27:
b8:3b:b4:d5:88:35:e7:d6:d4:81:16:3c:89:0b:7e:ef:c0:f3:
2e:39:66:db:b4:06:1a:e1:5d:97:6d:c5:85:7a:07:a7:b7:cb:
7a:ed:8c:0b:b6:f3:39:0d:11:19:d0:3d:1e:df:bf:85:68:f3:
bb:ff:30:c0:42:40:fa:f7:d5:4b:73:35:7d:00:98:d5:a6:78:
d8:64:3e:35:ae:9e:0f:17:ce:0b:4f:c0:e9:a2:63:aa:18:d0:
30:62:a9:43:27:88:51:1d:3d:65:eb:cd:22:94:22:81:f5:ff:
8a:30:15:6b:0e:ba:de:59:d2:33:4c:0e:5f:4b:4d:50:ea:01:
6a:b2:96:17:e8:89:78:e8:af:ea:e5:58:22:13:bf:5b:2c:b1:
34:7b:67:5d:2c:09:37:8b:0b:e2:06:e7:01:92:ae:0f:32:59:
ed:aa:8e:19:c2:d1:4d:65:15:ef:69:41:c9:9f:fa:84:e8:76:
7e:bd:50:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrrzMQ90Pn4tCSBllXUCR++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMTUxMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGUyZWYwZjBmNzI4MzI4OWQ3MDdmYTZkMzIyZTU0ZDVjMGZjMzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0utZ0y4ZzRn9LZjyjoq6+x0Bvim2
7aQEAzqX1ZvZSBW2IbX4VYdPXJFNC9DeplNNuYZcDW/RMKikPsW2/aq4HswVrJ2Z
je12QDoAidQeDF/ql4B2pufs8D1S59GVOTxaKnnsvcw3oCNX/L43W/ujVYtcf4al
tFxwOa+h49uvkxwHtMJ7RAg/SuTdFJ4g8ZOUvXu/pR3A2tas0lEjOIZa99DKEH76
ZfICBr7TjCnQH083VGZHoVVbl+hkeE88BDpsfQ5SIsn69K3XvhaaIAEW5ALAWLw5
HVqkynXcuS5m719/xYwLt5b3/4+qNg81Z/7v1ltOOVMqK0V/Ji1aYqI9bwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMDi7w8PcoMonXB/ptMi5U1cD8OGMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvd09MdkR3OXlneWlkY0gtbTB5TGxUVndQdzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMq2+fK9ATMpkI9IF7au
FNTV0+WquakGPClwTXTXCi29Az30BHTRtulrifNnO5473Ji/Yo1fGVAJOVtlnKe0
CRitPJqYzgYWJ7g7tNWINefW1IEWPIkLfu/A8y45Ztu0BhrhXZdtxYV6B6e3y3rt
jAu28zkNERnQPR7fv4Vo87v/MMBCQPr31UtzNX0AmNWmeNhkPjWung8XzgtPwOmi
Y6oY0DBiqUMniFEdPWXrzSKUIoH1/4owFWsOut5Z0jNMDl9LTVDqAWqylhfoiXjo
r+rlWCITv1sssTR7Z10sCTeLC+IG5wGSrg8yWe2qjhnC0U1lFe9pQcmf+oTodn69
UE0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:22:03 2025 by rpki-client