Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0yoe6iPmc9mc3B2wYoyt3nW0wrs.roa
File: 0yoe6iPmc9mc3B2wYoyt3nW0wrs.roa (raw, json)
Hash identifier: 7+jcKgPjvERdQ+7pG2uek3ZPJalrX73H+/nxLJG/sQM=
Subject key identifier: D3:2A:1E:EA:23:E6:73:D9:9C:DC:1D:B0:62:8C:AD:DE:75:B4:C2:BB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BE367A229B64116485BE7AF0AB1CCE7A9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0yoe6iPmc9mc3B2wYoyt3nW0wrs.roa
Signing time: Sat 18 Nov 2023 17:08:21 +0000
ROA not before: Sat 18 Nov 2023 17:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e3:67:a2:29:b6:41:16:48:5b:e7:af:0a:b1:cc:e7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 18 17:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d32a1eea23e673d99cdc1db0628cadde75b4c2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5b:78:b8:7c:5c:bb:48:03:d1:be:7c:bf:3d:
87:ae:9f:3e:18:e6:ea:83:d5:9c:25:79:49:21:41:
d5:4a:cd:4f:ba:91:e1:e3:51:d6:0d:ce:19:cd:77:
54:46:26:b2:b5:13:99:21:8e:c2:b0:13:fc:66:0d:
9f:f2:78:0f:3b:12:15:de:78:2c:74:67:91:fc:3d:
a2:0b:91:42:4b:e9:f4:dc:47:49:f3:8a:2f:3c:0c:
de:47:d6:65:29:a0:64:1c:83:a5:fc:b5:08:f5:c8:
39:1a:14:89:d7:62:ce:4b:d4:8c:55:94:74:11:86:
74:c5:12:12:4e:7f:a2:21:5e:fa:53:c7:4f:aa:dc:
a9:78:6e:f1:ad:16:26:b2:eb:bc:ff:88:39:ba:55:
e9:92:c5:fa:3a:fc:e0:b7:f2:c2:65:7d:4a:4d:47:
0c:d7:60:c5:af:a2:bf:1c:ed:09:8b:aa:08:3a:4d:
b1:95:9b:64:ac:cb:dd:10:39:1f:99:74:e8:59:7d:
b1:ed:67:b0:b0:2d:e0:c6:f6:a0:db:b4:04:73:33:
69:33:63:10:55:e4:07:2a:c0:fb:22:27:0a:65:1c:
05:b0:6c:37:a5:14:de:30:d0:f3:fc:93:39:6f:f0:
7e:13:97:c2:5c:04:3c:9e:44:be:e1:0e:64:5e:64:
df:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2A:1E:EA:23:E6:73:D9:9C:DC:1D:B0:62:8C:AD:DE:75:B4:C2:BB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0yoe6iPmc9mc3B2wYoyt3nW0wrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4d:71:fa:5e:af:f7:1c:2e:70:c1:8f:cb:6d:a8:65:27:09:4a:
e3:2c:eb:cb:db:0c:50:ed:f5:66:56:13:e9:2e:cf:75:7c:81:
1f:e5:1d:96:76:1f:b2:60:91:4c:a3:55:09:ec:85:5d:36:7a:
4e:13:9c:37:a6:af:fb:7f:39:f7:25:50:75:c9:0a:6d:2a:19:
55:ba:ad:9f:03:60:06:2e:80:06:08:b4:44:54:6e:1f:97:fa:
2f:5e:d1:78:fd:3d:d7:5a:ac:91:28:fe:ad:33:cf:08:38:3f:
e5:df:97:69:52:95:22:09:4b:de:88:a7:59:66:6b:8f:b1:ac:
f5:c0:28:a9:fa:dc:d8:89:9a:29:ce:c6:0a:96:89:e3:41:d3:
9d:82:12:63:d0:a7:15:46:b2:30:d5:55:7f:58:6e:a7:a4:24:
c4:9e:10:db:73:d9:a5:25:9c:84:26:76:01:71:95:9e:03:01:
16:6e:82:ea:21:aa:cd:28:e5:79:d2:bd:9d:6a:6c:27:b4:ae:
90:77:0a:70:7a:46:9a:89:e7:3d:8b:88:a8:ca:f2:ea:f9:f8:
96:1b:2f:8d:8a:11:cc:9f:64:7b:50:56:d2:8f:d2:e7:43:48:
17:35:4a:78:da:5c:03:ab:16:03:a2:b5:56:75:38:e0:92:52:
fe:4d:7d:50
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvjZ6IptkEWSFvnrwqxzOepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE4MTcwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJhMWVlYTIzZTY3M2Q5OWNkYzFkYjA2MjhjYWRkZTc1YjRjMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlt4uHxcu0gD0b58vz2Hrp8+GObq
g9WcJXlJIUHVSs1PupHh41HWDc4ZzXdURiaytROZIY7CsBP8Zg2f8ngPOxIV3ngs
dGeR/D2iC5FCS+n03EdJ84ovPAzeR9ZlKaBkHIOl/LUI9cg5GhSJ12LOS9SMVZR0
EYZ0xRISTn+iIV76U8dPqtypeG7xrRYmsuu8/4g5ulXpksX6Ovzgt/LCZX1KTUcM
12DFr6K/HO0Ji6oIOk2xlZtkrMvdEDkfmXToWX2x7WewsC3gxvag27QEczNpM2MQ
VeQHKsD7IicKZRwFsGw3pRTeMNDz/JM5b/B+E5fCXAQ8nkS+4Q5kXmTf0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNMqHuoj5nPZnNwdsGKMrd51tMK7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMHlvZTZpUG1jOW1jM0Iyd1lveXQzblcwd3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE1x+l6v9xwucMGPy22o
ZScJSuMs68vbDFDt9WZWE+kuz3V8gR/lHZZ2H7JgkUyjVQnshV02ek4TnDemr/t/
OfclUHXJCm0qGVW6rZ8DYAYugAYItERUbh+X+i9e0Xj9PddarJEo/q0zzwg4P+Xf
l2lSlSIJS96Ip1lma4+xrPXAKKn63NiJminOxgqWieNB052CEmPQpxVGsjDVVX9Y
bqekJMSeENtz2aUlnIQmdgFxlZ4DARZuguohqs0o5XnSvZ1qbCe0rpB3CnB6RpqJ
5z2LiKjK8ur5+JYbL42KEcyfZHtQVtKP0udDSBc1SnjaXAOrFgOitVZ1OOCSUv5N
fVA=
-----END CERTIFICATE-----
Generated at Mon May 12 23:11:07 2025 by rpki-client