Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2oXtyJDBC2Cl2KPjyVnM4L25kMU.roa
File: 2oXtyJDBC2Cl2KPjyVnM4L25kMU.roa (raw, json)
Hash identifier: YKF2vnnqJOHdNGlYZxgGadjS6MmR48+8LJTX8g8Hjno=
Subject key identifier: DA:85:ED:C8:90:C1:0B:60:A5:D8:A3:E3:C9:59:CC:E0:BD:B9:90:C5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8F162A15FEF297F84946A41430B1FCC4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2oXtyJDBC2Cl2KPjyVnM4L25kMU.roa
Signing time: Thu 02 Nov 2023 08:11:16 +0000
ROA not before: Thu 02 Nov 2023 08:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8f:16:2a:15:fe:f2:97:f8:49:46:a4:14:30:b1:fc:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 2 08:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da85edc890c10b60a5d8a3e3c959cce0bdb990c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6e:36:96:e4:50:ed:09:16:d9:ae:93:f6:d5:
33:54:3e:10:09:2e:fe:95:b2:79:60:8a:dc:cb:d1:
fd:7b:94:69:57:2f:79:23:1f:30:2e:26:05:88:aa:
91:6f:55:38:a4:81:bd:95:d8:77:2c:08:8a:14:a9:
0a:db:ec:fd:e2:2a:eb:e4:7f:66:8c:5e:4a:33:93:
30:72:b6:74:47:af:83:fe:68:b0:4c:66:71:52:87:
a2:d0:47:2e:26:47:c7:39:fc:76:32:3f:36:a9:2a:
0e:2c:13:5a:d0:8a:e3:2d:0d:bb:5d:b4:93:f8:d0:
cb:9d:71:41:9a:30:de:d8:29:49:20:d0:bf:3f:ee:
3b:94:2e:eb:52:cc:70:38:36:12:68:65:a7:da:f8:
5c:ac:b6:75:b9:31:6b:62:23:06:22:7c:7d:97:26:
7e:bf:ff:64:48:8b:59:be:b9:e2:f6:51:7c:4a:b0:
47:5f:3f:55:15:66:0b:28:25:e4:f3:ef:80:35:1b:
de:e9:07:a0:4c:af:43:f0:98:85:86:83:31:66:fa:
ba:3b:5b:17:a9:94:ee:ae:ea:ac:c2:e5:e9:5d:13:
9a:9a:fe:e6:64:c8:bd:e6:5e:3b:15:41:e3:bb:72:
89:3b:5c:48:39:07:d7:76:b7:fa:a3:c2:de:45:f8:
3c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:85:ED:C8:90:C1:0B:60:A5:D8:A3:E3:C9:59:CC:E0:BD:B9:90:C5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2oXtyJDBC2Cl2KPjyVnM4L25kMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:a4:ae:1a:04:03:b8:1c:f8:6f:c9:6d:4b:64:f7:26:d9:1b:
57:b8:9e:21:12:01:5f:2b:d4:ad:dc:ff:31:c2:1b:8a:94:d9:
df:23:4e:aa:34:c1:31:03:7a:4a:39:a5:0c:fa:ee:5b:9b:a2:
99:90:c6:ab:0b:f0:15:64:8d:4a:05:d5:ff:c8:cd:0a:47:0b:
c0:18:e5:4a:24:1b:06:9a:0e:65:49:ee:22:a4:47:43:40:41:
cf:ff:77:e4:be:3b:4e:db:e8:41:91:3b:99:a8:4a:73:4e:95:
08:1e:d8:d8:95:0a:39:eb:ca:9f:3e:b4:38:9b:34:b8:f0:15:
0a:76:37:b6:6c:08:01:6b:4f:0d:78:6b:91:bc:dd:dc:67:9d:
b3:ae:bf:5e:4b:ee:95:69:78:6a:d4:6b:9b:8d:99:b0:a5:1a:
75:e4:ce:47:89:d2:7c:f3:0f:02:ae:b6:cf:72:4a:a6:27:1e:
12:74:e4:35:94:20:0b:c7:5e:c8:13:ae:47:d8:95:85:0e:76:
62:6c:0c:4d:4f:ca:e4:d5:5f:5b:40:80:53:41:25:fb:63:6f:
e9:82:99:be:ba:a9:fc:2f:40:90:60:73:49:5a:c9:ee:96:1c:
81:5c:60:e8:11:d8:5a:02:d9:94:42:67:54:fe:6e:da:f1:86:
6b:98:32:90
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuPFioV/vKX+ElGpBQwsfzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAyMDgxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg1ZWRjODkwYzEwYjYwYTVkOGEzZTNjOTU5Y2NlMGJkYjk5MGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApW42luRQ7QkW2a6T9tUzVD4QCS7+
lbJ5YIrcy9H9e5RpVy95Ix8wLiYFiKqRb1U4pIG9ldh3LAiKFKkK2+z94irr5H9m
jF5KM5MwcrZ0R6+D/miwTGZxUoei0EcuJkfHOfx2Mj82qSoOLBNa0IrjLQ27XbST
+NDLnXFBmjDe2ClJINC/P+47lC7rUsxwODYSaGWn2vhcrLZ1uTFrYiMGInx9lyZ+
v/9kSItZvrni9lF8SrBHXz9VFWYLKCXk8++ANRve6QegTK9D8JiFhoMxZvq6O1sX
qZTuruqswuXpXROamv7mZMi95l47FUHju3KJO1xIOQfXdrf6o8LeRfg8eQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNqF7ciQwQtgpdij48lZzOC9uZDFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMm9YdHlKREJDMkNsMktQanlWbk00TDI1a01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJqkrhoEA7gc+G/JbUtk
9ybZG1e4niESAV8r1K3c/zHCG4qU2d8jTqo0wTEDeko5pQz67lubopmQxqsL8BVk
jUoF1f/IzQpHC8AY5UokGwaaDmVJ7iKkR0NAQc//d+S+O07b6EGRO5moSnNOlQge
2NiVCjnryp8+tDibNLjwFQp2N7ZsCAFrTw14a5G83dxnnbOuv15L7pVpeGrUa5uN
mbClGnXkzkeJ0nzzDwKuts9ySqYnHhJ05DWUIAvHXsgTrkfYlYUOdmJsDE1PyuTV
X1tAgFNBJftjb+mCmb66qfwvQJBgc0laye6WHIFcYOgR2FoC2ZRCZ1T+btrxhmuY
MpA=
-----END CERTIFICATE-----
Generated at Sun May 11 22:13:48 2025 by rpki-client