Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O077ayvb5FmMvLh1KWpTkjpghKY.roa
File: O077ayvb5FmMvLh1KWpTkjpghKY.roa (raw, json)
Hash identifier: uwdb07hPL5Gq6oG/YddezTHqOiWb9CuM4duaI28fEpc=
Subject key identifier: 3B:4E:FB:6B:2B:DB:E4:59:8C:BC:B8:75:29:6A:53:92:3A:60:84:A6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA97D8704BDC17B77464E706F8E1FB487
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O077ayvb5FmMvLh1KWpTkjpghKY.roa
Signing time: Tue 07 Nov 2023 11:14:17 +0000
ROA not before: Tue 07 Nov 2023 11:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:7d:87:04:bd:c1:7b:77:46:4e:70:6f:8e:1f:b4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 11:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b4efb6b2bdbe4598cbcb875296a53923a6084a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:33:ad:0f:aa:7a:9e:8b:e8:50:13:cd:12:9c:
f0:83:17:e9:bb:b8:03:59:7d:fa:bb:93:af:7c:57:
e1:25:e0:1d:8e:b1:20:80:0a:5d:7d:17:1a:85:95:
4f:b0:9f:43:ad:2c:5d:88:aa:53:78:78:9e:43:c9:
3c:ee:0f:b9:43:19:12:87:ff:f8:1d:d2:55:86:fb:
14:76:30:22:0a:72:13:b4:25:9f:cd:e5:2d:c9:aa:
f7:45:16:23:25:8f:2e:e3:5e:e3:d7:80:90:f5:e6:
d0:d6:36:96:e7:cb:63:81:f0:a0:e6:9e:b5:28:c5:
3f:95:b7:ef:1e:da:1c:02:b6:89:d6:f3:01:56:81:
86:00:d4:e8:fb:ca:8a:2d:ca:96:bf:0f:83:98:67:
81:6d:3e:93:84:24:a0:48:7d:c4:4a:f4:74:dc:6c:
19:f5:c8:40:e0:76:f5:4b:aa:f0:56:73:0e:b4:91:
0c:5f:47:22:57:38:ef:33:b6:da:5d:a2:30:c9:4c:
e8:5e:50:a1:e5:65:45:25:3b:8b:b5:c9:94:fa:bb:
d7:8f:0b:01:4f:4c:30:6e:79:8c:e7:e4:b5:f5:cb:
53:80:cd:5b:4d:e3:48:f2:f5:17:b6:be:6c:c8:d0:
ed:0e:53:e6:19:31:2b:71:60:1d:a3:1e:87:7f:4b:
9a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4E:FB:6B:2B:DB:E4:59:8C:BC:B8:75:29:6A:53:92:3A:60:84:A6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/O077ayvb5FmMvLh1KWpTkjpghKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:60:6d:5d:61:de:ca:f9:4b:76:09:d8:3f:fd:20:a7:35:20:
b0:1f:60:02:ac:f7:de:78:22:01:ad:c2:17:9e:fc:06:3f:f7:
6f:f9:40:92:b4:1e:ae:b4:8e:ef:15:6e:eb:bc:b6:f0:2e:82:
40:d1:46:70:bd:04:b3:66:b7:64:0e:50:b8:cd:dc:54:36:23:
b9:6d:f1:3b:5f:12:82:79:d5:85:37:53:43:7a:c8:9b:a3:9d:
11:b6:84:92:03:d1:3c:42:52:7b:f7:c2:6c:58:e4:cb:3d:26:
18:f5:87:82:1f:0c:8c:0f:07:77:8a:0c:5e:9a:83:91:d1:17:
fe:52:c4:2f:aa:cf:53:fa:1b:da:1c:4e:fb:94:62:2e:8a:02:
67:aa:ee:a8:99:06:02:49:cd:1d:8d:5c:5a:ab:df:41:3e:19:
2e:81:6d:9f:f7:b6:a4:d5:7f:15:46:16:ab:7a:a2:5e:1c:d0:
de:df:cd:d2:bb:be:8c:70:31:1b:0f:cb:84:85:c8:65:90:9a:
13:35:b7:7b:bd:da:55:5c:68:9f:03:db:2a:31:e7:0a:eb:51:
9e:98:bb:9c:d0:fd:bd:4f:f1:28:d2:e1:cb:45:19:ed:46:67:
2b:80:04:90:6d:95:04:e5:5c:bc:06:bf:e4:65:b0:30:a0:ad:
a8:3e:9d:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYupfYcEvcF7d0ZOcG+OH7SHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MTExNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRlZmI2YjJiZGJlNDU5OGNiY2I4NzUyOTZhNTM5MjNhNjA4NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDOtD6p6novoUBPNEpzwgxfpu7gD
WX36u5OvfFfhJeAdjrEggApdfRcahZVPsJ9DrSxdiKpTeHieQ8k87g+5QxkSh//4
HdJVhvsUdjAiCnITtCWfzeUtyar3RRYjJY8u417j14CQ9ebQ1jaW58tjgfCg5p61
KMU/lbfvHtocAraJ1vMBVoGGANTo+8qKLcqWvw+DmGeBbT6ThCSgSH3ESvR03GwZ
9chA4Hb1S6rwVnMOtJEMX0ciVzjvM7baXaIwyUzoXlCh5WVFJTuLtcmU+rvXjwsB
T0wwbnmM5+S19ctTgM1bTeNI8vUXtr5syNDtDlPmGTErcWAdox6Hf0ua8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDtO+2sr2+RZjLy4dSlqU5I6YISmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTzA3N2F5dmI1Rm1NdkxoMUtXcFRranBnaEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF1gbV1h3sr5S3YJ2D/9
IKc1ILAfYAKs9954IgGtwhee/AY/92/5QJK0Hq60ju8Vbuu8tvAugkDRRnC9BLNm
t2QOULjN3FQ2I7lt8TtfEoJ51YU3U0N6yJujnRG2hJID0TxCUnv3wmxY5Ms9Jhj1
h4IfDIwPB3eKDF6ag5HRF/5SxC+qz1P6G9ocTvuUYi6KAmeq7qiZBgJJzR2NXFqr
30E+GS6BbZ/3tqTVfxVGFqt6ol4c0N7fzdK7voxwMRsPy4SFyGWQmhM1t3u92lVc
aJ8D2yox5wrrUZ6Yu5zQ/b1P8SjS4ctFGe1GZyuABJBtlQTlXLwGv+RlsDCgrag+
nWQ=
-----END CERTIFICATE-----
Generated at Sun May 11 15:43:45 2025 by rpki-client