Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OFcJfBvwBZdXvTUXPSmuVJwESqg.roa
File: OFcJfBvwBZdXvTUXPSmuVJwESqg.roa (raw, json)
Hash identifier: jr79X4YF9bd+4CVCpmJspE/bSZM4jpDpRMmPESUo5Jk=
Subject key identifier: 38:57:09:7C:1B:F0:05:97:57:BD:35:17:3D:29:AE:54:9C:04:4A:A8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B612BB4D08E8DD5A2F545B7987F94B85A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OFcJfBvwBZdXvTUXPSmuVJwESqg.roa
Signing time: Tue 24 Oct 2023 10:12:16 +0000
ROA not before: Tue 24 Oct 2023 10:12:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:2b:b4:d0:8e:8d:d5:a2:f5:45:b7:98:7f:94:b8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 24 10:12:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3857097c1bf0059757bd35173d29ae549c044aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4b:b7:bc:4f:f1:da:85:60:79:06:a6:22:84:
f7:c8:fd:37:29:e6:d5:5e:06:2b:4b:91:20:38:80:
dc:ca:8e:76:77:f4:ed:da:02:9b:df:8e:4e:75:8c:
be:80:96:38:41:37:1c:6d:5a:33:ff:f3:48:1f:d1:
91:b6:c8:94:b0:3b:33:eb:08:af:04:17:d5:7c:e3:
87:75:ee:94:10:67:65:33:b4:9e:de:3a:90:3a:27:
03:a1:1b:92:14:49:d9:3e:95:99:f9:e1:09:a4:0d:
63:ad:f6:e1:1e:2f:dc:ef:b6:e0:9e:3f:cd:96:2e:
b1:d3:09:a9:0e:94:59:b6:fd:61:6e:40:a1:d4:f5:
3d:95:d2:6a:42:dd:4d:35:27:9c:d1:58:3d:8c:e0:
c5:ad:f3:f4:62:92:d3:39:f3:9a:4f:bd:ce:51:7e:
46:96:2d:8a:f3:8d:91:87:a8:d3:6d:d7:47:08:85:
2f:bc:9d:a6:4a:f6:d5:5f:cc:3d:a9:94:0c:4d:d6:
ca:4f:6b:f0:34:70:bd:3e:b8:41:76:67:f8:3d:d2:
83:f1:3a:d4:2d:c1:e2:16:19:08:00:64:65:9e:3e:
4d:4f:83:7a:97:3b:be:e3:46:f3:45:fd:d1:70:b0:
5b:0a:69:29:3c:c8:d9:b6:cc:39:81:fe:45:3b:b4:
69:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:57:09:7C:1B:F0:05:97:57:BD:35:17:3D:29:AE:54:9C:04:4A:A8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OFcJfBvwBZdXvTUXPSmuVJwESqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:34:41:3a:f6:95:78:ab:4b:ac:4f:03:2d:89:c2:bf:07:2b:
1c:f3:3e:5d:ee:d4:19:4f:17:17:42:bc:3d:78:0c:39:f8:93:
0d:a2:54:84:be:1c:8e:8f:66:9f:f3:4f:05:6d:84:ee:fe:a1:
da:a7:6d:48:39:4a:92:f3:a6:a9:34:50:68:92:b0:f6:24:91:
83:50:59:0d:42:fc:e8:37:14:9a:ad:ac:a4:87:f5:20:c6:d4:
1c:d0:ba:c0:5f:5d:a1:6d:85:36:fd:93:ca:e8:b5:7a:e6:23:
28:79:02:ed:e3:c1:b6:2e:2c:7b:31:87:48:10:bf:bb:e8:13:
c6:86:43:e6:17:36:f9:73:39:e4:47:a7:62:3b:00:6b:68:36:
50:03:2a:0e:1e:68:4a:fd:d7:fa:60:79:f3:a1:63:97:d9:7c:
e7:d0:13:5f:24:13:14:d9:b7:ce:b3:89:dc:f2:1d:9e:1d:65:
59:f3:09:f4:ff:aa:78:c0:b9:b8:0a:98:56:42:95:aa:03:73:
ac:78:0b:c5:02:af:e4:61:92:4e:34:79:f0:b2:33:92:f1:86:
f2:88:13:ac:03:50:5b:03:8b:5d:cc:93:55:34:e7:66:0a:67:
82:f3:3d:b5:8f:5f:47:a1:b8:b8:3e:d7:c4:ee:8d:b8:c5:d3:
50:1b:84:dd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYthK7TQjo3VovVFt5h/lLhaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI0MTAxMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODU3MDk3YzFiZjAwNTk3NTdiZDM1MTczZDI5YWU1NDljMDQ0YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0u3vE/x2oVgeQamIoT3yP03KebV
XgYrS5EgOIDcyo52d/Tt2gKb345OdYy+gJY4QTccbVoz//NIH9GRtsiUsDsz6wiv
BBfVfOOHde6UEGdlM7Se3jqQOicDoRuSFEnZPpWZ+eEJpA1jrfbhHi/c77bgnj/N
li6x0wmpDpRZtv1hbkCh1PU9ldJqQt1NNSec0Vg9jODFrfP0YpLTOfOaT73OUX5G
li2K842Rh6jTbddHCIUvvJ2mSvbVX8w9qZQMTdbKT2vwNHC9PrhBdmf4PdKD8TrU
LcHiFhkIAGRlnj5NT4N6lzu+40bzRf3RcLBbCmkpPMjZtsw5gf5FO7RpUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDhXCXwb8AWXV701Fz0prlScBEqoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT0ZjSmZCdndCWmRYdlRVWFBTbXVWSndFU3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ40QTr2lXirS6xPAy2J
wr8HKxzzPl3u1BlPFxdCvD14DDn4kw2iVIS+HI6PZp/zTwVthO7+odqnbUg5SpLz
pqk0UGiSsPYkkYNQWQ1C/Og3FJqtrKSH9SDG1BzQusBfXaFthTb9k8rotXrmIyh5
Au3jwbYuLHsxh0gQv7voE8aGQ+YXNvlzOeRHp2I7AGtoNlADKg4eaEr91/pgefOh
Y5fZfOfQE18kExTZt86zidzyHZ4dZVnzCfT/qnjAubgKmFZClaoDc6x4C8UCr+Rh
kk40efCyM5LxhvKIE6wDUFsDi13Mk1U052YKZ4LzPbWPX0ehuLg+18TujbjF01Ab
hN0=
-----END CERTIFICATE-----
Generated at Sun May 11 10:51:22 2025 by rpki-client