Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OHPUqVkYwiMPYh13O7eA-3dQirc.roa
File: OHPUqVkYwiMPYh13O7eA-3dQirc.roa (raw, json)
Hash identifier: /bbZa68VbA0P6tFiDwOiht/gJ2pcDA4gaOdwqd9hhVs=
Subject key identifier: 38:73:D4:A9:59:18:C2:23:0F:62:1D:77:3B:B7:80:FB:77:50:8A:B7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C1492CD3BC1B4557AF4F7AB2EFB762F59
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OHPUqVkYwiMPYh13O7eA-3dQirc.roa
Signing time: Tue 28 Nov 2023 06:16:54 +0000
ROA not before: Tue 28 Nov 2023 06:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:14:92:cd:3b:c1:b4:55:7a:f4:f7:ab:2e:fb:76:2f:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 28 06:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3873d4a95918c2230f621d773bb780fb77508ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:65:03:38:1a:06:34:22:a2:55:58:49:68:b2:
b1:5a:3d:f3:66:86:30:d0:43:1f:db:b5:71:75:9b:
c1:7a:4e:06:73:4f:d7:d9:7e:cf:e3:30:3f:66:ea:
a8:87:83:d1:1c:20:d0:af:8f:e1:a0:b8:69:0d:40:
01:f7:71:25:89:d5:9f:32:69:ee:2f:b9:70:cc:26:
b8:e7:7e:08:9f:7a:1c:07:c1:03:25:3a:0f:48:0c:
bd:a8:31:c0:e7:84:8f:65:d3:68:bc:8a:bf:be:b8:
a9:1d:20:d1:26:84:7e:44:3a:83:1b:88:f5:5b:67:
74:d9:a1:51:ed:d8:5b:b5:9b:07:ef:0c:6c:f0:4e:
0a:55:79:5c:d8:18:2b:5b:e3:e1:82:f7:25:ba:1a:
02:71:46:ae:32:99:63:01:1f:c5:2e:5c:be:cc:03:
cb:ef:22:71:5a:48:40:b0:9a:57:13:45:de:68:d1:
4c:b3:f2:0c:3a:ac:4c:a4:47:e1:5f:fe:43:ad:19:
9f:64:81:c9:63:b9:be:02:f0:84:ba:84:e8:fa:09:
c7:d0:0e:a7:50:35:3f:70:8e:1b:f9:67:3e:d6:93:
3d:2d:83:b6:e2:27:ec:29:58:04:64:b8:42:3e:0b:
d7:e3:e9:ab:0e:d4:90:97:d1:d9:a3:49:18:07:e3:
55:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:73:D4:A9:59:18:C2:23:0F:62:1D:77:3B:B7:80:FB:77:50:8A:B7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OHPUqVkYwiMPYh13O7eA-3dQirc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:49:aa:36:c1:32:76:49:c9:b8:fa:4a:be:11:0c:0f:1b:0d:
1f:ff:6e:98:5a:c7:8d:e7:2c:18:c7:44:83:cf:d3:80:b9:bd:
ee:02:92:d0:69:05:a0:88:8c:66:f8:4e:e6:16:ad:d8:c9:54:
83:c1:f0:d7:a5:0a:1e:d3:e6:fd:48:f7:9d:0c:a9:b3:33:7f:
cf:a8:15:e2:bb:b3:a1:ae:e7:de:3e:9c:02:ed:d0:bc:18:e3:
f4:ea:ae:90:26:d9:ad:1a:4c:43:7f:9b:41:29:75:27:50:37:
e4:d8:66:33:f5:46:41:35:0c:12:16:29:56:5b:0b:99:22:e6:
fa:cb:d6:1b:3c:bb:21:71:2c:e8:f5:fe:55:bb:cf:fd:a2:30:
54:66:3c:d1:d3:0e:ea:9e:14:0b:17:bc:e8:8d:79:de:2c:91:
02:29:0b:20:57:5e:69:31:a4:bb:07:0b:28:1b:a0:fd:0d:ce:
dd:be:b4:38:30:3e:3a:3d:d4:fe:c5:ea:69:56:0c:2c:d5:79:
96:71:68:f6:76:e4:1a:d2:51:be:ca:66:b0:6f:54:b4:0f:0a:
9b:f4:b1:d3:78:f5:bb:09:e6:fa:4d:30:ca:16:0b:6d:0c:4d:
93:c4:46:da:f9:6a:3f:c6:25:69:56:88:c7:3c:42:44:cc:f4:
df:47:fb:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwUks07wbRVevT3qy77di9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI4MDYxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODczZDRhOTU5MThjMjIzMGY2MjFkNzczYmI3ODBmYjc3NTA4YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2UDOBoGNCKiVVhJaLKxWj3zZoYw
0EMf27VxdZvBek4Gc0/X2X7P4zA/Zuqoh4PRHCDQr4/hoLhpDUAB93ElidWfMmnu
L7lwzCa4534In3ocB8EDJToPSAy9qDHA54SPZdNovIq/vripHSDRJoR+RDqDG4j1
W2d02aFR7dhbtZsH7wxs8E4KVXlc2BgrW+PhgvcluhoCcUauMpljAR/FLly+zAPL
7yJxWkhAsJpXE0XeaNFMs/IMOqxMpEfhX/5DrRmfZIHJY7m+AvCEuoTo+gnH0A6n
UDU/cI4b+Wc+1pM9LYO24ifsKVgEZLhCPgvX4+mrDtSQl9HZo0kYB+NVkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDhz1KlZGMIjD2Iddzu3gPt3UIq3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT0hQVXFWa1l3aU1QWWgxM083ZUEtM2RRaXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGBJqjbBMnZJybj6Sr4R
DA8bDR//bphax43nLBjHRIPP04C5ve4CktBpBaCIjGb4TuYWrdjJVIPB8NelCh7T
5v1I950MqbMzf8+oFeK7s6Gu594+nALt0LwY4/TqrpAm2a0aTEN/m0EpdSdQN+TY
ZjP1RkE1DBIWKVZbC5ki5vrL1hs8uyFxLOj1/lW7z/2iMFRmPNHTDuqeFAsXvOiN
ed4skQIpCyBXXmkxpLsHCygboP0Nzt2+tDgwPjo91P7F6mlWDCzVeZZxaPZ25BrS
Ub7KZrBvVLQPCpv0sdN49bsJ5vpNMMoWC20MTZPERtr5aj/GJWlWiMc8QkTM9N9H
+78=
-----END CERTIFICATE-----
Generated at Mon May 12 19:42:10 2025 by rpki-client