Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OIf_yQ2FXwXOSHpedjto-HJRJls.roa
File: OIf_yQ2FXwXOSHpedjto-HJRJls.roa (raw, json)
Hash identifier: KmZBE5quhmVlVeaUwX569luBjqFHTibLluZTQAHOY0I=
Subject key identifier: 38:87:FF:C9:0D:85:5F:05:CE:48:7A:5E:76:3B:68:F8:72:51:26:5B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB95A7EB392C1D862B934CEB481DDABC0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OIf_yQ2FXwXOSHpedjto-HJRJls.roa
Signing time: Fri 10 Nov 2023 13:09:57 +0000
ROA not before: Fri 10 Nov 2023 13:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b9:5a:7e:b3:92:c1:d8:62:b9:34:ce:b4:81:dd:ab:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 13:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3887ffc90d855f05ce487a5e763b68f87251265b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:83:55:8f:9f:6b:a8:df:6a:fe:30:d2:36:ba:
e0:d1:65:cf:16:91:a7:e0:79:fb:3b:59:3b:4a:3b:
53:7f:95:d9:9b:19:c8:73:28:36:d5:e2:c9:b1:f4:
63:ab:97:12:ed:40:73:b1:df:6b:53:d5:0a:83:e6:
e7:15:17:e8:e2:c0:01:5c:f4:40:f7:05:12:e4:d1:
91:0a:f1:59:9b:32:49:e8:fc:af:74:29:52:73:22:
78:7b:8c:c8:0d:a7:5b:37:19:5a:de:be:93:53:e6:
11:94:f9:a3:a4:aa:96:c3:d3:30:c8:61:a0:68:9a:
82:87:06:fd:d6:01:7f:01:a6:1c:c5:39:ef:1c:07:
d5:66:df:4a:e3:7a:28:98:d0:1a:4b:54:8f:6d:c9:
bb:6d:c5:48:a0:2a:ce:0c:f3:1d:1d:1b:f2:1a:aa:
6d:00:4f:64:d9:2d:27:1e:17:5c:61:ed:8a:06:ba:
5c:84:ee:0e:b5:32:74:b5:ba:32:7c:58:39:51:6c:
df:d5:15:db:94:ba:35:c7:c9:01:22:f4:20:48:8f:
cc:2e:78:ac:99:5c:b0:d3:6d:b7:df:6b:f8:eb:58:
f6:3b:40:6e:95:c4:d5:cd:dc:01:af:6f:8b:0d:4c:
de:1c:83:b6:c1:f4:5d:ee:f4:09:96:7e:8d:5d:ed:
fb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:87:FF:C9:0D:85:5F:05:CE:48:7A:5E:76:3B:68:F8:72:51:26:5B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OIf_yQ2FXwXOSHpedjto-HJRJls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:be:72:56:a2:71:30:c6:f5:cf:c7:db:27:7d:1b:e9:8f:8b:
cd:8d:5f:4f:94:99:f2:9b:0d:b4:2c:01:c9:4a:2d:85:af:04:
1c:7f:7c:9f:b8:56:5c:22:09:ba:15:12:99:d9:c6:df:93:4f:
a4:8c:74:cb:d2:f0:be:b6:55:52:cc:e2:e3:61:5f:99:33:a5:
1e:15:50:20:35:89:0e:f7:54:e5:1b:fd:37:d6:ae:33:ff:76:
ab:b4:fe:4d:1b:3f:1c:6c:58:d4:df:ba:4d:91:c7:eb:fb:fc:
50:03:f2:1b:90:53:c3:30:40:fc:d7:c1:f4:17:f4:e3:de:30:
6b:cf:7f:3a:50:4b:57:2d:62:0f:17:b7:24:be:f7:b6:40:d9:
ef:09:ae:f6:23:21:f4:a0:06:9f:e4:b9:90:1f:e8:83:6f:52:
0c:34:dd:c4:7e:e2:f8:5b:dd:55:36:2a:b9:93:12:21:ed:d2:
db:15:84:8a:74:e1:87:fd:e5:58:7f:f2:ef:bb:2c:1d:61:dc:
32:f3:20:b5:61:14:19:a0:be:8c:52:cd:a4:8a:46:4c:c5:cc:
16:77:56:b8:79:a5:0a:78:ee:e0:4e:ae:d6:e9:a9:15:e4:44:
c7:8c:3c:e5:12:81:8f:aa:79:97:d7:7b:d0:56:44:92:67:5a:
16:e0:11:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu5Wn6zksHYYrk0zrSB3avAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMTMwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODg3ZmZjOTBkODU1ZjA1Y2U0ODdhNWU3NjNiNjhmODcyNTEyNjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4NVj59rqN9q/jDSNrrg0WXPFpGn
4Hn7O1k7SjtTf5XZmxnIcyg21eLJsfRjq5cS7UBzsd9rU9UKg+bnFRfo4sABXPRA
9wUS5NGRCvFZmzJJ6PyvdClScyJ4e4zIDadbNxla3r6TU+YRlPmjpKqWw9MwyGGg
aJqChwb91gF/AaYcxTnvHAfVZt9K43oomNAaS1SPbcm7bcVIoCrODPMdHRvyGqpt
AE9k2S0nHhdcYe2KBrpchO4OtTJ0tboyfFg5UWzf1RXblLo1x8kBIvQgSI/MLnis
mVyw022332v461j2O0BulcTVzdwBr2+LDUzeHIO2wfRd7vQJln6NXe37kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDiH/8kNhV8Fzkh6XnY7aPhyUSZbMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT0lmX3lRMkZYd1hPU0hwZWRqdG8tSEpSSmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAS+claicTDG9c/H2yd9
G+mPi82NX0+UmfKbDbQsAclKLYWvBBx/fJ+4VlwiCboVEpnZxt+TT6SMdMvS8L62
VVLM4uNhX5kzpR4VUCA1iQ73VOUb/TfWrjP/dqu0/k0bPxxsWNTfuk2Rx+v7/FAD
8huQU8MwQPzXwfQX9OPeMGvPfzpQS1ctYg8XtyS+97ZA2e8JrvYjIfSgBp/kuZAf
6INvUgw03cR+4vhb3VU2KrmTEiHt0tsVhIp04Yf95Vh/8u+7LB1h3DLzILVhFBmg
voxSzaSKRkzFzBZ3Vrh5pQp47uBOrtbpqRXkRMeMPOUSgY+qeZfXe9BWRJJnWhbg
EW8=
-----END CERTIFICATE-----
Generated at Tue May 13 02:13:41 2025 by rpki-client