Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ONHfvoMk6nX_YmBCkR9sZZ0iFos.roa
File: ONHfvoMk6nX_YmBCkR9sZZ0iFos.roa (raw, json)
Hash identifier: 9HJbYAyrZLnZMGIIdFDSL2ZmH8lWlOkfqJBMUpm8OaE=
Subject key identifier: 38:D1:DF:BE:83:24:EA:75:FF:62:60:42:91:1F:6C:65:9D:22:16:8B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C604E30CB328C434F153CB0EC78EFFCCD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ONHfvoMk6nX_YmBCkR9sZZ0iFos.roa
Signing time: Tue 12 Dec 2023 23:13:06 +0000
ROA not before: Tue 12 Dec 2023 23:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:60:4e:30:cb:32:8c:43:4f:15:3c:b0:ec:78:ef:fc:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 23:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=38d1dfbe8324ea75ff626042911f6c659d22168b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a5:75:47:48:6d:d7:9f:9c:9d:ba:0a:ba:0e:
c3:e0:ee:64:71:cc:99:37:80:a2:3a:78:3f:a8:00:
40:d2:2e:a9:9d:e7:bd:70:ca:21:40:bd:e9:9b:68:
f2:e5:af:49:fa:7f:04:f6:9d:80:ce:d0:67:4c:8b:
bf:16:74:12:6e:39:7c:5a:c1:e3:e3:51:0a:5e:2d:
4d:ba:d2:32:27:88:ab:be:89:ef:d6:6d:33:30:44:
59:01:af:8f:bb:ef:70:ba:5d:90:d5:fb:ef:79:94:
da:9e:97:cd:a2:a2:df:ee:e8:69:9a:01:e8:92:22:
af:61:d7:6a:50:90:70:6e:aa:3e:1b:99:9a:cf:7e:
15:a0:4b:88:44:ce:bc:55:f9:91:dd:e8:98:e3:f1:
6d:c9:17:09:ed:dd:82:f7:3d:de:bc:93:fd:73:47:
56:b7:69:fc:c8:f2:2d:0f:db:5f:ce:56:ff:71:0b:
88:32:10:6f:48:b4:d1:61:95:1f:4b:f0:c2:ac:b3:
e9:dd:37:70:f7:7e:43:94:a5:be:d3:54:d5:61:e7:
d3:38:2c:30:11:ee:9b:97:ac:39:a3:3f:53:c4:87:
7e:39:00:2b:ad:7c:67:5e:59:15:ff:71:74:96:c2:
3c:b8:10:6b:19:91:c1:50:7c:10:73:3a:93:ee:b6:
c3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D1:DF:BE:83:24:EA:75:FF:62:60:42:91:1F:6C:65:9D:22:16:8B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ONHfvoMk6nX_YmBCkR9sZZ0iFos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:d0:d2:bb:55:ae:74:9f:42:54:23:a1:08:55:df:df:52:9d:
ba:9c:52:51:c0:57:9a:04:ec:44:9d:cb:5c:67:16:fc:47:ce:
e1:d5:ac:56:11:9f:41:df:56:b4:59:b4:4f:65:9b:51:e9:66:
e8:30:fb:c8:14:31:8d:fc:05:39:d2:be:94:95:0f:c8:d8:6b:
ca:8e:5c:bd:e3:81:c1:36:1e:a0:c4:a1:66:02:99:0a:cc:9a:
17:e9:49:3a:7a:03:bc:43:82:bd:64:c8:26:a9:bd:74:67:80:
89:46:ea:fb:74:c8:13:69:09:9b:ac:14:08:d1:97:af:ae:3e:
54:2d:0a:d4:d6:74:30:ad:00:f2:c7:d5:55:65:31:7f:c3:d5:
c7:6b:c8:ee:b2:49:a3:14:70:b7:35:ad:84:2f:96:41:27:50:
ec:e9:23:2f:87:e0:16:4e:f4:c0:34:b9:0e:4c:66:e3:c0:66:
09:ae:c9:56:70:ce:44:4f:36:c6:7a:de:be:be:1e:9f:9e:b6:
bf:a6:00:41:21:3c:06:d4:85:71:56:47:20:04:ab:e3:bb:ae:
3a:af:c8:40:26:2c:50:10:ad:d0:27:a4:04:a8:03:ab:5e:2c:
53:cd:1a:ed:ba:fd:b4:f8:cf:d4:e6:a2:64:66:ae:ff:fd:43:
e9:89:11:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxgTjDLMoxDTxU8sOx47/zNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMjMxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQxZGZiZTgzMjRlYTc1ZmY2MjYwNDI5MTFmNmM2NTlkMjIxNjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6V1R0ht15+cnboKug7D4O5kccyZ
N4CiOng/qABA0i6pnee9cMohQL3pm2jy5a9J+n8E9p2AztBnTIu/FnQSbjl8WsHj
41EKXi1NutIyJ4irvonv1m0zMERZAa+Pu+9wul2Q1fvveZTanpfNoqLf7uhpmgHo
kiKvYddqUJBwbqo+G5maz34VoEuIRM68VfmR3eiY4/FtyRcJ7d2C9z3evJP9c0dW
t2n8yPItD9tfzlb/cQuIMhBvSLTRYZUfS/DCrLPp3Tdw935DlKW+01TVYefTOCww
Ee6bl6w5oz9TxId+OQArrXxnXlkV/3F0lsI8uBBrGZHBUHwQczqT7rbDcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDjR376DJOp1/2JgQpEfbGWdIhaLMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT05IZnZvTWs2blhfWW1CQ2tSOXNaWjBpRm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGLQ0rtVrnSfQlQjoQhV
399SnbqcUlHAV5oE7ESdy1xnFvxHzuHVrFYRn0HfVrRZtE9lm1HpZugw+8gUMY38
BTnSvpSVD8jYa8qOXL3jgcE2HqDEoWYCmQrMmhfpSTp6A7xDgr1kyCapvXRngIlG
6vt0yBNpCZusFAjRl6+uPlQtCtTWdDCtAPLH1VVlMX/D1cdryO6ySaMUcLc1rYQv
lkEnUOzpIy+H4BZO9MA0uQ5MZuPAZgmuyVZwzkRPNsZ63r6+Hp+etr+mAEEhPAbU
hXFWRyAEq+O7rjqvyEAmLFAQrdAnpASoA6teLFPNGu26/bT4z9TmomRmrv/9Q+mJ
EQc=
-----END CERTIFICATE-----
Generated at Sun May 11 17:03:05 2025 by rpki-client