Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OSVbhvDd6bLeXmTIRLcaSBvW8XY.roa
File: OSVbhvDd6bLeXmTIRLcaSBvW8XY.roa (raw, json)
Hash identifier: qqmaxmx8zD09HhHcYeYfcVPamsv+dBgm4PD3ojz1MZY=
Subject key identifier: 39:25:5B:86:F0:DD:E9:B2:DE:5E:64:C8:44:B7:1A:48:1B:D6:F1:76
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD98E299E1FC3BA47665412A8386E5FC0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OSVbhvDd6bLeXmTIRLcaSBvW8XY.roa
Signing time: Thu 28 Sep 2023 02:11:27 +0000
ROA not before: Thu 28 Sep 2023 02:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d9:8e:29:9e:1f:c3:ba:47:66:54:12:a8:38:6e:5f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 28 02:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=39255b86f0dde9b2de5e64c844b71a481bd6f176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:91:bd:af:51:6a:27:aa:78:bd:53:a7:95:dd:
c0:e7:61:43:1e:22:2a:9a:f0:fd:96:c8:6d:ab:20:
3e:ac:c7:0c:4d:4b:40:d5:fe:97:b4:ba:a0:21:67:
7e:77:be:97:63:ef:82:73:4e:f2:5d:f7:6f:bc:b0:
5d:0d:1d:e2:cb:96:e5:12:52:d4:4a:37:63:3c:f5:
5e:55:4c:c3:b6:72:fd:29:1b:c4:62:52:9b:bb:06:
4f:47:cf:46:58:00:f1:df:72:3a:49:d0:fd:d4:c0:
1a:26:10:e3:d4:87:07:fa:21:e3:ac:3d:35:4e:1d:
e1:bd:f9:15:c1:c6:52:c7:6a:d5:50:d4:c4:0c:33:
d7:58:9d:e0:23:64:cd:e7:12:04:64:b4:9b:69:d8:
46:4a:a7:7b:a3:16:7a:03:37:3b:a2:58:66:63:19:
bf:6d:62:80:f7:3e:9d:f3:10:2f:a3:32:33:22:f9:
fb:c4:f9:4d:7c:6c:95:77:d5:48:55:43:8b:f8:d2:
02:63:bd:e9:49:9c:04:c2:23:cf:b1:47:da:d8:3e:
b6:62:3f:54:63:cf:11:21:47:16:b1:a5:f3:87:d0:
31:62:25:5a:fd:ba:bc:2e:d3:b5:4a:f2:83:5f:42:
63:9c:41:f9:78:b9:b1:56:61:69:b8:be:6f:78:ed:
37:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:25:5B:86:F0:DD:E9:B2:DE:5E:64:C8:44:B7:1A:48:1B:D6:F1:76
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OSVbhvDd6bLeXmTIRLcaSBvW8XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:36:65:7c:47:ed:a1:35:14:c1:05:16:31:ba:77:1a:17:db:
d3:80:bf:e5:c3:6d:7c:26:18:46:5a:ca:4d:73:3c:b7:19:a7:
af:7a:ca:00:ad:55:62:1f:f6:fe:ba:f5:8a:21:e6:b8:b9:49:
61:fc:91:13:81:76:67:d2:a2:28:b5:d7:d4:b5:fa:2b:61:48:
8d:d5:47:6b:41:54:da:38:48:a6:64:92:78:f2:f6:bb:60:7f:
25:26:fc:96:90:b2:3d:17:71:ba:9a:22:b7:2b:c8:f0:1f:df:
2d:fe:36:1a:a7:f2:d2:e1:3a:80:a1:12:0e:8e:0d:11:90:0e:
e5:41:69:90:f6:93:de:fd:06:2a:d3:b3:a2:9a:3e:cb:73:e0:
c0:09:bd:a2:77:36:e1:e3:7f:dd:b6:2c:90:dc:f4:34:c8:60:
61:e8:27:60:26:8c:21:6c:a7:b5:89:72:61:e5:c0:ff:f5:a4:
9d:14:47:83:24:19:ab:33:c3:9c:1b:32:52:b2:b7:89:a0:79:
ac:0d:c8:9d:6d:aa:9e:6c:ff:8e:4b:6f:fc:90:cb:56:dd:dd:
cc:c0:5c:6c:a9:f8:bd:c4:79:fd:b2:76:29:1d:08:93:66:39:
de:01:aa:de:a0:90:20:6c:b9:0c:8c:a5:a6:0f:95:29:e7:f5:
d0:cb:b6:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrZjimeH8O6R2ZUEqg4bl/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI4MDIxMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTI1NWI4NmYwZGRlOWIyZGU1ZTY0Yzg0NGI3MWE0ODFiZDZmMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpG9r1FqJ6p4vVOnld3A52FDHiIq
mvD9lshtqyA+rMcMTUtA1f6XtLqgIWd+d76XY++Cc07yXfdvvLBdDR3iy5blElLU
SjdjPPVeVUzDtnL9KRvEYlKbuwZPR89GWADx33I6SdD91MAaJhDj1IcH+iHjrD01
Th3hvfkVwcZSx2rVUNTEDDPXWJ3gI2TN5xIEZLSbadhGSqd7oxZ6Azc7olhmYxm/
bWKA9z6d8xAvozIzIvn7xPlNfGyVd9VIVUOL+NICY73pSZwEwiPPsUfa2D62Yj9U
Y88RIUcWsaXzh9AxYiVa/bq8LtO1SvKDX0JjnEH5eLmxVmFpuL5veO03GQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDklW4bw3emy3l5kyES3Gkgb1vF2MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT1NWYmh2RGQ2YkxlWG1USVJMY2FTQnZXOFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACw2ZXxH7aE1FMEFFjG6
dxoX29OAv+XDbXwmGEZayk1zPLcZp696ygCtVWIf9v669Yoh5ri5SWH8kROBdmfS
oii119S1+ithSI3VR2tBVNo4SKZkknjy9rtgfyUm/JaQsj0XcbqaIrcryPAf3y3+
Nhqn8tLhOoChEg6ODRGQDuVBaZD2k979BirTs6KaPstz4MAJvaJ3NuHjf922LJDc
9DTIYGHoJ2AmjCFsp7WJcmHlwP/1pJ0UR4MkGaszw5wbMlKyt4mgeawNyJ1tqp5s
/45Lb/yQy1bd3czAXGyp+L3Eef2ydikdCJNmOd4Bqt6gkCBsuQyMpaYPlSnn9dDL
tgU=
-----END CERTIFICATE-----
Generated at Sat May 10 14:43:37 2025 by rpki-client