Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Onz-8r-5224YPWte0DJbeN5iAsc.roa
File: Onz-8r-5224YPWte0DJbeN5iAsc.roa (raw, json)
Hash identifier: FjqL+8UL49gILBioV8g4dwL7Cufcw2eP7O5hS/T8Vso=
Subject key identifier: 3A:7C:FE:F2:BF:B9:DB:6E:18:3D:6B:5E:D0:32:5B:78:DE:62:02:C7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B416344B791BD0C112FCC7C420B5E64ED
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Onz-8r-5224YPWte0DJbeN5iAsc.roa
Signing time: Wed 18 Oct 2023 06:05:06 +0000
ROA not before: Wed 18 Oct 2023 06:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:4162:8a7f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:63:44:b7:91:bd:0c:11:2f:cc:7c:42:0b:5e:64:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 18 06:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3a7cfef2bfb9db6e183d6b5ed0325b78de6202c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a4:72:cf:90:45:1c:60:d5:30:d9:ed:97:bd:
ec:fa:31:c4:b2:0a:9a:b5:41:28:63:50:bf:75:db:
80:ac:02:fa:be:21:35:88:07:5f:48:a0:55:05:8a:
a2:3b:92:fa:1f:5c:ae:78:ed:68:ad:2d:64:d9:ef:
68:33:eb:52:48:54:63:be:27:06:cb:64:27:5f:ac:
96:31:3e:6f:51:c0:96:00:64:fd:d8:c0:e8:4f:84:
c7:73:fa:79:6a:a8:7f:78:60:bb:e7:d5:1b:77:a5:
b0:00:9d:78:64:1d:27:a8:92:c0:18:ff:5a:8a:e1:
d3:9e:f0:4e:99:f8:4d:aa:85:0e:12:9a:36:70:68:
5d:5d:29:ea:49:35:5e:dc:71:9b:e4:34:63:9d:58:
82:a9:2e:eb:a5:35:f9:3e:12:56:81:ee:a2:82:19:
91:5d:b6:8b:fa:94:dc:f4:1e:5e:ef:17:ff:43:a8:
32:31:93:ce:0a:a4:9f:3a:ce:c0:7a:25:a6:d2:69:
e4:33:1e:68:f4:16:da:9f:93:9d:bd:9f:4e:5d:0f:
ff:fd:17:3b:9a:1c:e5:fa:09:48:8f:bd:38:6a:0c:
eb:51:e0:91:d6:09:7e:38:9e:f8:96:dd:2b:4d:b7:
8a:9f:c3:4f:b2:f4:ac:9e:6a:f5:cc:5f:ba:aa:aa:
8d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7C:FE:F2:BF:B9:DB:6E:18:3D:6B:5E:D0:32:5B:78:DE:62:02:C7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Onz-8r-5224YPWte0DJbeN5iAsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:ad:4d:aa:33:a5:48:55:dc:6c:0a:e9:55:9a:29:99:02:e6:
c0:3f:85:67:52:f8:eb:4c:d2:40:7e:08:df:6e:19:c6:7c:f3:
7b:24:04:a8:f2:62:4e:80:a3:ed:05:5b:67:5e:41:08:7b:64:
88:a3:55:11:a1:27:d8:2f:75:84:66:2f:9e:94:aa:a9:1a:30:
e0:0c:f9:4b:f2:ef:b7:7c:d2:e5:db:7d:d1:77:91:95:ec:e8:
ac:d7:58:6f:1b:1c:a1:00:45:c0:02:08:72:1d:2d:8c:88:d3:
73:80:60:45:0a:e1:e2:6a:6e:19:32:e0:6e:d3:86:81:fb:77:
22:c6:18:1d:5d:c4:b0:b8:0b:39:3c:95:10:3f:df:ff:ed:8d:
f6:eb:54:81:ee:64:f5:e7:85:c2:b0:3b:0f:b9:54:7e:fc:3e:
31:74:14:81:ab:a9:cd:71:ec:54:ba:93:40:76:b6:2d:6a:c7:
a6:92:c0:b0:bd:ab:8f:ec:5f:eb:2a:1d:02:72:57:dd:a7:90:
a4:74:c2:fb:e5:60:c6:3a:35:7e:76:a8:c1:7b:a6:45:f4:f9:
4f:b0:5f:91:84:64:e7:6d:82:86:99:da:8e:21:91:16:00:e3:
ac:9c:f5:1c:72:9a:d7:9c:b4:e9:83:84:48:57:a4:c0:55:9e:
b6:3e:99:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtBY0S3kb0MES/MfEILXmTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE4MDYwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdjZmVmMmJmYjlkYjZlMTgzZDZiNWVkMDMyNWI3OGRlNjIwMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6Ryz5BFHGDVMNntl73s+jHEsgqa
tUEoY1C/dduArAL6viE1iAdfSKBVBYqiO5L6H1yueO1orS1k2e9oM+tSSFRjvicG
y2QnX6yWMT5vUcCWAGT92MDoT4THc/p5aqh/eGC759Ubd6WwAJ14ZB0nqJLAGP9a
iuHTnvBOmfhNqoUOEpo2cGhdXSnqSTVe3HGb5DRjnViCqS7rpTX5PhJWge6ighmR
XbaL+pTc9B5e7xf/Q6gyMZPOCqSfOs7AeiWm0mnkMx5o9Bban5OdvZ9OXQ///Rc7
mhzl+glIj704agzrUeCR1gl+OJ74lt0rTbeKn8NPsvSsnmr1zF+6qqqNtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDp8/vK/udtuGD1rXtAyW3jeYgLHMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT256LThyLTUyMjRZUFd0ZTBESmJlTjVpQXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ+tTaozpUhV3GwK6VWa
KZkC5sA/hWdS+OtM0kB+CN9uGcZ883skBKjyYk6Ao+0FW2deQQh7ZIijVRGhJ9gv
dYRmL56UqqkaMOAM+Uvy77d80uXbfdF3kZXs6KzXWG8bHKEARcACCHIdLYyI03OA
YEUK4eJqbhky4G7ThoH7dyLGGB1dxLC4Czk8lRA/3//tjfbrVIHuZPXnhcKwOw+5
VH78PjF0FIGrqc1x7FS6k0B2ti1qx6aSwLC9q4/sX+sqHQJyV92nkKR0wvvlYMY6
NX52qMF7pkX0+U+wX5GEZOdtgoaZ2o4hkRYA46yc9RxymtectOmDhEhXpMBVnrY+
mTI=
-----END CERTIFICATE-----
Generated at Mon May 12 23:19:40 2025 by rpki-client