Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OrzVJA9BIi57wSPiHRKBIoVc6eY.roa
File: OrzVJA9BIi57wSPiHRKBIoVc6eY.roa (raw, json)
Hash identifier: ENhdZ9eDDSpzefbV4Nr3t2G06KgO0a/5eZT7YgPyE4A=
Subject key identifier: 3A:BC:D5:24:0F:41:22:2E:7B:C1:23:E2:1D:12:81:22:85:5C:E9:E6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3D59A4107331811F886CB7BE97CCD33E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OrzVJA9BIi57wSPiHRKBIoVc6eY.roa
Signing time: Tue 17 Oct 2023 11:16:06 +0000
ROA not before: Tue 17 Oct 2023 11:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:59:a4:10:73:31:81:1f:88:6c:b7:be:97:cc:d3:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 17 11:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3abcd5240f41222e7bc123e21d128122855ce9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f6:62:97:83:5b:65:66:a4:38:21:71:19:4d:
5e:52:85:98:be:54:2a:ce:14:72:44:91:95:ff:df:
a0:ab:bd:51:54:3b:0b:51:e8:a8:47:15:0d:10:2b:
89:d9:8a:a0:a3:c7:b6:63:86:a4:61:5f:af:00:7c:
5e:b4:a3:34:12:67:39:c3:92:45:34:00:c4:d8:61:
38:df:ef:c9:f7:a7:f4:68:bf:77:80:c5:1c:c2:d4:
d3:cb:84:e9:c3:c1:ee:d8:d7:ce:d6:76:53:e7:59:
48:c9:62:cc:0a:79:8e:ed:f9:d1:97:9a:21:71:f7:
62:66:a8:c9:86:03:67:e2:a7:bb:06:63:36:3e:97:
d4:75:ab:e8:b1:3e:99:a5:a8:07:cc:8b:d3:c4:95:
64:95:6e:0b:8f:6b:3c:51:37:a5:55:f1:64:e6:20:
5e:51:08:1b:0e:b4:70:29:ce:29:99:e6:a5:9a:36:
9d:b2:b4:62:0a:96:13:6e:f1:2c:27:c2:f5:1b:5c:
63:41:91:c5:13:a7:c9:82:2b:39:49:6d:33:c3:39:
44:50:ff:6d:52:54:55:77:c9:68:dd:82:c4:28:d3:
53:75:2f:5c:7e:fc:6b:d2:88:72:9d:7a:5d:6d:61:
6b:30:fe:77:88:ad:90:39:e7:a0:66:20:3d:77:64:
87:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BC:D5:24:0F:41:22:2E:7B:C1:23:E2:1D:12:81:22:85:5C:E9:E6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OrzVJA9BIi57wSPiHRKBIoVc6eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:39:a2:17:96:17:0a:6b:83:9f:59:d3:ac:0e:56:81:e3:1b:
93:71:3b:f0:11:ed:b1:78:09:e7:d2:b6:78:f6:ea:cc:a8:ab:
68:fc:ac:4e:38:bb:81:ac:1c:c4:b9:aa:10:4a:22:e8:ca:df:
ec:4e:c5:a8:1d:c1:ed:76:45:1f:fc:a8:ca:40:61:f1:b3:ef:
8b:7a:48:1a:74:9b:38:40:b6:20:54:fa:7d:93:5a:7e:a0:ff:
b9:1c:fd:25:22:32:33:e5:8e:de:4c:4b:b2:2c:a1:bc:e0:fa:
f6:b9:0e:0b:09:ac:f1:09:08:b7:19:d4:e9:ce:34:a7:61:e0:
4d:f3:dd:9a:26:64:0c:fc:65:09:a6:ae:24:f3:db:5f:15:65:
dd:0d:ba:4b:d2:e0:5f:5b:e2:cd:2b:8d:bc:ef:bb:7a:05:05:
06:e7:e0:24:4a:0a:6f:a6:b4:f8:87:1e:71:87:c5:86:d7:7b:
6e:29:09:64:9f:4f:93:0e:f9:55:69:a8:e0:28:ed:18:0e:45:
5b:fb:41:10:be:36:27:c6:d0:12:d9:65:5d:4f:fc:95:0e:ac:
1f:cd:41:13:a5:c4:2a:cf:a0:b4:9c:fd:5f:f3:2c:55:27:7e:
45:98:5d:af:f2:b7:71:df:a3:3a:ec:c5:9b:a7:4d:5b:45:9b:
07:ed:ae:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs9WaQQczGBH4hst76XzNM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE3MTExNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWJjZDUyNDBmNDEyMjJlN2JjMTIzZTIxZDEyODEyMjg1NWNlOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvZil4NbZWakOCFxGU1eUoWYvlQq
zhRyRJGV/9+gq71RVDsLUeioRxUNECuJ2Yqgo8e2Y4akYV+vAHxetKM0Emc5w5JF
NADE2GE43+/J96f0aL93gMUcwtTTy4Tpw8Hu2NfO1nZT51lIyWLMCnmO7fnRl5oh
cfdiZqjJhgNn4qe7BmM2PpfUdavosT6ZpagHzIvTxJVklW4Lj2s8UTelVfFk5iBe
UQgbDrRwKc4pmealmjadsrRiCpYTbvEsJ8L1G1xjQZHFE6fJgis5SW0zwzlEUP9t
UlRVd8lo3YLEKNNTdS9cfvxr0ohynXpdbWFrMP53iK2QOeegZiA9d2SHYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDq81SQPQSIue8Ej4h0SgSKFXOnmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT3J6VkpBOUJJaTU3d1NQaUhSS0JJb1ZjNmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGA5oheWFwprg59Z06wO
VoHjG5NxO/AR7bF4CefStnj26syoq2j8rE44u4GsHMS5qhBKIujK3+xOxagdwe12
RR/8qMpAYfGz74t6SBp0mzhAtiBU+n2TWn6g/7kc/SUiMjPljt5MS7Isobzg+va5
DgsJrPEJCLcZ1OnONKdh4E3z3ZomZAz8ZQmmriTz218VZd0NukvS4F9b4s0rjbzv
u3oFBQbn4CRKCm+mtPiHHnGHxYbXe24pCWSfT5MO+VVpqOAo7RgORVv7QRC+NifG
0BLZZV1P/JUOrB/NQROlxCrPoLSc/V/zLFUnfkWYXa/yt3HfozrsxZunTVtFmwft
roA=
-----END CERTIFICATE-----
Generated at Thu May 15 21:21:09 2025 by rpki-client