Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OuWQuCGsXxUKRUiQpBMBb7qSPi8.roa
File: OuWQuCGsXxUKRUiQpBMBb7qSPi8.roa (raw, json)
Hash identifier: tdlN3Ok41jwmPRsnkLcPsH+9aDQrGJAmmKQukFHTMUE=
Subject key identifier: 3A:E5:90:B8:21:AC:5F:15:0A:45:48:90:A4:13:01:6F:BA:92:3E:2F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C77E158D534031D4E120B04FCE10C4BAF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OuWQuCGsXxUKRUiQpBMBb7qSPi8.roa
Signing time: Sun 17 Dec 2023 13:05:06 +0000
ROA not before: Sun 17 Dec 2023 13:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:77e0:8da5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:77:e1:58:d5:34:03:1d:4e:12:0b:04:fc:e1:0c:4b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 13:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ae590b821ac5f150a454890a413016fba923e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e5:54:d0:76:ba:73:0c:05:23:52:f9:7d:50:
8e:5e:a6:8f:b0:63:bf:2c:28:04:0d:44:79:16:47:
c2:1d:12:a3:4b:41:d6:4a:aa:e4:31:ba:6e:a7:59:
bb:26:39:a6:fc:36:75:fb:34:c5:89:f8:e8:f5:d2:
2f:92:9a:1c:dd:e1:32:41:ec:06:6c:b9:a2:4d:92:
ce:e7:98:99:20:c5:e4:66:93:ba:5a:8a:ae:e8:0d:
af:3e:36:2b:14:1b:fe:ba:79:7f:72:b8:f7:b3:4c:
14:4f:44:d6:63:2a:1a:d9:55:36:18:15:97:e1:04:
9f:0e:e1:12:46:b2:3d:8d:9a:51:68:07:d5:fe:26:
c2:83:2a:5e:e2:c2:fa:aa:36:4b:43:92:c6:32:44:
af:23:70:5a:4d:55:62:4e:5a:ec:a8:4b:4a:75:d9:
79:a8:5e:57:2e:cf:63:84:15:1c:84:e4:ad:49:4d:
e8:dc:51:6b:b6:42:33:43:b6:cf:92:2e:b1:56:a0:
a3:a2:10:ba:28:f8:f9:d7:af:09:cc:47:5c:b2:b4:
25:e4:be:12:49:85:55:d4:f5:06:36:54:72:4d:e8:
a3:d6:6a:20:a0:24:64:f5:d4:ba:68:59:89:d8:f4:
43:a3:3e:74:49:df:98:1e:79:55:e8:4d:2b:3d:fb:
9b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E5:90:B8:21:AC:5F:15:0A:45:48:90:A4:13:01:6F:BA:92:3E:2F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/OuWQuCGsXxUKRUiQpBMBb7qSPi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:d7:b9:b6:64:b3:67:d2:f2:51:8d:7d:98:2e:11:a2:1d:2c:
82:f4:3e:7d:07:0e:af:d0:ea:62:a5:1c:21:8b:2e:fc:e6:3d:
c7:95:78:89:b3:13:48:05:92:63:75:23:71:0d:25:ed:85:25:
e9:87:ce:01:d1:ba:b4:77:d1:b6:4c:53:f7:04:cd:1c:d7:f1:
66:5f:2d:ca:0c:32:9a:65:9e:54:a4:04:70:be:f3:09:6d:88:
6e:44:4a:5d:01:ba:86:94:c9:72:25:3b:60:5e:90:20:71:6f:
de:46:60:c8:1d:71:05:c9:ff:af:2d:bd:48:59:9a:c1:f5:a6:
84:8f:83:e9:dc:8a:01:9e:75:1f:7b:e3:99:cb:69:88:0f:6e:
e4:b4:d3:7f:05:d4:28:35:61:3d:7e:af:15:6f:cf:cb:af:4b:
33:13:65:d2:ca:d1:bd:ed:72:21:c7:d1:70:93:cb:7c:ad:b4:
5f:33:e1:ea:9b:1a:1a:6c:ea:3d:3b:fa:18:ac:65:e8:65:2b:
d6:5f:93:37:11:e3:68:c9:5f:19:61:d0:4a:5c:99:c2:1d:ad:
61:1d:2a:1c:f5:15:fc:5d:d7:2e:0f:38:33:21:b7:5e:6a:eb:
66:ee:89:97:42:6c:e3:ec:90:d8:8a:ad:e9:4d:3b:9b:19:da:
51:4d:19:57
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx34VjVNAMdThILBPzhDEuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MTMwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU1OTBiODIxYWM1ZjE1MGE0NTQ4OTBhNDEzMDE2ZmJhOTIzZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+VU0Ha6cwwFI1L5fVCOXqaPsGO/
LCgEDUR5FkfCHRKjS0HWSqrkMbpup1m7Jjmm/DZ1+zTFifjo9dIvkpoc3eEyQewG
bLmiTZLO55iZIMXkZpO6Woqu6A2vPjYrFBv+unl/crj3s0wUT0TWYyoa2VU2GBWX
4QSfDuESRrI9jZpRaAfV/ibCgype4sL6qjZLQ5LGMkSvI3BaTVViTlrsqEtKddl5
qF5XLs9jhBUchOStSU3o3FFrtkIzQ7bPki6xVqCjohC6KPj5168JzEdcsrQl5L4S
SYVV1PUGNlRyTeij1mogoCRk9dS6aFmJ2PRDoz50Sd+YHnlV6E0rPfub6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDrlkLghrF8VCkVIkKQTAW+6kj4vMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvT3VXUXVDR3NYeFVLUlVpUXBCTUJiN3FTUGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEfXubZks2fS8lGNfZgu
EaIdLIL0Pn0HDq/Q6mKlHCGLLvzmPceVeImzE0gFkmN1I3ENJe2FJemHzgHRurR3
0bZMU/cEzRzX8WZfLcoMMpplnlSkBHC+8wltiG5ESl0BuoaUyXIlO2BekCBxb95G
YMgdcQXJ/68tvUhZmsH1poSPg+ncigGedR9745nLaYgPbuS0038F1Cg1YT1+rxVv
z8uvSzMTZdLK0b3tciHH0XCTy3yttF8z4eqbGhps6j07+hisZehlK9ZfkzcR42jJ
Xxlh0EpcmcIdrWEdKhz1Ffxd1y4PODMht15q62buiZdCbOPskNiKrelNO5sZ2lFN
GVc=
-----END CERTIFICATE-----
Generated at Mon May 12 13:01:21 2025 by rpki-client