Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dWOt_glMj4ObyrBm9MD2C5dC5mc.roa
File: dWOt_glMj4ObyrBm9MD2C5dC5mc.roa (raw, json)
Hash identifier: KxKbktNPhq71/QlxpXGDA3KB/duK8TtkDRKv1ZLZQv4=
Subject key identifier: 75:63:AD:FE:09:4C:8F:83:9B:CA:B0:66:F4:C0:F6:0B:97:42:E6:67
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3C100BFDA52877042F40A563A1A1C7A2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dWOt_glMj4ObyrBm9MD2C5dC5mc.roa
Signing time: Tue 17 Oct 2023 05:16:06 +0000
ROA not before: Tue 17 Oct 2023 05:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:10:0b:fd:a5:28:77:04:2f:40:a5:63:a1:a1:c7:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 17 05:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7563adfe094c8f839bcab066f4c0f60b9742e667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8f:b1:4a:bb:45:20:b9:b8:8b:92:28:69:0d:
76:4b:b2:6e:6c:63:29:6b:db:d7:2a:c0:f0:99:18:
41:c6:b4:7a:44:df:28:a9:8b:0b:4b:17:99:fb:74:
2e:90:df:83:8a:62:25:64:c7:a5:0e:dc:93:60:dc:
53:d4:ca:75:ca:05:7f:e9:a3:05:ee:ba:c5:37:47:
d0:32:31:3e:80:22:26:2b:6e:48:b2:3b:fe:ec:da:
c0:ce:3b:2f:03:fc:7f:14:62:fa:3a:9f:58:13:44:
24:a4:62:76:a4:06:05:f7:01:ce:27:5e:4c:76:a5:
71:95:d2:b5:76:2f:bf:45:98:9f:63:79:96:1d:32:
72:c4:01:1c:20:ee:4c:e4:32:84:a4:36:89:1c:85:
19:b4:cb:d0:c7:f4:db:fc:bc:18:09:0e:71:64:2b:
5d:69:94:30:49:50:5a:5e:29:be:66:46:49:ab:0e:
75:da:ba:a3:62:e4:3e:96:f7:06:5f:71:ce:51:41:
2b:f8:b9:ed:06:1a:1e:e4:84:d4:43:39:27:b5:0a:
f0:34:64:7b:9d:c1:74:2f:17:1f:ac:81:c1:c2:2e:
84:11:5f:89:ec:a1:73:f4:1d:65:09:2e:22:bb:6f:
9b:99:fb:eb:6f:c4:cb:91:f0:79:b1:6a:47:a1:91:
60:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:63:AD:FE:09:4C:8F:83:9B:CA:B0:66:F4:C0:F6:0B:97:42:E6:67
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dWOt_glMj4ObyrBm9MD2C5dC5mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:8d:fd:4b:fc:68:29:f0:fe:91:94:8e:6c:80:c3:58:69:53:
d4:b5:5c:8c:c5:dd:8b:5d:4a:d6:fd:d3:7e:9c:40:56:75:0d:
05:0d:29:86:2e:ba:ef:37:6c:86:75:89:ca:50:d4:63:78:eb:
2a:86:b8:09:64:cd:58:76:f5:4b:7a:b6:04:c5:2d:77:a1:23:
a3:35:6e:7c:33:09:2f:1c:56:36:03:50:2b:c0:f8:a0:75:93:
6a:dc:e9:00:79:1f:da:a3:0b:db:7b:b5:21:50:d8:e4:02:0a:
5a:d2:c3:52:db:37:4c:4d:5f:ee:18:fd:da:65:53:e7:c7:0f:
8e:f4:89:96:9b:cd:f6:f9:42:af:43:63:ef:9e:32:03:35:f7:
1a:f9:9f:1e:60:46:97:97:09:55:c8:c1:bc:26:cc:9f:4e:a6:
12:64:55:66:14:76:9b:5a:54:aa:0a:ee:1e:65:4d:97:e4:50:
8d:29:fb:9c:dc:cc:24:cf:c4:b0:03:36:2d:d4:10:03:40:7a:
a8:9e:9b:1d:ee:06:0f:9c:b2:7e:06:14:f2:77:23:5a:46:4b:
90:44:c7:9a:55:a0:38:5a:42:3e:8f:23:ee:f4:dc:6f:e2:09:
fe:76:11:82:06:ea:7c:94:e5:cd:48:67:32:90:00:0f:8b:d9:
06:de:67:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs8EAv9pSh3BC9ApWOhoceiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE3MDUxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTYzYWRmZTA5NGM4ZjgzOWJjYWIwNjZmNGMwZjYwYjk3NDJlNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI+xSrtFILm4i5IoaQ12S7JubGMp
a9vXKsDwmRhBxrR6RN8oqYsLSxeZ+3QukN+DimIlZMelDtyTYNxT1Mp1ygV/6aMF
7rrFN0fQMjE+gCImK25Isjv+7NrAzjsvA/x/FGL6Op9YE0QkpGJ2pAYF9wHOJ15M
dqVxldK1di+/RZifY3mWHTJyxAEcIO5M5DKEpDaJHIUZtMvQx/Tb/LwYCQ5xZCtd
aZQwSVBaXim+ZkZJqw512rqjYuQ+lvcGX3HOUUEr+LntBhoe5ITUQzkntQrwNGR7
ncF0LxcfrIHBwi6EEV+J7KFz9B1lCS4iu2+bmfvrb8TLkfB5sWpHoZFgQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHVjrf4JTI+Dm8qwZvTA9guXQuZnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZFdPdF9nbE1qNE9ieXJCbTlNRDJDNWRDNW1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFWN/Uv8aCnw/pGUjmyA
w1hpU9S1XIzF3YtdStb9036cQFZ1DQUNKYYuuu83bIZ1icpQ1GN46yqGuAlkzVh2
9Ut6tgTFLXehI6M1bnwzCS8cVjYDUCvA+KB1k2rc6QB5H9qjC9t7tSFQ2OQCClrS
w1LbN0xNX+4Y/dplU+fHD470iZabzfb5Qq9DY++eMgM19xr5nx5gRpeXCVXIwbwm
zJ9OphJkVWYUdptaVKoK7h5lTZfkUI0p+5zczCTPxLADNi3UEANAeqiemx3uBg+c
sn4GFPJ3I1pGS5BEx5pVoDhaQj6PI+703G/iCf52EYIG6nyU5c1IZzKQAA+L2Qbe
Z9w=
-----END CERTIFICATE-----
Generated at Mon May 12 04:21:21 2025 by rpki-client