Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oW2v2YXCkH8tR07XLs0MNKelQXA.roa
File: oW2v2YXCkH8tR07XLs0MNKelQXA.roa (raw, json)
Hash identifier: geKtKa132GeVcewXq8r+BpE6b9euGeAt9+78pDTIRMY=
Subject key identifier: A1:6D:AF:D9:85:C2:90:7F:2D:47:4E:D7:2E:CD:0C:34:A7:A5:41:70
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B09D9B2675F66176C1E6B1BA3D4DF8C6F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oW2v2YXCkH8tR07XLs0MNKelQXA.roa
Signing time: Sat 07 Oct 2023 11:15:43 +0000
ROA not before: Sat 07 Oct 2023 11:15:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:09:d9:b2:67:5f:66:17:6c:1e:6b:1b:a3:d4:df:8c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 11:15:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a16dafd985c2907f2d474ed72ecd0c34a7a54170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:76:09:49:76:2c:67:eb:3d:ae:6d:a8:d4:48:
c4:c6:37:3a:c5:2c:d8:a9:8e:7f:c1:a6:94:0e:30:
10:e3:5e:95:f3:0c:a0:21:65:10:1f:b8:1b:59:85:
cc:88:26:03:d3:9f:37:37:11:8b:6d:0b:a0:74:a5:
3b:6f:5b:6e:52:ac:23:aa:12:64:c4:ae:d4:fc:6f:
24:4b:21:ff:99:74:f1:11:7c:b3:05:de:8f:9e:f9:
ed:ba:60:c6:78:f9:dd:4f:61:24:4e:60:7d:4a:ec:
b4:00:ef:1f:0e:e7:38:00:5a:59:a2:27:f4:0e:6e:
27:a3:c6:20:74:c7:e2:6d:22:12:c3:bc:82:a1:2c:
8e:a5:2d:b2:d7:2b:a8:c8:41:99:61:2b:e5:eb:87:
e1:7e:d1:63:23:55:f1:69:2b:ec:80:ac:e4:9b:db:
98:27:6c:cc:b3:5c:b1:05:f9:f6:55:99:18:89:5a:
f7:19:b7:c2:75:b1:f8:0d:db:f1:4f:47:6e:00:9e:
c2:37:52:06:bf:b7:29:e9:c6:64:ef:33:32:b1:c8:
b3:a0:68:c3:f1:b2:85:f3:16:d3:51:56:70:ac:c3:
63:c0:86:87:50:b0:56:d1:6f:80:9f:48:1e:c2:1f:
bb:b0:ea:03:92:f3:e5:58:83:3f:d7:24:fb:b9:db:
15:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6D:AF:D9:85:C2:90:7F:2D:47:4E:D7:2E:CD:0C:34:A7:A5:41:70
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oW2v2YXCkH8tR07XLs0MNKelQXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:2c:c5:aa:74:e0:b6:c1:72:03:23:ce:00:d4:7b:ac:b9:35:
3f:a6:28:0b:d8:9e:6e:f7:52:d6:5b:b2:4f:b5:93:6d:d5:a1:
91:cb:4c:5c:98:21:e9:f9:8c:24:26:42:c8:7f:bb:d2:d2:f0:
19:70:86:c7:cc:68:be:9b:3a:f2:4a:f7:95:93:5d:86:8e:4b:
65:7d:31:6b:11:1c:ac:00:53:8c:fd:d1:ef:42:b5:ff:50:7e:
ad:7c:85:61:90:9d:28:e3:88:56:07:c0:5e:18:51:a3:be:7b:
18:3e:b3:fd:07:0c:64:61:05:93:2f:70:ce:b1:0c:06:c3:c1:
78:8a:ef:6e:d1:9b:5b:64:27:ca:4e:3a:f1:15:df:dc:5d:90:
fe:a6:9d:42:ad:6a:72:ca:1e:7b:a1:ec:41:f3:c8:15:27:98:
d1:38:4c:21:5c:06:7f:96:12:68:aa:76:5a:ae:1f:c1:25:d9:
e1:63:cb:c4:20:c0:6b:99:24:bd:e7:b8:3b:66:8b:cf:3a:11:
65:62:a7:18:3f:df:a9:e6:0a:64:a3:91:61:84:0e:7c:14:4d:
da:f1:ed:32:66:ea:c8:1e:90:f5:73:60:44:73:94:bd:fd:a5:
18:45:5f:02:9c:ff:aa:8c:e1:dd:e1:92:61:34:5c:43:2d:b2:
15:14:47:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsJ2bJnX2YXbB5rG6PU34xvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MTExNTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZkYWZkOTg1YzI5MDdmMmQ0NzRlZDcyZWNkMGMzNGE3YTU0MTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3YJSXYsZ+s9rm2o1EjExjc6xSzY
qY5/waaUDjAQ416V8wygIWUQH7gbWYXMiCYD0583NxGLbQugdKU7b1tuUqwjqhJk
xK7U/G8kSyH/mXTxEXyzBd6PnvntumDGePndT2EkTmB9Suy0AO8fDuc4AFpZoif0
Dm4no8YgdMfibSISw7yCoSyOpS2y1yuoyEGZYSvl64fhftFjI1XxaSvsgKzkm9uY
J2zMs1yxBfn2VZkYiVr3GbfCdbH4DdvxT0duAJ7CN1IGv7cp6cZk7zMyscizoGjD
8bKF8xbTUVZwrMNjwIaHULBW0W+An0gewh+7sOoDkvPlWIM/1yT7udsV/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKFtr9mFwpB/LUdO1y7NDDSnpUFwMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb1cydjJZWENrSDh0UjA3WExzME1OS2VsUVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH0sxap04LbBcgMjzgDU
e6y5NT+mKAvYnm73UtZbsk+1k23VoZHLTFyYIen5jCQmQsh/u9LS8BlwhsfMaL6b
OvJK95WTXYaOS2V9MWsRHKwAU4z90e9Ctf9Qfq18hWGQnSjjiFYHwF4YUaO+exg+
s/0HDGRhBZMvcM6xDAbDwXiK727Rm1tkJ8pOOvEV39xdkP6mnUKtanLKHnuh7EHz
yBUnmNE4TCFcBn+WEmiqdlquH8El2eFjy8QgwGuZJL3nuDtmi886EWVipxg/36nm
CmSjkWGEDnwUTdrx7TJm6sgekPVzYERzlL39pRhFXwKc/6qM4d3hkmE0XEMtshUU
R5I=
-----END CERTIFICATE-----
Generated at Tue May 13 19:54:34 2025 by rpki-client