Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o_87lgbSvfo5dd7zdONPePp_DV8.roa
File: o_87lgbSvfo5dd7zdONPePp_DV8.roa (raw, json)
Hash identifier: C9YKGL5osVmusMzzkFAkmeDdq9un7xTALB8GRIbEiRM=
Subject key identifier: A3:FF:3B:96:06:D2:BD:FA:39:75:DE:F3:74:E3:4F:78:FA:7F:0D:5F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6161C41A1A67062B830CF9F4253908A4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o_87lgbSvfo5dd7zdONPePp_DV8.roa
Signing time: Wed 13 Dec 2023 04:14:06 +0000
ROA not before: Wed 13 Dec 2023 04:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:61:61:c4:1a:1a:67:06:2b:83:0c:f9:f4:25:39:08:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 04:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3ff3b9606d2bdfa3975def374e34f78fa7f0d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c5:e7:ca:19:29:3a:d1:9c:97:4b:68:2b:9f:
88:b4:52:83:c1:cf:fb:2d:2e:9d:fd:5e:ad:ce:d1:
ce:ec:ae:10:13:93:32:fe:4e:09:e6:b3:52:9f:93:
b9:17:9b:59:52:13:a9:0e:e4:c4:d4:01:7c:9c:73:
dd:1c:1d:23:87:a7:ee:f8:56:c7:9f:15:a4:fa:20:
b0:33:50:fb:a7:06:00:06:c6:3d:01:d0:5a:92:b5:
c7:30:04:d8:50:c5:38:a9:b5:72:8c:1d:e6:5b:9a:
63:5c:fb:cf:bb:5d:dc:66:84:93:87:2c:89:9e:59:
78:50:ea:05:90:79:2e:d0:d1:86:dc:75:a7:28:45:
2d:72:22:c5:4d:96:a6:03:61:08:35:ab:86:d7:f9:
b8:29:a3:09:94:bf:d4:08:f8:69:d2:bc:18:59:d2:
97:9c:9e:7c:4e:43:82:20:46:f2:78:0c:ea:92:77:
39:3c:e9:f8:20:2a:4f:70:ab:c4:e2:bd:e4:ba:b1:
91:e0:e2:48:91:18:21:3b:5c:3e:a4:39:f5:23:f8:
f3:8c:b3:d1:9c:13:86:3a:16:03:6f:06:96:22:97:
e4:4f:e8:23:53:04:ae:66:8d:35:f2:70:9e:ea:19:
94:b0:50:63:10:2a:95:74:c8:b2:19:5a:c8:76:20:
c6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:FF:3B:96:06:D2:BD:FA:39:75:DE:F3:74:E3:4F:78:FA:7F:0D:5F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/o_87lgbSvfo5dd7zdONPePp_DV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:4c:79:cd:82:8d:16:13:82:f2:54:c2:aa:12:cd:7b:e2:63:
33:4d:8f:8b:70:2f:02:7b:06:b3:42:69:e6:9a:6c:8a:7d:55:
9e:7d:61:f1:85:77:5d:5e:9b:bd:6c:2d:f2:b6:84:18:01:ca:
0f:7c:b0:c0:f0:7b:bb:06:d9:99:9b:08:e7:d4:e6:f9:7d:bc:
c4:93:b4:44:a9:ba:43:5b:72:6f:b4:85:b1:4c:30:f8:a5:99:
6a:12:9f:b2:6a:27:4a:e5:a2:ee:bc:c5:04:4e:ad:06:f9:1f:
6a:16:e5:de:3d:fb:f7:c0:bc:c8:df:ef:c1:b9:cd:ee:2d:43:
3b:ad:1c:90:46:59:32:15:fe:8c:63:a3:9f:c0:3d:e4:d7:82:
c8:34:17:9b:4b:47:22:7b:c2:04:4d:5f:90:f7:74:8e:48:8d:
89:cc:a7:ed:13:e4:7e:bb:ee:d0:6b:5e:ae:92:49:82:94:25:
dc:09:b0:66:aa:9a:b5:eb:1f:52:6e:09:71:73:97:b9:e2:4c:
28:72:49:db:b2:75:7d:45:db:ee:b6:67:4d:e4:9e:60:e9:3d:
f3:1a:c2:0b:03:c7:eb:c8:e8:f4:5f:5e:53:34:28:a4:e1:87:
11:75:54:ba:c7:c1:a7:64:37:d2:d5:12:2b:59:80:31:8c:d3:
33:ef:53:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxhYcQaGmcGK4MM+fQlOQikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMDQxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2ZmM2I5NjA2ZDJiZGZhMzk3NWRlZjM3NGUzNGY3OGZhN2YwZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38XnyhkpOtGcl0toK5+ItFKDwc/7
LS6d/V6tztHO7K4QE5My/k4J5rNSn5O5F5tZUhOpDuTE1AF8nHPdHB0jh6fu+FbH
nxWk+iCwM1D7pwYABsY9AdBakrXHMATYUMU4qbVyjB3mW5pjXPvPu13cZoSThyyJ
nll4UOoFkHku0NGG3HWnKEUtciLFTZamA2EINauG1/m4KaMJlL/UCPhp0rwYWdKX
nJ58TkOCIEbyeAzqknc5POn4ICpPcKvE4r3kurGR4OJIkRghO1w+pDn1I/jzjLPR
nBOGOhYDbwaWIpfkT+gjUwSuZo018nCe6hmUsFBjECqVdMiyGVrIdiDGUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKP/O5YG0r36OXXe83TjT3j6fw1fMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb184N2xnYlN2Zm81ZGQ3emRPTlBlUHBfRFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGRMec2CjRYTgvJUwqoS
zXviYzNNj4twLwJ7BrNCaeaabIp9VZ59YfGFd11em71sLfK2hBgByg98sMDwe7sG
2ZmbCOfU5vl9vMSTtESpukNbcm+0hbFMMPilmWoSn7JqJ0rlou68xQROrQb5H2oW
5d49+/fAvMjf78G5ze4tQzutHJBGWTIV/oxjo5/APeTXgsg0F5tLRyJ7wgRNX5D3
dI5IjYnMp+0T5H677tBrXq6SSYKUJdwJsGaqmrXrH1JuCXFzl7niTChySduydX1F
2+62Z03knmDpPfMawgsDx+vI6PRfXlM0KKThhxF1VLrHwadkN9LVEitZgDGM0zPv
U1Q=
-----END CERTIFICATE-----
Generated at Mon May 12 19:32:40 2025 by rpki-client