Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/omf4vnMlpk5ED4_lV9MEe977PV8.roa
File: omf4vnMlpk5ED4_lV9MEe977PV8.roa (raw, json)
Hash identifier: NLU5J8tCYrc9TkhdVjj/5KDY2ibwfJDqMDiBj7p3uD0=
Subject key identifier: A2:67:F8:BE:73:25:A6:4E:44:0F:8F:E5:57:D3:04:7B:DE:FB:3D:5F
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BDBECF2775BBEE29B9C7BF119BE2716E7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/omf4vnMlpk5ED4_lV9MEe977PV8.roa
Signing time: Fri 17 Nov 2023 06:17:00 +0000
ROA not before: Fri 17 Nov 2023 06:17:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:db:ec:f2:77:5b:be:e2:9b:9c:7b:f1:19:be:27:16:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 17 06:17:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a267f8be7325a64e440f8fe557d3047bdefb3d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e5:be:87:fa:3d:d6:e1:c8:83:52:b3:be:07:
00:c0:49:15:93:9d:7e:ba:b4:be:ef:d1:3e:32:25:
46:a5:df:70:78:e0:80:3d:7b:17:9b:56:66:b1:db:
af:77:83:ec:97:42:e1:12:9b:67:3e:72:29:cf:84:
c3:38:2f:fe:d6:da:4d:54:63:c5:b6:85:7d:b4:73:
63:a2:49:28:f0:44:19:b0:a2:b6:bb:58:5b:72:37:
b7:5d:de:32:92:c1:cf:85:10:62:94:8d:84:07:f4:
1b:04:65:90:cc:cb:b9:52:9b:cf:07:05:b0:ee:b6:
41:38:fe:c0:7f:02:95:41:29:7f:5a:58:71:13:56:
9d:6e:be:0b:d1:c6:f2:13:15:78:9e:e5:8f:44:55:
9f:1f:c3:99:db:81:ce:4b:e3:3a:32:06:9c:8a:01:
1f:13:af:28:fd:c9:95:08:8d:37:d1:62:ea:ed:11:
93:40:26:a9:25:7f:ba:00:92:b9:20:1d:b4:19:15:
e1:d5:00:e9:2c:5a:b5:51:9d:b9:fb:54:91:88:43:
e6:4c:80:61:ab:8b:ab:d3:a3:36:64:d7:46:5d:88:
2f:81:6d:82:86:38:3b:96:d1:97:85:06:a9:31:30:
d7:9d:49:92:7b:8c:aa:55:d4:72:5c:9f:5c:d3:fe:
de:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:67:F8:BE:73:25:A6:4E:44:0F:8F:E5:57:D3:04:7B:DE:FB:3D:5F
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/omf4vnMlpk5ED4_lV9MEe977PV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:86:6d:41:cc:db:81:c5:d4:b2:76:ad:8f:82:e1:ad:61:bf:
1e:9a:e3:60:cb:64:50:01:c3:53:9c:e2:be:18:c3:c0:19:55:
2a:28:87:f5:c9:64:4f:6d:1e:56:48:28:90:59:b1:ae:85:b2:
cb:58:74:6c:e6:c9:15:3f:f3:fb:9b:82:50:81:73:2e:55:0a:
54:97:ed:af:1d:54:c2:11:ed:8d:15:67:d5:95:57:ec:7a:55:
5b:1c:a9:87:9c:b6:b1:f3:47:48:f3:07:96:9c:fb:b8:bc:7e:
6e:4a:7c:48:0e:f8:c4:91:0c:9a:42:2a:32:0f:71:f3:bb:05:
92:96:6d:b3:77:9d:b8:5d:18:f1:c5:bd:da:bf:7f:fd:91:1b:
76:87:2d:32:4a:14:9e:d4:44:9d:fb:ff:60:2c:a9:64:dc:d3:
92:0d:87:ab:6e:e1:33:86:69:ac:37:f8:3d:a0:ad:ba:f4:98:
bc:06:a7:69:88:3f:7e:b7:33:f0:18:18:a1:b3:a0:2e:b0:64:
32:4e:8d:94:e4:ef:d5:9c:41:5e:b8:a8:29:59:88:c5:6a:08:
4e:d6:90:a4:b2:20:53:fd:bf:7e:88:b1:24:85:d7:38:64:48:
80:13:4a:aa:e6:94:44:90:d8:6b:8a:a5:8e:22:d1:d1:96:37:
b5:b0:9c:d6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvb7PJ3W77im5x78Rm+JxbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE3MDYxNzAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjY3ZjhiZTczMjVhNjRlNDQwZjhmZTU1N2QzMDQ3YmRlZmIzZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeW+h/o91uHIg1KzvgcAwEkVk51+
urS+79E+MiVGpd9weOCAPXsXm1Zmsduvd4Psl0LhEptnPnIpz4TDOC/+1tpNVGPF
toV9tHNjokko8EQZsKK2u1hbcje3Xd4yksHPhRBilI2EB/QbBGWQzMu5UpvPBwWw
7rZBOP7AfwKVQSl/WlhxE1adbr4L0cbyExV4nuWPRFWfH8OZ24HOS+M6MgacigEf
E68o/cmVCI030WLq7RGTQCapJX+6AJK5IB20GRXh1QDpLFq1UZ25+1SRiEPmTIBh
q4ur06M2ZNdGXYgvgW2Chjg7ltGXhQapMTDXnUmSe4yqVdRyXJ9c0/7e9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJn+L5zJaZORA+P5VfTBHve+z1fMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb21mNHZuTWxwazVFRDRfbFY5TUVlOTc3UFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHmGbUHM24HF1LJ2rY+C
4a1hvx6a42DLZFABw1Oc4r4Yw8AZVSooh/XJZE9tHlZIKJBZsa6FsstYdGzmyRU/
8/ubglCBcy5VClSX7a8dVMIR7Y0VZ9WVV+x6VVscqYectrHzR0jzB5ac+7i8fm5K
fEgO+MSRDJpCKjIPcfO7BZKWbbN3nbhdGPHFvdq/f/2RG3aHLTJKFJ7URJ37/2As
qWTc05INh6tu4TOGaaw3+D2grbr0mLwGp2mIP363M/AYGKGzoC6wZDJOjZTk79Wc
QV64qClZiMVqCE7WkKSyIFP9v36IsSSF1zhkSIATSqrmlESQ2GuKpY4i0dGWN7Ww
nNY=
-----END CERTIFICATE-----
Generated at Sat May 10 13:48:55 2025 by rpki-client