Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0uM8OV5sMS4u1yRJ3dzs5hM9AAU.roa
File: 0uM8OV5sMS4u1yRJ3dzs5hM9AAU.roa (raw, json)
Hash identifier: 7IFWV3ls3G0lKVIZzypcWWkfI21wD82rHjgyGQ2Dx+c=
Subject key identifier: D2:E3:3C:39:5E:6C:31:2E:2E:D7:24:49:DD:DC:EC:E6:13:3D:00:05
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBA9F80EF0E3D541211896ED30221E049
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0uM8OV5sMS4u1yRJ3dzs5hM9AAU.roa
Signing time: Fri 10 Nov 2023 19:04:57 +0000
ROA not before: Fri 10 Nov 2023 19:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:ba9f:18d2/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ba:9f:80:ef:0e:3d:54:12:11:89:6e:d3:02:21:e0:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 19:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2e33c395e6c312e2ed72449dddcece6133d0005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:99:7f:05:dd:3a:69:a8:89:7c:09:38:06:10:
e1:e4:af:6a:6f:f1:81:04:c9:d2:e2:d9:ba:b4:a8:
82:b9:56:2a:4d:85:50:63:ec:e8:5b:97:17:6b:c0:
66:8f:2c:27:3a:af:14:6c:61:ee:ef:24:9c:4a:b3:
9c:7e:01:23:47:0a:ca:85:3e:68:9e:b1:ca:de:f6:
2d:08:ac:9e:ca:4e:b3:f0:76:4f:c1:ee:09:e9:04:
ae:6a:f0:78:d7:6c:1b:b9:95:f1:94:30:e5:8f:1c:
94:fa:09:d0:f4:e0:31:d6:f8:a4:d3:ed:08:c8:17:
5e:51:0e:7c:24:93:f8:3d:21:13:af:93:04:1b:cd:
85:1d:fd:25:26:a8:ab:49:42:fd:1d:05:a9:d7:25:
08:e9:fd:f0:6f:1a:fa:a7:80:e2:77:1a:a3:a1:c7:
7b:d5:88:95:2c:93:14:8f:83:e7:16:70:4e:3f:24:
e9:b6:0a:bb:5c:f7:16:13:65:6f:6b:6e:77:4a:80:
20:03:f4:25:ce:d5:b9:5d:e0:5d:3e:01:6b:9c:3b:
7b:4a:49:37:fd:1a:5a:44:2e:78:99:76:51:cc:42:
76:fa:8b:04:48:17:ea:d2:84:46:e2:ff:79:16:7c:
47:11:fc:8d:3e:02:64:95:75:26:a7:fc:d2:9f:cf:
37:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E3:3C:39:5E:6C:31:2E:2E:D7:24:49:DD:DC:EC:E6:13:3D:00:05
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/0uM8OV5sMS4u1yRJ3dzs5hM9AAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cf:97:cf:bc:66:48:3f:44:57:5c:3e:96:da:10:85:e6:d2:2f:
66:44:ef:d9:dc:70:a3:5c:62:21:39:2f:c0:30:4f:b0:5a:e4:
f7:3c:d0:e9:4b:1b:50:db:54:07:fe:8f:82:5e:c2:59:1b:ad:
be:af:94:c8:07:1c:4e:8f:d6:92:d8:d9:f7:6f:b9:ef:3c:92:
61:13:9c:01:81:fc:0f:06:f7:4a:ca:ca:53:08:6a:37:45:52:
63:06:7e:bb:3e:23:d2:52:bd:e0:54:53:06:e8:ea:66:be:dd:
6b:fe:1f:54:fa:85:b8:f6:34:d4:6e:7c:bc:56:07:ee:7a:23:
66:00:28:4a:84:99:74:82:3b:bc:ac:d1:fa:ec:8c:79:f1:9f:
c1:e7:ad:12:8d:6a:b1:b4:ae:90:61:a0:01:df:4a:4b:4c:95:
ce:3b:79:21:40:e6:c0:e0:ca:0d:27:29:e5:8e:cf:07:74:f1:
9a:4f:c1:63:73:28:5b:72:fd:45:54:4e:16:2f:59:62:ff:c7:
1f:11:27:35:35:dd:1d:42:70:98:8c:50:10:bf:5d:f7:74:be:
10:cf:ff:97:c2:fc:40:b9:4b:c0:5a:ac:4c:5a:1d:77:c5:6c:
4a:3f:e8:db:65:67:fc:76:e6:03:13:7e:c5:d4:0c:6b:86:ad:
df:8b:ee:09
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu6n4DvDj1UEhGJbtMCIeBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMTkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmUzM2MzOTVlNmMzMTJlMmVkNzI0NDlkZGRjZWNlNjEzM2QwMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5l/Bd06aaiJfAk4BhDh5K9qb/GB
BMnS4tm6tKiCuVYqTYVQY+zoW5cXa8BmjywnOq8UbGHu7yScSrOcfgEjRwrKhT5o
nrHK3vYtCKyeyk6z8HZPwe4J6QSuavB412wbuZXxlDDljxyU+gnQ9OAx1vik0+0I
yBdeUQ58JJP4PSETr5MEG82FHf0lJqirSUL9HQWp1yUI6f3wbxr6p4Didxqjocd7
1YiVLJMUj4PnFnBOPyTptgq7XPcWE2Vva253SoAgA/QlztW5XeBdPgFrnDt7Skk3
/RpaRC54mXZRzEJ2+osESBfq0oRG4v95FnxHEfyNPgJklXUmp/zSn883oQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNLjPDlebDEuLtckSd3c7OYTPQAFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMHVNOE9WNXNNUzR1MXlSSjNkenM1aE05QUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAM+Xz7xmSD9EV1w+ltoQ
hebSL2ZE79nccKNcYiE5L8AwT7Ba5Pc80OlLG1DbVAf+j4Jewlkbrb6vlMgHHE6P
1pLY2fdvue88kmETnAGB/A8G90rKylMIajdFUmMGfrs+I9JSveBUUwbo6ma+3Wv+
H1T6hbj2NNRufLxWB+56I2YAKEqEmXSCO7ys0frsjHnxn8HnrRKNarG0rpBhoAHf
SktMlc47eSFA5sDgyg0nKeWOzwd08ZpPwWNzKFty/UVUThYvWWL/xx8RJzU13R1C
cJiMUBC/Xfd0vhDP/5fC/EC5S8BarExaHXfFbEo/6NtlZ/x25gMTfsXUDGuGrd+L
7gk=
-----END CERTIFICATE-----
Generated at Thu Jun 19 21:33:58 2025 by rpki-client