Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oDHGE1W34bRC35fvHnWi8SPFnUs.roa
File: oDHGE1W34bRC35fvHnWi8SPFnUs.roa (raw, json)
Hash identifier: NugZUYSPbZJBuBfEJGG44lKwtliTkEWZ05xxQ1/kaLM=
Subject key identifier: A0:31:C6:13:55:B7:E1:B4:42:DF:97:EF:1E:75:A2:F1:23:C5:9D:4B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAF770EDB3608835230E46D4B53466792
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oDHGE1W34bRC35fvHnWi8SPFnUs.roa
Signing time: Wed 08 Nov 2023 15:04:57 +0000
ROA not before: Wed 08 Nov 2023 15:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:af76:7c28/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:77:0e:db:36:08:83:52:30:e4:6d:4b:53:46:67:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 8 15:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a031c61355b7e1b442df97ef1e75a2f123c59d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:44:38:73:b4:9e:b4:d0:8d:5f:d7:56:82:c9:
38:6c:c2:b4:ac:0d:74:e5:d4:c1:45:4e:9f:81:5f:
fc:20:2d:3e:11:26:8f:3e:8c:51:13:29:bb:e7:74:
32:34:04:0b:e2:92:ba:97:1f:46:5f:8b:eb:63:4b:
7f:d6:54:4e:b4:27:93:93:74:99:a1:9f:9c:c6:e8:
68:6e:dc:4e:a7:45:79:a4:36:14:9b:58:cd:4e:d1:
bc:b0:3d:85:43:83:3b:1b:e9:ba:ec:48:46:14:9b:
d7:b0:d5:31:13:d7:7f:f7:87:51:10:57:b2:4e:63:
b6:df:69:b3:b4:07:fb:8d:e0:b5:94:5b:d9:ae:f0:
f1:68:9a:21:9d:19:c8:dd:4c:b7:33:f0:79:4c:3a:
ee:94:29:16:da:a8:3e:aa:58:53:c2:31:e1:76:2c:
fc:77:79:e0:8b:d9:f7:63:e7:28:ef:80:59:2f:f2:
70:ce:56:00:31:b8:47:99:11:32:de:78:e9:1a:ba:
3d:52:f7:bd:9e:a6:ad:b5:9c:11:c1:f4:48:65:ee:
2a:d3:95:57:46:b0:f7:3e:6f:a5:03:92:b6:fa:b9:
98:fd:6c:3d:c6:7f:56:f5:e8:12:fd:ed:71:05:15:
fd:07:5e:26:09:be:9d:46:d4:bb:da:78:c7:42:ce:
cf:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:31:C6:13:55:B7:E1:B4:42:DF:97:EF:1E:75:A2:F1:23:C5:9D:4B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oDHGE1W34bRC35fvHnWi8SPFnUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:1c:e5:66:87:52:ea:f8:5c:52:6a:21:b4:da:72:a9:a8:c3:
01:25:66:1d:93:14:95:fc:46:30:b8:12:89:c1:91:90:2c:e9:
06:ce:d9:95:91:76:66:04:54:40:8c:6a:29:4d:40:4a:b1:6e:
1f:c1:57:20:46:94:5d:5a:0b:7c:33:f4:5d:d9:e2:24:12:67:
82:c7:48:96:18:bb:75:f7:f9:d6:af:f8:c7:b9:b5:23:83:07:
3d:06:ec:eb:8e:16:b8:da:79:e5:43:7a:99:1d:07:81:ed:38:
81:ca:ae:75:71:01:a8:42:14:be:9e:aa:3b:2a:42:72:05:fe:
e8:5c:ae:16:f1:39:96:55:dd:0f:98:cd:39:6f:c9:f3:c3:eb:
66:16:c0:92:e3:f7:71:7e:bc:c7:64:ed:66:c6:3d:f4:48:f9:
2c:f8:90:d3:40:4b:cf:f5:13:77:87:f8:6c:82:3b:d2:b6:3d:
68:4a:2f:c1:5f:dd:59:ff:4e:21:db:3a:4b:b7:ed:f1:8c:de:
b3:30:b4:a2:f0:61:00:e9:8e:db:e8:82:59:65:a7:3b:9e:0c:
cc:7e:2c:aa:d3:4d:e3:50:84:e6:5b:78:5c:95:45:86:6b:d3:
06:23:7b:9f:bd:d3:b3:01:76:1f:20:1a:93:87:ed:3d:9a:5c:
4f:dd:c6:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuvdw7bNgiDUjDkbUtTRmeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA4MTUwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDMxYzYxMzU1YjdlMWI0NDJkZjk3ZWYxZTc1YTJmMTIzYzU5ZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUQ4c7SetNCNX9dWgsk4bMK0rA10
5dTBRU6fgV/8IC0+ESaPPoxREym753QyNAQL4pK6lx9GX4vrY0t/1lROtCeTk3SZ
oZ+cxuhobtxOp0V5pDYUm1jNTtG8sD2FQ4M7G+m67EhGFJvXsNUxE9d/94dREFey
TmO232mztAf7jeC1lFvZrvDxaJohnRnI3Uy3M/B5TDrulCkW2qg+qlhTwjHhdiz8
d3ngi9n3Y+co74BZL/JwzlYAMbhHmREy3njpGro9Uve9nqattZwRwfRIZe4q05VX
RrD3Pm+lA5K2+rmY/Ww9xn9W9egS/e1xBRX9B14mCb6dRtS72njHQs7PjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKAxxhNVt+G0Qt+X7x51ovEjxZ1LMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb0RIR0UxVzM0YlJDMzVmdkhuV2k4U1BGblVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANIc5WaHUur4XFJqIbTa
cqmowwElZh2TFJX8RjC4EonBkZAs6QbO2ZWRdmYEVECMailNQEqxbh/BVyBGlF1a
C3wz9F3Z4iQSZ4LHSJYYu3X3+dav+Me5tSODBz0G7OuOFrjaeeVDepkdB4HtOIHK
rnVxAahCFL6eqjsqQnIF/uhcrhbxOZZV3Q+YzTlvyfPD62YWwJLj93F+vMdk7WbG
PfRI+Sz4kNNAS8/1E3eH+GyCO9K2PWhKL8Ff3Vn/TiHbOku37fGM3rMwtKLwYQDp
jtvoglllpzueDMx+LKrTTeNQhOZbeFyVRYZr0wYje5+907MBdh8gGpOH7T2aXE/d
xrI=
-----END CERTIFICATE-----
Generated at Tue Jun 17 02:57:45 2025 by rpki-client