Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oHKaU05bfD_SeMrOe1PP_ZXcwz4.roa
File: oHKaU05bfD_SeMrOe1PP_ZXcwz4.roa (raw, json)
Hash identifier: HX09sc2reVhz2eIp8RXK8aVhidYn2LA1Bi5qpQj9KWY=
Subject key identifier: A0:72:9A:53:4E:5B:7C:3F:D2:78:CA:CE:7B:53:CF:FD:95:DC:C3:3E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3A14DCBC86AAD7AD2761F10F013307D3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oHKaU05bfD_SeMrOe1PP_ZXcwz4.roa
Signing time: Tue 05 Dec 2023 13:04:54 +0000
ROA not before: Tue 05 Dec 2023 13:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:3a14:439a/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:14:dc:bc:86:aa:d7:ad:27:61:f1:0f:01:33:07:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 13:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a0729a534e5b7c3fd278cace7b53cffd95dcc33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:15:fd:2c:56:47:31:40:c5:f6:cf:e5:40:8c:
99:f4:02:91:a4:a2:9a:d4:86:80:5e:cb:48:d7:41:
ba:1e:70:fa:52:4f:8a:b4:dd:df:72:a6:10:17:3e:
ae:d1:b3:5c:57:b0:9a:05:23:d2:5b:ec:c1:19:ce:
4b:83:a6:81:96:01:8b:65:26:c6:81:96:7a:ef:65:
26:3c:ca:ce:4d:e2:ef:e6:05:15:57:62:f0:cc:6b:
8b:c3:1d:5f:63:27:4f:82:2a:03:77:7d:80:5d:f4:
54:ba:d9:4f:70:f1:60:08:5c:39:e5:f8:e8:ae:59:
61:4a:e1:89:ab:91:c8:89:eb:48:10:0e:d5:04:a0:
01:ee:f7:f2:48:61:6e:a9:ac:27:09:33:b9:62:6e:
93:3f:b3:c8:45:f9:86:c5:47:aa:a8:da:44:87:69:
6d:39:b7:c0:df:a4:65:d5:64:cc:29:64:d0:5c:ab:
b9:38:1e:e6:2b:c3:74:2a:a8:7b:28:da:5e:47:00:
c8:5a:4b:b2:8f:44:69:c3:e3:20:db:ab:9b:35:18:
a9:62:31:f4:ec:1c:91:6e:13:bc:97:e2:b9:0e:a0:
22:21:df:00:84:79:2e:30:a7:c5:78:db:7d:96:d0:
b6:c8:93:6c:c9:2c:f5:6f:3c:a9:45:e8:a8:d9:d2:
ab:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:72:9A:53:4E:5B:7C:3F:D2:78:CA:CE:7B:53:CF:FD:95:DC:C3:3E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oHKaU05bfD_SeMrOe1PP_ZXcwz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:11:96:fb:ec:57:10:89:21:9a:10:17:f2:bd:e1:91:e5:99:
d5:da:98:9f:1f:9b:14:fd:40:c2:3a:0e:4a:0e:0d:26:d4:92:
35:c7:a4:34:9b:58:53:40:35:00:1f:0f:dd:53:32:d5:7d:e7:
88:c3:a7:b3:a2:18:cc:bf:c2:5d:39:23:d6:30:7d:9d:38:9f:
6e:b3:7e:16:2a:dd:ec:07:6f:22:45:d8:ac:bd:0c:8d:1a:bf:
54:e9:e4:e3:13:23:d6:8c:46:c8:98:66:4f:47:f0:74:7f:76:
cf:e8:cb:35:49:de:9c:89:89:24:e0:a9:a9:9d:05:43:db:27:
d9:93:e3:08:41:85:43:39:57:04:b4:23:c0:1b:c5:73:52:57:
6a:e1:21:8f:b7:f9:1c:22:5c:3b:7e:c4:f4:3c:83:a4:75:78:
1a:ce:1b:7e:2b:9e:59:65:44:e7:56:4a:ff:d5:07:3a:59:26:
90:81:54:9e:5f:e8:7a:be:0a:58:9f:1d:c0:60:a0:57:74:ef:
d4:95:51:87:90:9b:01:5f:17:e9:6c:88:13:77:f6:37:8b:bc:
cb:e7:a5:d2:aa:a2:9f:70:58:a6:e0:7d:65:e1:30:27:73:56:
23:7d:5d:02:71:cb:ef:38:d4:a4:53:ab:1d:c6:a6:da:83:73:
2f:d5:4c:9f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw6FNy8hqrXrSdh8Q8BMwfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MTMwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDcyOWE1MzRlNWI3YzNmZDI3OGNhY2U3YjUzY2ZmZDk1ZGNjMzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhX9LFZHMUDF9s/lQIyZ9AKRpKKa
1IaAXstI10G6HnD6Uk+KtN3fcqYQFz6u0bNcV7CaBSPSW+zBGc5Lg6aBlgGLZSbG
gZZ672UmPMrOTeLv5gUVV2LwzGuLwx1fYydPgioDd32AXfRUutlPcPFgCFw55fjo
rllhSuGJq5HIietIEA7VBKAB7vfySGFuqawnCTO5Ym6TP7PIRfmGxUeqqNpEh2lt
ObfA36Rl1WTMKWTQXKu5OB7mK8N0Kqh7KNpeRwDIWkuyj0Rpw+Mg26ubNRipYjH0
7ByRbhO8l+K5DqAiId8AhHkuMKfFeNt9ltC2yJNsySz1bzypReio2dKr6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKBymlNOW3w/0njKzntTz/2V3MM+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb0hLYVUwNWJmRF9TZU1yT2UxUFBfWlhjd3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABgRlvvsVxCJIZoQF/K9
4ZHlmdXamJ8fmxT9QMI6DkoODSbUkjXHpDSbWFNANQAfD91TMtV954jDp7OiGMy/
wl05I9YwfZ04n26zfhYq3ewHbyJF2Ky9DI0av1Tp5OMTI9aMRsiYZk9H8HR/ds/o
yzVJ3pyJiSTgqamdBUPbJ9mT4whBhUM5VwS0I8AbxXNSV2rhIY+3+RwiXDt+xPQ8
g6R1eBrOG34rnlllROdWSv/VBzpZJpCBVJ5f6Hq+ClifHcBgoFd079SVUYeQmwFf
F+lsiBN39jeLvMvnpdKqop9wWKbgfWXhMCdzViN9XQJxy+841KRTqx3GptqDcy/V
TJ8=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:32:03 2025 by rpki-client