Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oQViIoljM6XoKOI0z4cjTrcC5oQ.roa
File: oQViIoljM6XoKOI0z4cjTrcC5oQ.roa (raw, json)
Hash identifier: +NP3eEgC9KN872pVlEkIlLfSYkT6Ydm9XRQ3csnoPOg=
Subject key identifier: A1:05:62:22:89:63:33:A5:E8:28:E2:34:CF:87:23:4E:B7:02:E6:84
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B005EA2D45BD3BC5E403F2D6EE1313771
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oQViIoljM6XoKOI0z4cjTrcC5oQ.roa
Signing time: Thu 05 Oct 2023 15:04:43 +0000
ROA not before: Thu 05 Oct 2023 15:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:5e:41d5/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:5e:a2:d4:5b:d3:bc:5e:40:3f:2d:6e:e1:31:37:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 15:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a1056222896333a5e828e234cf87234eb702e684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:44:6c:07:d0:26:63:58:1f:bb:27:a6:3e:ea:
be:2d:9c:05:b9:87:d8:77:a9:1c:f7:35:84:72:10:
74:c9:27:ec:90:7c:f1:44:7a:fb:2e:51:af:94:9a:
88:73:c1:84:80:39:6a:c8:73:c0:87:56:57:07:b6:
73:65:84:31:8d:e6:cd:7c:24:ae:3a:e0:f7:28:1d:
8f:e3:81:b0:05:41:aa:5f:8c:d7:7e:e7:77:af:13:
da:6a:74:00:95:e8:df:51:9a:8b:b3:7a:22:9e:f8:
a8:09:60:a1:ba:04:3a:8a:cb:87:c9:67:48:71:72:
46:77:20:08:37:ae:de:9d:5b:af:16:56:55:cd:e3:
16:f9:58:e1:1a:bf:3a:62:79:c2:6d:6e:9a:66:96:
82:a5:90:e7:6f:19:e4:a9:ca:28:e0:9f:bf:80:53:
a9:33:92:89:33:5c:dc:92:22:5a:f3:b5:2a:27:a5:
56:79:fc:5d:71:b6:6f:b1:c2:5f:57:53:7b:e3:5a:
ef:22:e6:d5:fc:4a:d0:fa:bb:c9:59:49:8b:e6:7f:
05:eb:17:4a:c2:9a:89:23:77:3e:3b:3e:f6:f6:89:
09:3d:b2:4e:af:d2:c4:8e:66:ee:01:0a:8b:48:d9:
37:8e:aa:4c:a9:6b:5d:e6:0e:a4:87:85:d1:47:eb:
13:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:05:62:22:89:63:33:A5:E8:28:E2:34:CF:87:23:4E:B7:02:E6:84
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/oQViIoljM6XoKOI0z4cjTrcC5oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6f:b4:9b:fe:ee:6e:b6:24:44:c9:46:06:5e:87:c3:fb:69:e3:
70:e6:cd:e3:df:7b:02:ae:22:81:8d:8b:d3:9a:e9:70:cc:87:
43:83:7a:36:3f:be:96:4a:d5:86:ac:3b:55:3d:4d:a6:78:bc:
79:0f:56:14:06:5d:25:52:c0:1d:a0:33:35:e5:6d:f6:c9:cb:
6f:5e:c6:46:67:fd:60:14:08:d6:e7:5f:60:0a:e7:b8:d5:70:
ba:c4:28:92:0c:0e:d3:48:d5:43:1e:35:d0:2e:ee:2c:4a:dd:
5f:64:5d:07:e8:b5:45:a9:11:8c:a1:a7:35:6d:6e:65:de:16:
7d:3a:5b:c0:1b:9d:0b:12:47:db:22:a4:b3:82:9c:2a:24:d1:
ce:84:16:8a:bf:89:74:e7:ed:50:11:b6:05:1c:6d:14:d3:38:
76:5e:2c:4f:a7:91:05:5a:b3:d0:d0:56:36:30:99:2a:42:fc:
b9:78:cf:51:6d:58:5c:6a:49:ca:21:b5:93:b9:b2:e6:cd:d5:
ac:78:05:1e:98:83:09:d7:4c:eb:6a:fb:e8:55:25:64:38:54:
d5:fe:33:52:04:6c:67:af:20:b4:50:d4:7d:24:0c:87:97:73:
b9:7a:d5:b9:39:c9:5c:98:fc:00:c3:fb:9a:5d:21:e4:16:54:
78:6a:c4:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsAXqLUW9O8XkA/LW7hMTdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MTUwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTA1NjIyMjg5NjMzM2E1ZTgyOGUyMzRjZjg3MjM0ZWI3MDJlNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0RsB9AmY1gfuyemPuq+LZwFuYfY
d6kc9zWEchB0ySfskHzxRHr7LlGvlJqIc8GEgDlqyHPAh1ZXB7ZzZYQxjebNfCSu
OuD3KB2P44GwBUGqX4zXfud3rxPaanQAlejfUZqLs3oinvioCWChugQ6isuHyWdI
cXJGdyAIN67enVuvFlZVzeMW+VjhGr86YnnCbW6aZpaCpZDnbxnkqcoo4J+/gFOp
M5KJM1zckiJa87UqJ6VWefxdcbZvscJfV1N741rvIubV/ErQ+rvJWUmL5n8F6xdK
wpqJI3c+Oz729okJPbJOr9LEjmbuAQqLSNk3jqpMqWtd5g6kh4XRR+sT0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKEFYiKJYzOl6CjiNM+HI063AuaEMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvb1FWaUlvbGpNNlhvS09JMHo0Y2pUcmNDNW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG+0m/7ubrYkRMlGBl6H
w/tp43DmzePfewKuIoGNi9Oa6XDMh0ODejY/vpZK1YasO1U9TaZ4vHkPVhQGXSVS
wB2gMzXlbfbJy29exkZn/WAUCNbnX2AK57jVcLrEKJIMDtNI1UMeNdAu7ixK3V9k
XQfotUWpEYyhpzVtbmXeFn06W8AbnQsSR9sipLOCnCok0c6EFoq/iXTn7VARtgUc
bRTTOHZeLE+nkQVas9DQVjYwmSpC/Ll4z1FtWFxqScohtZO5subN1ax4BR6YgwnX
TOtq++hVJWQ4VNX+M1IEbGevILRQ1H0kDIeXc7l61bk5yVyY/ADD+5pdIeQWVHhq
xEc=
-----END CERTIFICATE-----
Generated at Wed Jun 18 22:46:09 2025 by rpki-client