Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1qltjNVcRSb5CNnCyIqp0hG5InQ.roa
File: 1qltjNVcRSb5CNnCyIqp0hG5InQ.roa (raw, json)
Hash identifier: jZU7fVWj7mSxD0Z52u/Vaygff6lqv/KuZ2SZWKu9zUA=
Subject key identifier: D6:A9:6D:8C:D5:5C:45:26:F9:08:D9:C2:C8:8A:A9:D2:11:B9:22:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB87EC49ACCD1F43F9E15D9EF93E64B9B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1qltjNVcRSb5CNnCyIqp0hG5InQ.roa
Signing time: Fri 10 Nov 2023 09:09:57 +0000
ROA not before: Fri 10 Nov 2023 09:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:7e:c4:9a:cc:d1:f4:3f:9e:15:d9:ef:93:e6:4b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 10 09:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6a96d8cd55c4526f908d9c2c88aa9d211b92274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3e:4b:a3:c3:e6:85:49:18:7c:a5:d5:d1:17:
de:bb:01:3c:e7:91:93:58:d0:a5:80:13:71:ab:e7:
78:7a:b0:5d:77:21:15:91:28:b7:a5:e0:9a:7c:57:
df:79:20:39:88:41:42:e5:df:da:7f:91:63:c0:27:
8c:e0:9d:fc:7b:e6:77:d3:e7:18:1d:1a:af:dc:0f:
07:b7:fa:d9:92:39:0a:01:76:1a:18:db:2c:33:23:
74:f9:af:90:d3:1b:5b:76:9a:e9:e1:f3:fc:b0:8a:
9f:c6:ce:e4:ec:74:eb:c5:31:bd:5a:76:b3:fd:62:
c2:6a:2d:cc:5c:af:83:98:b5:f5:ca:7a:bf:47:4e:
a6:18:3a:c5:cb:9b:48:2a:9c:4b:3e:88:c1:69:89:
33:98:34:b4:0e:ad:26:95:16:b2:85:e9:ee:e8:6f:
15:b3:e5:42:9b:7a:18:44:66:20:29:00:15:d4:33:
3e:81:9d:2b:3d:8c:a2:e9:2e:c5:a1:cf:30:e8:3a:
7f:b7:27:c9:07:5c:ba:29:c9:03:11:a0:69:39:28:
a5:88:37:96:80:78:34:78:be:82:66:eb:dd:c2:c4:
69:90:5d:e3:a3:af:9b:42:28:7a:28:55:4c:ed:e7:
b2:54:4a:f7:c4:dd:9b:c9:27:b1:63:97:08:52:6a:
c2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A9:6D:8C:D5:5C:45:26:F9:08:D9:C2:C8:8A:A9:D2:11:B9:22:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1qltjNVcRSb5CNnCyIqp0hG5InQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:4e:ed:82:75:8a:46:f6:7c:9d:68:4d:ae:dd:c4:66:a8:6f:
05:5c:c7:5f:f8:df:e3:16:db:83:45:bb:19:50:b4:5b:dd:37:
c2:8b:73:58:29:5c:4d:b5:68:f1:4f:de:2e:04:96:64:c2:eb:
9e:20:9f:32:f7:fc:e8:a0:16:14:90:46:eb:b2:fa:1e:c7:6e:
33:7b:ee:54:3b:c6:63:00:56:dd:4a:0a:c1:e1:f9:2d:6a:c5:
80:02:3a:1c:f3:65:e0:ec:ed:f7:09:ed:eb:ca:f1:92:c1:5c:
8c:48:17:4d:89:a8:98:97:d9:bf:1a:2c:c2:b2:e4:96:43:e6:
46:5f:0c:e9:c0:e1:44:77:06:fd:f3:c5:29:a3:c5:8d:73:ec:
fa:00:ad:53:7f:b4:91:3f:84:19:81:ea:f6:45:6d:76:e3:f4:
2f:ce:63:c1:1e:15:c7:7e:18:67:2b:af:c9:be:3a:9f:6e:d4:
c9:c5:4a:6f:6b:26:a9:b4:38:d9:24:3d:ed:b7:fc:13:7f:b2:
6f:83:50:44:24:68:7a:2d:47:6c:52:37:09:28:af:2b:f7:cf:
10:ea:58:61:f0:b9:ef:68:9d:1a:75:2e:81:30:55:11:dc:ce:
79:60:52:ee:5d:74:4c:1d:8b:f9:1a:a7:61:91:de:ad:16:50:
28:53:16:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu4fsSazNH0P54V2e+T5kubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEwMDkwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE5NmQ4Y2Q1NWM0NTI2ZjkwOGQ5YzJjODhhYTlkMjExYjkyMjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT5Lo8PmhUkYfKXV0RfeuwE855GT
WNClgBNxq+d4erBddyEVkSi3peCafFffeSA5iEFC5d/af5FjwCeM4J38e+Z30+cY
HRqv3A8Ht/rZkjkKAXYaGNssMyN0+a+Q0xtbdprp4fP8sIqfxs7k7HTrxTG9Wnaz
/WLCai3MXK+DmLX1ynq/R06mGDrFy5tIKpxLPojBaYkzmDS0Dq0mlRayhenu6G8V
s+VCm3oYRGYgKQAV1DM+gZ0rPYyi6S7Foc8w6Dp/tyfJB1y6KckDEaBpOSiliDeW
gHg0eL6CZuvdwsRpkF3jo6+bQih6KFVM7eeyVEr3xN2bySexY5cIUmrC/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNapbYzVXEUm+QjZwsiKqdIRuSJ0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMXFsdGpOVmNSU2I1Q05uQ3lJcXAwaEc1SW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB5O7YJ1ikb2fJ1oTa7d
xGaobwVcx1/43+MW24NFuxlQtFvdN8KLc1gpXE21aPFP3i4ElmTC654gnzL3/Oig
FhSQRuuy+h7HbjN77lQ7xmMAVt1KCsHh+S1qxYACOhzzZeDs7fcJ7evK8ZLBXIxI
F02JqJiX2b8aLMKy5JZD5kZfDOnA4UR3Bv3zxSmjxY1z7PoArVN/tJE/hBmB6vZF
bXbj9C/OY8EeFcd+GGcrr8m+Op9u1MnFSm9rJqm0ONkkPe23/BN/sm+DUEQkaHot
R2xSNwkoryv3zxDqWGHwue9onRp1LoEwVRHcznlgUu5ddEwdi/kap2GR3q0WUChT
FlM=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:55:31 2025 by rpki-client