Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/45Q-Yipqgw9hJSXDSW6YLYzihg4.roa
File: 45Q-Yipqgw9hJSXDSW6YLYzihg4.roa (raw, json)
Hash identifier: nk5gPvyKwzhchrfpAURodaLyEo4KK7uA/zvZpoEH9VA=
Subject key identifier: E3:94:3E:62:2A:6A:83:0F:61:25:25:C3:49:6E:98:2D:8C:E2:86:0E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3F81B356CBD871DC7B1C3B3196BA4038
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/45Q-Yipqgw9hJSXDSW6YLYzihg4.roa
Signing time: Tue 17 Oct 2023 21:19:06 +0000
ROA not before: Tue 17 Oct 2023 21:19:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3f:81:b3:56:cb:d8:71:dc:7b:1c:3b:31:96:ba:40:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 17 21:19:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3943e622a6a830f612525c3496e982d8ce2860e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c7:e1:e6:dc:f0:b4:05:70:44:78:7c:21:25:
29:da:eb:c7:b3:ba:dc:90:86:7b:b1:63:32:60:7d:
3e:4c:c1:47:0f:9f:35:1c:dd:5d:26:b3:2e:5b:fa:
ad:50:29:5f:3b:3b:ec:bf:28:19:b9:ed:30:9c:93:
d0:33:b5:58:73:92:6f:bb:67:27:6b:e8:3e:6e:b3:
d3:78:66:03:97:df:05:f2:b9:88:64:5f:8c:85:5b:
0e:25:e5:89:f4:23:64:e1:70:fa:99:f9:d3:6e:b3:
bb:11:eb:d7:e9:c7:f9:9c:df:c5:77:2f:34:8c:6b:
e5:70:4f:0c:ea:35:f5:ec:ca:20:cf:29:94:f4:1f:
c8:7c:9a:63:6d:75:1a:ce:e9:46:95:9e:33:86:cf:
1d:1c:1f:00:95:fa:98:18:d4:79:97:54:5e:30:77:
90:99:14:f5:55:7e:db:d1:b3:02:d3:cd:e5:fa:2b:
e6:45:8c:83:47:02:f9:58:91:e5:c8:bd:3b:2c:95:
bf:60:05:65:49:5e:45:f4:a2:21:6e:5d:92:4d:6d:
bf:4f:3b:b2:e4:75:8b:46:4d:67:97:88:1a:54:d8:
71:54:1a:b0:93:e2:43:3d:28:41:d8:d6:e2:a9:e7:
83:e9:9c:a2:10:7f:0a:ee:c6:8c:22:5d:da:62:3b:
cc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:94:3E:62:2A:6A:83:0F:61:25:25:C3:49:6E:98:2D:8C:E2:86:0E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/45Q-Yipqgw9hJSXDSW6YLYzihg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:c9:69:37:83:05:cb:bb:b6:84:a4:5a:42:7c:42:b1:27:df:
96:54:02:c7:72:14:cf:af:76:3b:06:6e:df:b6:fe:27:8f:98:
e1:f6:9b:aa:99:76:12:3a:4b:b6:23:4f:58:2f:6d:54:d0:fb:
22:72:8a:54:a9:14:a5:9d:d7:bd:21:e8:a6:b3:30:90:d4:2c:
f9:5a:80:94:f1:b8:b2:33:68:97:a1:0a:80:99:67:8c:78:0f:
59:99:ba:c6:7d:aa:f8:54:fb:91:a3:d4:c1:4e:6f:ba:d4:ea:
c0:c4:42:36:fb:d4:09:89:58:73:51:2b:42:f6:28:79:28:59:
49:bf:03:38:12:5e:90:8b:a7:f8:90:2a:03:5e:75:6b:99:3b:
91:cd:ae:0e:51:be:0e:1b:79:0b:e6:ac:9a:a2:c6:34:c7:37:
96:8f:c4:89:07:3f:ca:71:7a:81:06:3a:e1:71:4c:5f:0d:49:
b5:9d:23:51:fa:af:bb:2b:0a:9d:72:be:d8:71:e8:88:f2:7a:
91:a3:98:6c:5e:87:16:73:9e:ee:63:17:de:e2:53:52:c6:29:
7f:c7:b2:9c:cf:2b:fd:37:33:2c:b4:16:e9:de:68:af:71:d7:
06:48:77:17:bb:4f:7a:46:ff:57:17:10:a3:4b:21:03:79:3c:
fa:f2:d5:bb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs/gbNWy9hx3HscOzGWukA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE3MjExOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzk0M2U2MjJhNmE4MzBmNjEyNTI1YzM0OTZlOTgyZDhjZTI4NjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocfh5tzwtAVwRHh8ISUp2uvHs7rc
kIZ7sWMyYH0+TMFHD581HN1dJrMuW/qtUClfOzvsvygZue0wnJPQM7VYc5Jvu2cn
a+g+brPTeGYDl98F8rmIZF+MhVsOJeWJ9CNk4XD6mfnTbrO7EevX6cf5nN/Fdy80
jGvlcE8M6jX17MogzymU9B/IfJpjbXUazulGlZ4zhs8dHB8AlfqYGNR5l1ReMHeQ
mRT1VX7b0bMC083l+ivmRYyDRwL5WJHlyL07LJW/YAVlSV5F9KIhbl2STW2/Tzuy
5HWLRk1nl4gaVNhxVBqwk+JDPShB2NbiqeeD6ZyiEH8K7saMIl3aYjvMjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOOUPmIqaoMPYSUlw0lumC2M4oYOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNDVRLVlpcHFndzloSlNYRFNXNllMWXppaGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPJaTeDBcu7toSkWkJ8
QrEn35ZUAsdyFM+vdjsGbt+2/iePmOH2m6qZdhI6S7YjT1gvbVTQ+yJyilSpFKWd
170h6KazMJDULPlagJTxuLIzaJehCoCZZ4x4D1mZusZ9qvhU+5Gj1MFOb7rU6sDE
Qjb71AmJWHNRK0L2KHkoWUm/AzgSXpCLp/iQKgNedWuZO5HNrg5Rvg4beQvmrJqi
xjTHN5aPxIkHP8pxeoEGOuFxTF8NSbWdI1H6r7srCp1yvthx6IjyepGjmGxehxZz
nu5jF97iU1LGKX/HspzPK/03Myy0FuneaK9x1wZIdxe7T3pG/1cXEKNLIQN5PPry
1bs=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:57:58 2025 by rpki-client