Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5JQVJyKXw3vTAY8oB9SbjoVZhe0.roa
File: 5JQVJyKXw3vTAY8oB9SbjoVZhe0.roa (raw, json)
Hash identifier: yk63EfCvRFJyrEYMl3BsiTQXHAtKXmY79SeDFx3fHcA=
Subject key identifier: E4:94:15:27:22:97:C3:7B:D3:01:8F:28:07:D4:9B:8E:85:59:85:ED
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC002493499306D17B7D6F226EB1C2D21
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5JQVJyKXw3vTAY8oB9SbjoVZhe0.roa
Signing time: Sat 11 Nov 2023 20:10:57 +0000
ROA not before: Sat 11 Nov 2023 20:10:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c0:02:49:34:99:30:6d:17:b7:d6:f2:26:eb:1c:2d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 20:10:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e49415272297c37bd3018f2807d49b8e855985ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:15:eb:08:1c:1e:e7:02:f8:27:f1:2b:37:77:
14:68:31:cc:6c:58:7c:f0:3e:fd:80:ce:15:7c:df:
7f:e1:92:d5:0e:77:51:79:2b:57:0a:0b:aa:00:64:
25:d2:86:d8:a2:83:c7:10:bb:ca:1b:1e:eb:c6:b1:
83:d8:22:a1:88:dd:33:3a:0b:64:98:ff:64:9a:d9:
6b:c4:a9:c2:60:fa:d6:76:e5:33:b7:c6:9b:a2:69:
59:54:0b:89:90:cc:25:b8:60:28:fa:7e:f2:52:e3:
31:8e:4b:4a:0b:6a:f9:d8:e2:87:67:cb:b6:f8:9d:
19:89:32:5e:5e:74:5e:b2:55:e6:af:74:96:a0:cb:
8c:a9:5f:de:50:ae:ea:39:d9:7b:73:11:3c:23:89:
e8:ea:27:7c:4c:17:c9:c7:ee:fe:6f:be:e7:ba:05:
59:47:2a:74:2c:cc:42:aa:d2:b0:4e:b7:62:7a:c5:
85:9f:94:ff:c9:56:71:4c:77:3a:b4:5a:54:21:35:
d2:a9:51:c8:01:58:7f:9b:fc:94:48:d9:f0:3e:3c:
54:72:22:e7:28:0f:3e:35:46:64:93:3b:ad:c0:97:
2e:c8:ea:0c:12:f0:22:02:c7:4b:44:0e:72:2c:69:
6e:95:e7:42:44:d1:8a:6c:97:6b:7d:27:8a:be:58:
8e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:94:15:27:22:97:C3:7B:D3:01:8F:28:07:D4:9B:8E:85:59:85:ED
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/5JQVJyKXw3vTAY8oB9SbjoVZhe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:d9:cb:2d:1b:1d:b3:2e:9e:33:a5:67:77:d2:6d:42:1a:96:
fa:c6:dc:df:38:8b:0e:78:9b:8c:fe:65:18:70:0e:b2:44:2f:
2f:97:30:f7:d0:44:70:18:76:e1:9f:0b:87:30:55:b1:da:e3:
1a:a6:e4:90:3b:c9:d6:68:b3:0e:58:20:84:7b:9d:72:74:70:
d2:ed:cc:3c:6c:bb:59:0f:b6:46:6c:01:62:58:88:fb:e1:e0:
32:be:6a:8a:b2:2f:fe:2c:3d:3b:2b:6b:f6:02:49:35:11:21:
ef:0c:e6:dd:14:35:d7:36:10:e3:3b:72:f5:b9:d6:2e:c4:c5:
0a:13:26:5f:4e:f4:13:cb:79:fb:9e:0d:92:91:30:b2:4c:5c:
9d:a2:b9:77:cf:8a:e3:b3:ff:8a:e3:2c:ae:da:79:8c:29:48:
aa:76:f3:0a:5e:1c:77:de:6f:cf:1b:0c:f3:09:09:ba:f5:00:
60:51:9f:63:d2:f3:d5:13:bf:e1:9d:09:ae:25:67:b0:b1:b6:
dc:16:bc:38:b9:36:27:20:14:d6:29:a2:db:65:d7:df:ab:89:
3d:99:95:2c:3a:17:d3:3a:44:11:a2:4e:f0:7a:73:94:7b:68:
7a:8d:c6:b9:1c:55:86:cb:3a:24:aa:20:b9:51:20:d0:94:df:
43:90:bb:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvAAkk0mTBtF7fW8ibrHC0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMjAxMDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDk0MTUyNzIyOTdjMzdiZDMwMThmMjgwN2Q0OWI4ZTg1NTk4NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhXrCBwe5wL4J/ErN3cUaDHMbFh8
8D79gM4VfN9/4ZLVDndReStXCguqAGQl0obYooPHELvKGx7rxrGD2CKhiN0zOgtk
mP9kmtlrxKnCYPrWduUzt8abomlZVAuJkMwluGAo+n7yUuMxjktKC2r52OKHZ8u2
+J0ZiTJeXnReslXmr3SWoMuMqV/eUK7qOdl7cxE8I4no6id8TBfJx+7+b77nugVZ
Ryp0LMxCqtKwTrdiesWFn5T/yVZxTHc6tFpUITXSqVHIAVh/m/yUSNnwPjxUciLn
KA8+NUZkkzutwJcuyOoMEvAiAsdLRA5yLGluledCRNGKbJdrfSeKvliOAwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOSUFScil8N70wGPKAfUm46FWYXtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvNUpRVkp5S1h3M3ZUQVk4b0I5U2Jqb1ZaaGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJvZyy0bHbMunjOlZ3fS
bUIalvrG3N84iw54m4z+ZRhwDrJELy+XMPfQRHAYduGfC4cwVbHa4xqm5JA7ydZo
sw5YIIR7nXJ0cNLtzDxsu1kPtkZsAWJYiPvh4DK+aoqyL/4sPTsra/YCSTURIe8M
5t0UNdc2EOM7cvW51i7ExQoTJl9O9BPLefueDZKRMLJMXJ2iuXfPiuOz/4rjLK7a
eYwpSKp28wpeHHfeb88bDPMJCbr1AGBRn2PS89UTv+GdCa4lZ7CxttwWvDi5Nicg
FNYpottl19+riT2ZlSw6F9M6RBGiTvB6c5R7aHqNxrkcVYbLOiSqILlRINCU30OQ
uyg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:22:40 2025 by rpki-client