Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/C3qmXLEOyRVOiwF6kYxNqYoNklg.roa
File: C3qmXLEOyRVOiwF6kYxNqYoNklg.roa (raw, json)
Hash identifier: y+QcKb//wVA4ckGXzOPPnPxUSNb6dmUjEaMqZ4LOU34=
Subject key identifier: 0B:7A:A6:5C:B1:0E:C9:15:4E:8B:01:7A:91:8C:4D:A9:8A:0D:92:58
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B6FFCBC2BB0B4650CCE11815DA84A8445
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/C3qmXLEOyRVOiwF6kYxNqYoNklg.roa
Signing time: Fri 27 Oct 2023 07:15:15 +0000
ROA not before: Fri 27 Oct 2023 07:15:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6f:fc:bc:2b:b0:b4:65:0c:ce:11:81:5d:a8:4a:84:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 27 07:15:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b7aa65cb10ec9154e8b017a918c4da98a0d9258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:54:96:38:3d:86:ca:f8:6f:b8:57:4b:70:01:
8b:b4:25:c1:04:1e:cb:18:f3:a5:a9:d8:47:ca:c7:
d5:6c:e9:39:08:76:9f:3c:0e:4a:69:28:53:dd:ce:
56:d5:a1:e7:67:8c:bc:b1:6b:46:ac:78:ca:ca:ab:
27:17:94:d9:a7:05:6b:54:0c:9f:6f:3d:49:d5:57:
b8:57:07:68:fc:65:ba:d0:df:22:c2:27:02:1a:a9:
e9:70:2e:93:fe:50:22:c1:83:d2:60:e3:cb:71:e1:
f3:93:14:69:45:d9:4d:fc:bd:4a:9a:ad:ac:4e:68:
90:d7:97:c9:6e:33:0b:fe:93:a6:7e:62:aa:43:99:
1d:2d:09:ff:6d:e9:65:1d:5a:23:41:d0:dd:c5:e6:
26:ae:f9:f0:bf:03:a1:c1:9b:aa:db:49:f9:88:a6:
07:1a:47:2c:02:57:ce:6d:a9:9c:23:5a:bb:ad:13:
3b:a3:b4:cd:50:e8:3d:b7:ce:e2:d9:cf:2d:16:ba:
0f:9a:91:cb:a8:bd:d9:a9:1e:b8:19:d5:2b:a6:ec:
03:16:67:ec:23:04:78:ec:21:07:0b:92:9f:aa:7e:
92:61:b8:b6:ef:30:01:a7:de:e5:ae:34:24:66:d0:
12:cf:7c:d0:d6:19:fa:1d:ef:30:fb:d5:40:77:92:
45:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7A:A6:5C:B1:0E:C9:15:4E:8B:01:7A:91:8C:4D:A9:8A:0D:92:58
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/C3qmXLEOyRVOiwF6kYxNqYoNklg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
cb:02:1e:59:ab:94:35:d2:4c:5a:1f:e9:91:01:02:34:2f:bd:
9a:87:72:c8:b7:ce:da:e6:64:10:74:17:da:fb:14:b0:ed:66:
58:1f:6a:36:1a:f7:ec:ec:63:ce:e0:2c:b4:4b:87:12:ad:e8:
43:30:99:d8:c7:33:24:56:2a:7a:cd:8c:d4:b0:5f:21:eb:c3:
5a:c7:e1:8a:c1:2a:59:65:2b:48:c5:34:5f:9e:69:2e:c8:55:
0c:02:19:2e:db:d6:3e:e1:d4:46:65:95:14:b3:36:75:b5:6e:
c0:3b:05:70:30:b4:d6:d2:f9:9a:ff:48:da:03:f6:45:a5:f1:
81:cd:5f:8b:5b:79:80:23:22:b5:ad:50:16:fe:5d:5c:8e:2f:
91:8b:d4:94:3f:3b:1f:01:59:07:e3:d3:77:eb:57:6f:4b:79:
4d:ad:25:dc:b2:fd:84:79:f0:1d:96:2d:84:d6:d1:d1:fd:b0:
ee:76:e5:5c:29:90:2c:2c:34:b3:37:26:7c:06:44:33:e6:2e:
24:5f:b5:ca:c9:0b:c4:36:24:2c:b3:9e:cb:2e:9d:a3:05:f4:
63:66:5c:06:38:0c:83:83:12:97:a4:a8:0c:ac:79:d9:c7:0d:
84:e3:36:62:e3:0a:b4:c6:34:1c:b0:51:cc:22:8e:02:26:7c:
c8:26:a9:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtv/LwrsLRlDM4RgV2oSoRFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI3MDcxNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjdhYTY1Y2IxMGVjOTE1NGU4YjAxN2E5MThjNGRhOThhMGQ5MjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVSWOD2GyvhvuFdLcAGLtCXBBB7L
GPOlqdhHysfVbOk5CHafPA5KaShT3c5W1aHnZ4y8sWtGrHjKyqsnF5TZpwVrVAyf
bz1J1Ve4Vwdo/GW60N8iwicCGqnpcC6T/lAiwYPSYOPLceHzkxRpRdlN/L1Kmq2s
TmiQ15fJbjML/pOmfmKqQ5kdLQn/bellHVojQdDdxeYmrvnwvwOhwZuq20n5iKYH
GkcsAlfObamcI1q7rRM7o7TNUOg9t87i2c8tFroPmpHLqL3ZqR64GdUrpuwDFmfs
IwR47CEHC5Kfqn6SYbi27zABp97lrjQkZtASz3zQ1hn6He8w+9VAd5JFzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAt6plyxDskVTosBepGMTamKDZJYMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQzNxbVhMRU95UlZPaXdGNmtZeE5xWW9Oa2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMsCHlmrlDXSTFof6ZEB
AjQvvZqHcsi3ztrmZBB0F9r7FLDtZlgfajYa9+zsY87gLLRLhxKt6EMwmdjHMyRW
KnrNjNSwXyHrw1rH4YrBKlllK0jFNF+eaS7IVQwCGS7b1j7h1EZllRSzNnW1bsA7
BXAwtNbS+Zr/SNoD9kWl8YHNX4tbeYAjIrWtUBb+XVyOL5GL1JQ/Ox8BWQfj03fr
V29LeU2tJdyy/YR58B2WLYTW0dH9sO525VwpkCwsNLM3JnwGRDPmLiRftcrJC8Q2
JCyznssunaMF9GNmXAY4DIODEpekqAysednHDYTjNmLjCrTGNBywUcwijgImfMgm
qZg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:49:38 2025 by rpki-client