Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KQvIOulDzVwzH-I5aTT-7RJQOFE.roa
File: KQvIOulDzVwzH-I5aTT-7RJQOFE.roa (raw, json)
Hash identifier: AIgXJ7BIu2YvSqbD8yOVMp1FywkOkN4tMULCQx6p3hU=
Subject key identifier: 29:0B:C8:3A:E9:43:CD:5C:33:1F:E2:39:69:34:FE:ED:12:50:38:51
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA458F84FED351E612218C039E8A9418D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KQvIOulDzVwzH-I5aTT-7RJQOFE.roa
Signing time: Mon 06 Nov 2023 11:16:16 +0000
ROA not before: Mon 06 Nov 2023 11:16:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:58:f8:4f:ed:35:1e:61:22:18:c0:39:e8:a9:41:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 11:16:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=290bc83ae943cd5c331fe2396934feed12503851
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:55:3a:51:33:8f:b5:7b:70:90:56:c0:06:31:
56:38:5a:3a:88:d9:0c:ec:fb:03:cc:7d:58:47:c4:
0f:37:84:e2:c8:19:d0:88:a8:14:e2:43:77:4d:bb:
2a:29:6d:39:50:96:47:b6:38:21:48:fd:05:06:0e:
d7:f1:87:33:89:a7:31:4f:0c:68:09:8e:c3:7f:9e:
4c:06:b4:55:84:5c:f9:6f:58:8c:bf:05:89:d1:84:
31:37:38:10:82:33:dc:84:94:dc:81:de:80:aa:af:
1e:0d:54:b5:6d:5b:ec:e9:df:95:82:8d:f8:a3:3d:
2b:dd:74:ab:21:a3:e7:42:a9:8c:e4:53:e2:4a:02:
d8:0c:ad:41:b2:d7:7a:bd:ea:7a:b9:3c:58:d9:1c:
10:6b:37:d8:3a:38:6d:30:8c:62:9b:51:93:d4:57:
49:55:32:ee:a9:a1:c8:00:de:85:96:cd:02:21:66:
3b:7b:be:0d:29:c8:34:97:18:9c:f9:57:06:57:2f:
60:cb:74:02:dc:da:9b:c1:dc:c5:6b:ac:1e:b9:cc:
0f:5c:f1:ae:b4:01:a5:c2:ca:7f:10:eb:4c:0c:0c:
17:fe:77:40:42:49:c6:47:28:0e:5c:f6:a7:9c:74:
9d:0e:92:54:e8:4e:47:8d:e0:a9:3e:72:bc:bc:87:
1a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0B:C8:3A:E9:43:CD:5C:33:1F:E2:39:69:34:FE:ED:12:50:38:51
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KQvIOulDzVwzH-I5aTT-7RJQOFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:a7:50:da:5b:06:a1:db:a1:c8:33:4b:3c:ae:e1:b4:5b:3e:
a0:65:dc:e0:7d:52:e4:7c:5b:ea:86:2d:55:1c:95:04:11:fb:
53:d5:b9:6e:36:a1:04:4c:d6:06:71:ec:30:ae:58:94:74:9c:
05:9f:89:54:8e:c5:03:b8:83:37:0c:c0:9d:ae:ca:05:1f:50:
c7:d0:e8:44:73:22:e9:20:cb:9f:b7:15:37:17:05:84:77:67:
64:f9:e4:46:ad:61:34:e2:92:14:07:fa:89:36:20:47:cc:dd:
f3:0f:78:61:6f:ce:9d:50:2c:b4:fd:c4:b9:6f:da:5a:a4:bc:
1f:22:73:02:76:38:20:cb:f5:22:12:b2:1b:1f:6d:e7:7f:cd:
af:d2:f3:36:95:bb:bd:b4:92:d9:7a:f0:8e:47:ae:ca:6c:2a:
ad:f9:be:02:49:53:02:1f:64:d9:2e:37:9b:9a:ee:fc:b6:86:
5b:9b:b8:cf:63:9f:42:c1:32:0e:a5:df:c5:7e:87:5f:7a:6a:
2a:17:db:ca:c3:f1:99:73:e2:b5:58:63:7f:ca:6b:c1:fd:1a:
76:a1:cc:cd:63:2f:5e:ee:1b:9c:29:5f:a9:e6:b7:23:c8:47:
17:f1:e6:b4:a5:dd:7c:55:51:3b:77:79:2c:92:b3:d1:f2:61:
01:6c:f8:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYukWPhP7TUeYSIYwDnoqUGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MTExNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTBiYzgzYWU5NDNjZDVjMzMxZmUyMzk2OTM0ZmVlZDEyNTAzODUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFU6UTOPtXtwkFbABjFWOFo6iNkM
7PsDzH1YR8QPN4TiyBnQiKgU4kN3TbsqKW05UJZHtjghSP0FBg7X8YcziacxTwxo
CY7Df55MBrRVhFz5b1iMvwWJ0YQxNzgQgjPchJTcgd6Aqq8eDVS1bVvs6d+Vgo34
oz0r3XSrIaPnQqmM5FPiSgLYDK1Bstd6vep6uTxY2RwQazfYOjhtMIxim1GT1FdJ
VTLuqaHIAN6Fls0CIWY7e74NKcg0lxic+VcGVy9gy3QC3NqbwdzFa6weucwPXPGu
tAGlwsp/EOtMDAwX/ndAQknGRygOXPannHSdDpJU6E5HjeCpPnK8vIcavwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCkLyDrpQ81cMx/iOWk0/u0SUDhRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS1F2SU91bER6Vnd6SC1JNWFUVC03UkpRT0ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGqnUNpbBqHbocgzSzyu
4bRbPqBl3OB9UuR8W+qGLVUclQQR+1PVuW42oQRM1gZx7DCuWJR0nAWfiVSOxQO4
gzcMwJ2uygUfUMfQ6ERzIukgy5+3FTcXBYR3Z2T55EatYTTikhQH+ok2IEfM3fMP
eGFvzp1QLLT9xLlv2lqkvB8icwJ2OCDL9SISshsfbed/za/S8zaVu720ktl68I5H
rspsKq35vgJJUwIfZNkuN5ua7vy2hlubuM9jn0LBMg6l38V+h196aioX28rD8Zlz
4rVYY3/Ka8H9GnahzM1jL17uG5wpX6nmtyPIRxfx5rSl3XxVUTt3eSySs9HyYQFs
+Ks=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:49:36 2025 by rpki-client