Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MqoDWMjESZTEMuxZOZTrNE7Mg-A.roa
File: MqoDWMjESZTEMuxZOZTrNE7Mg-A.roa (raw, json)
Hash identifier: ZwlbtgOgDsGVg3sXXY2M8s9JGQlnCpS4zJ3v8zBrTP0=
Subject key identifier: 32:AA:03:58:C8:C4:49:94:C4:32:EC:59:39:94:EB:34:4E:CC:83:E0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFDD3BD4C75FB6DFE96750877F6DC2434
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MqoDWMjESZTEMuxZOZTrNE7Mg-A.roa
Signing time: Thu 23 Nov 2023 20:16:33 +0000
ROA not before: Thu 23 Nov 2023 20:16:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fd:d3:bd:4c:75:fb:6d:fe:96:75:08:77:f6:dc:24:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 23 20:16:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32aa0358c8c44994c432ec593994eb344ecc83e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cb:4e:52:27:89:3c:72:ae:2f:c9:14:77:2a:
c6:6b:0f:0d:07:2b:b8:f0:f4:29:78:35:42:1f:0d:
82:a5:9e:62:a6:fd:cb:9c:44:96:8d:54:32:4c:4d:
82:b4:ee:60:6b:90:a8:49:b7:15:f5:08:35:00:3c:
d5:7e:e4:64:77:ca:2f:d6:a4:4b:a4:02:d6:c9:65:
34:f1:5d:63:16:ca:3f:83:32:f1:63:9c:89:1c:c7:
ee:26:92:1d:cc:3d:95:46:3b:81:3a:18:a0:02:12:
85:f3:9c:92:d2:e7:83:3c:f3:65:61:fa:3c:58:08:
3f:90:50:b1:69:8f:6a:1a:54:07:c9:b9:95:ea:dd:
97:20:16:01:70:9e:c1:5c:71:4f:3a:f0:2a:b2:ed:
1a:05:fa:ff:ee:ee:00:c4:4a:19:27:21:0a:b3:52:
4d:eb:46:cd:e8:4d:76:0f:85:9b:d1:1e:77:27:78:
cb:b4:07:8a:13:a4:82:34:28:96:b1:a9:2f:ad:55:
ad:49:c0:22:a1:37:6c:5c:b9:a7:1f:3e:32:f0:16:
2d:44:d6:fd:98:dd:2a:06:88:f2:8b:fc:fe:b3:72:
26:01:c3:ad:6d:0c:b9:4a:2a:50:f9:06:c4:cb:48:
91:c3:5d:1b:23:9c:7b:06:f7:58:a4:b0:63:18:e8:
75:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AA:03:58:C8:C4:49:94:C4:32:EC:59:39:94:EB:34:4E:CC:83:E0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/MqoDWMjESZTEMuxZOZTrNE7Mg-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:08:3b:c8:bd:52:85:8d:89:11:af:1c:b4:b7:17:97:4c:a9:
cf:f2:3e:69:47:ee:c0:21:22:72:9b:20:0f:a0:7f:0e:0b:25:
ca:d8:6c:8c:8a:7c:1c:95:bf:16:cb:18:ff:2a:f4:11:2e:e7:
e1:5a:81:b6:6b:70:62:f4:9f:56:36:09:9a:cc:49:29:b5:1d:
70:68:65:3c:e1:81:7c:0a:6d:3a:8e:77:96:52:a4:eb:9d:b0:
61:7a:45:c1:7e:ae:93:e4:35:ca:67:62:cc:82:27:b9:35:62:
77:d4:e8:5e:a0:03:29:65:0c:29:78:3c:06:e3:22:d3:0b:eb:
49:d4:f9:99:c0:98:d4:96:02:4c:ad:ef:4e:d1:6d:74:e5:a7:
13:8a:c5:5f:f6:9c:a4:81:14:f2:85:09:37:1f:59:99:6e:22:
cf:91:2f:eb:c2:e1:3d:9c:e2:ae:5a:4e:f9:77:56:8e:fc:b3:
aa:9c:83:e6:0f:ff:df:ce:70:8f:79:c3:4a:6b:42:2d:2d:a2:
4b:5d:eb:9b:d4:67:29:92:49:b7:1d:d6:79:96:91:b8:75:67:
6e:07:02:76:4d:b7:b2:02:43:8e:07:f3:38:24:bf:dc:db:4d:
0d:b2:f8:7f:2f:04:75:d7:8d:be:06:39:bf:0e:a8:97:f9:45:
1e:c1:0f:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv9071Mdftt/pZ1CHf23CQ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIzMjAxNjMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFhMDM1OGM4YzQ0OTk0YzQzMmVjNTkzOTk0ZWIzNDRlY2M4M2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArstOUieJPHKuL8kUdyrGaw8NByu4
8PQpeDVCHw2CpZ5ipv3LnESWjVQyTE2CtO5ga5CoSbcV9Qg1ADzVfuRkd8ov1qRL
pALWyWU08V1jFso/gzLxY5yJHMfuJpIdzD2VRjuBOhigAhKF85yS0ueDPPNlYfo8
WAg/kFCxaY9qGlQHybmV6t2XIBYBcJ7BXHFPOvAqsu0aBfr/7u4AxEoZJyEKs1JN
60bN6E12D4Wb0R53J3jLtAeKE6SCNCiWsakvrVWtScAioTdsXLmnHz4y8BYtRNb9
mN0qBojyi/z+s3ImAcOtbQy5SipQ+QbEy0iRw10bI5x7BvdYpLBjGOh1FwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDKqA1jIxEmUxDLsWTmU6zROzIPgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvTXFvRFdNakVTWlRFTXV4Wk9aVHJORTdNZy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGcIO8i9UoWNiRGvHLS3
F5dMqc/yPmlH7sAhInKbIA+gfw4LJcrYbIyKfByVvxbLGP8q9BEu5+FagbZrcGL0
n1Y2CZrMSSm1HXBoZTzhgXwKbTqOd5ZSpOudsGF6RcF+rpPkNcpnYsyCJ7k1YnfU
6F6gAyllDCl4PAbjItML60nU+ZnAmNSWAkyt707RbXTlpxOKxV/2nKSBFPKFCTcf
WZluIs+RL+vC4T2c4q5aTvl3Vo78s6qcg+YP/9/OcI95w0prQi0toktd65vUZymS
Sbcd1nmWkbh1Z24HAnZNt7ICQ44H8zgkv9zbTQ2y+H8vBHXXjb4GOb8OqJf5RR7B
Dzk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:36:08 2025 by rpki-client