Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Q7OCoINaMn3LNIjLYxZcaupF6w4.roa
File: Q7OCoINaMn3LNIjLYxZcaupF6w4.roa (raw, json)
Hash identifier: 2C40zEDaq1oYjqvq5kgeepEFax3uaARVlQgkjjO3FcE=
Subject key identifier: 43:B3:82:A0:83:5A:32:7D:CB:34:88:CB:63:16:5C:6A:EA:45:EB:0E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6461E4EC5478E109013376B6622D887F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Q7OCoINaMn3LNIjLYxZcaupF6w4.roa
Signing time: Wed 13 Dec 2023 18:13:06 +0000
ROA not before: Wed 13 Dec 2023 18:13:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:61:e4:ec:54:78:e1:09:01:33:76:b6:62:2d:88:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 18:13:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43b382a0835a327dcb3488cb63165c6aea45eb0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ad:eb:b4:29:63:5e:12:30:3a:aa:67:49:62:
1a:17:9d:8e:24:8b:34:66:8e:bb:49:1b:c0:d2:99:
8c:30:a8:ee:a9:42:d3:51:42:40:13:39:b6:fd:4c:
6e:de:cc:ee:9f:71:7e:9a:bb:a2:72:83:5e:0e:e9:
0c:de:d8:f2:71:5f:5e:6b:51:e4:4c:c0:39:0b:2d:
2e:64:6d:39:fa:f7:d6:c8:dc:14:de:16:57:bf:5e:
4d:01:d6:de:ef:a3:6b:93:17:a6:ec:3d:3f:41:b4:
42:af:36:f0:0f:00:6e:33:84:15:13:13:9d:ea:f3:
b5:f2:9e:0e:a8:ae:f9:7d:ff:4c:b7:6b:a7:b1:a3:
9d:30:17:cf:2d:32:15:34:d0:95:c7:b9:6c:9a:45:
4e:8b:f4:61:cd:1f:14:52:74:9f:ea:d3:b2:84:d1:
f8:40:0b:49:aa:b0:24:0c:82:33:fb:d4:7c:65:2f:
9e:bb:5d:ff:86:d4:db:e1:36:f6:c9:c1:f0:bb:3c:
43:b3:a4:18:f8:6d:dd:33:ed:86:d6:32:d0:41:72:
b0:55:79:c2:ce:03:12:5b:d6:17:4b:db:2d:c1:fa:
0d:83:0b:ae:83:09:24:0c:f7:be:b1:ed:01:de:2d:
8a:ba:a9:62:86:3b:bb:3c:0e:f3:43:eb:a7:d3:b3:
c7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:B3:82:A0:83:5A:32:7D:CB:34:88:CB:63:16:5C:6A:EA:45:EB:0E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Q7OCoINaMn3LNIjLYxZcaupF6w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:ea:67:37:b9:e6:f9:bb:2d:c2:de:50:6c:c7:d5:90:c2:48:
94:2d:18:ea:97:a6:4e:71:ef:e9:af:2a:9e:60:7c:40:53:2a:
48:3c:31:61:20:a2:02:ab:99:b0:45:9b:c8:88:c2:d8:32:fb:
d4:e7:b2:3a:7c:ba:2b:b7:b9:d0:f9:47:c5:94:17:6c:be:70:
0f:c7:9f:d9:e4:64:88:47:da:12:c0:7d:49:5b:04:36:37:7d:
ef:4a:bb:59:2e:ed:54:dc:7a:32:a3:f3:6c:4b:2c:20:56:ba:
df:b4:ac:af:79:43:0a:08:06:a5:9b:f7:13:e5:3f:6e:b8:a7:
22:ca:25:19:cd:da:90:fc:c2:9b:fc:23:29:37:e1:42:a9:75:
60:47:ff:8c:87:e4:a5:b1:9b:0f:2d:59:a6:29:6a:94:39:9e:
90:8c:7e:4f:1b:a6:c7:24:3a:35:1d:9a:b3:72:e9:fb:be:e5:
06:90:1b:57:fa:22:15:f4:a8:75:c3:87:56:de:82:5b:9b:3f:
4c:31:d4:a6:2c:41:36:14:e8:4e:15:55:ab:d5:47:19:6e:5e:
8b:2f:4d:3f:b8:c0:61:59:51:a2:dc:1a:66:ee:43:f5:b2:ed:
af:25:53:9e:9b:ef:3a:78:36:d2:17:c5:b7:6f:b2:2b:b2:d3:
13:11:55:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxkYeTsVHjhCQEzdrZiLYh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMTgxMzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2IzODJhMDgzNWEzMjdkY2IzNDg4Y2I2MzE2NWM2YWVhNDVlYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsK3rtCljXhIwOqpnSWIaF52OJIs0
Zo67SRvA0pmMMKjuqULTUUJAEzm2/Uxu3szun3F+mruicoNeDukM3tjycV9ea1Hk
TMA5Cy0uZG05+vfWyNwU3hZXv15NAdbe76Nrkxem7D0/QbRCrzbwDwBuM4QVExOd
6vO18p4OqK75ff9Mt2unsaOdMBfPLTIVNNCVx7lsmkVOi/RhzR8UUnSf6tOyhNH4
QAtJqrAkDIIz+9R8ZS+eu13/htTb4Tb2ycHwuzxDs6QY+G3dM+2G1jLQQXKwVXnC
zgMSW9YXS9stwfoNgwuugwkkDPe+se0B3i2Kuqlihju7PA7zQ+un07PHhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEOzgqCDWjJ9yzSIy2MWXGrqResOMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUTdPQ29JTmFNbjNMTklqTFl4WmNhdXBGNnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGjqZze55vm7LcLeUGzH
1ZDCSJQtGOqXpk5x7+mvKp5gfEBTKkg8MWEgogKrmbBFm8iIwtgy+9Tnsjp8uiu3
udD5R8WUF2y+cA/Hn9nkZIhH2hLAfUlbBDY3fe9Ku1ku7VTcejKj82xLLCBWut+0
rK95QwoIBqWb9xPlP264pyLKJRnN2pD8wpv8Iyk34UKpdWBH/4yH5KWxmw8tWaYp
apQ5npCMfk8bpsckOjUdmrNy6fu+5QaQG1f6IhX0qHXDh1beglubP0wx1KYsQTYU
6E4VVavVRxluXosvTT+4wGFZUaLcGmbuQ/Wy7a8lU56b7zp4NtIXxbdvsiuy0xMR
VUE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:46:41 2025 by rpki-client