Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Q89yWnN4U2ONeRffGTDTEGzPRfE.roa
File: Q89yWnN4U2ONeRffGTDTEGzPRfE.roa (raw, json)
Hash identifier: 9hi/fKr0JCI4kkgiV6xiuwj5qk+aDMEe6m9W6Fl1WyU=
Subject key identifier: 43:CF:72:5A:73:78:53:63:8D:79:17:DF:19:30:D3:10:6C:CF:45:F1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAFE980F252DF2161D344639AE37C7ED3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Q89yWnN4U2ONeRffGTDTEGzPRfE.roa
Signing time: Wed 08 Nov 2023 17:09:57 +0000
ROA not before: Wed 08 Nov 2023 17:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:e9:80:f2:52:df:21:61:d3:44:63:9a:e3:7c:7e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 8 17:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43cf725a737853638d7917df1930d3106ccf45f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b6:69:fb:27:34:fe:09:52:48:dc:ba:87:2a:
ca:c3:3d:ba:f4:7b:c7:89:e0:a1:ba:0c:6f:45:83:
e8:cc:1b:91:2b:af:ed:82:47:d9:6a:49:c4:a5:66:
14:c8:86:bc:e3:d9:a1:d6:3e:c2:23:23:5e:34:da:
ac:02:46:8a:2f:2d:c0:d3:ea:43:b1:a7:ed:c5:33:
cf:c5:f6:1f:d7:db:e4:a7:bc:79:74:f7:84:84:c2:
e3:37:79:8a:4d:6c:32:ac:ac:ad:13:66:e5:23:cf:
40:a7:59:aa:66:97:1b:8a:b2:d6:61:58:a6:8a:d5:
13:0e:de:7c:71:9d:67:f4:80:25:e0:e6:25:9d:ba:
f7:f3:c4:ef:22:5b:c3:76:4c:fd:85:04:84:34:c9:
0c:f8:72:af:2b:02:32:ac:a0:da:d6:24:3c:c0:71:
d0:12:cd:86:fd:30:06:28:3c:34:bb:c7:0e:e9:6d:
60:c6:02:5c:6a:1e:42:95:bc:c1:97:f2:bd:ce:ef:
f1:47:41:14:23:a8:7a:89:54:0e:80:23:8e:73:42:
c7:e1:09:c8:01:1d:ce:de:f4:e3:dd:7e:a7:0f:3e:
4b:fd:91:b0:e5:78:ff:03:a4:fd:95:89:fe:5a:11:
04:48:d6:dc:d9:ae:c5:c3:0b:9e:0f:22:2d:ef:e7:
f4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:CF:72:5A:73:78:53:63:8D:79:17:DF:19:30:D3:10:6C:CF:45:F1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Q89yWnN4U2ONeRffGTDTEGzPRfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:7f:ea:ca:5e:ee:33:b5:37:ca:07:4b:79:72:0c:d8:74:7f:
0e:20:e4:07:3a:23:17:ac:ff:0e:72:77:e1:33:6c:b4:ef:b4:
ca:b3:dd:52:76:5e:4a:22:f5:bb:2a:6c:7a:14:38:02:02:a2:
b4:64:07:8b:32:95:2e:c2:eb:15:3f:30:ef:17:de:68:07:96:
03:da:c0:4d:3e:08:1a:18:e8:6c:9e:10:35:97:05:cc:fc:e6:
a2:22:ee:d1:3b:aa:90:28:2c:7b:49:a8:4e:b8:d5:5c:2b:92:
4d:c0:34:bc:e7:f0:99:12:46:32:ca:c8:5c:1c:6d:e7:2c:41:
1c:f4:a3:7b:dc:02:22:64:90:18:b3:5b:e5:3d:e7:12:23:bf:
dc:dc:c7:9d:69:43:32:c1:98:77:12:3e:31:79:f0:3a:eb:93:
96:8d:d2:f1:75:0c:40:a0:05:1e:77:75:e7:20:a9:cb:d8:a5:
5b:c5:aa:83:d1:cd:cb:34:ec:3c:05:57:8d:f4:9e:26:47:d0:
b1:97:b4:43:b5:cd:d5:bb:23:f4:31:47:f4:55:9c:37:bc:4c:
b3:ad:75:2b:3a:60:2c:c9:56:b0:56:7e:0b:d1:4e:1a:f9:c3:
e2:44:7a:e6:84:62:60:95:15:70:0b:76:52:9d:f5:2a:c4:d2:
f2:98:e2:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuv6YDyUt8hYdNEY5rjfH7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA4MTcwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2NmNzI1YTczNzg1MzYzOGQ3OTE3ZGYxOTMwZDMxMDZjY2Y0NWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrZp+yc0/glSSNy6hyrKwz269HvH
ieChugxvRYPozBuRK6/tgkfZaknEpWYUyIa849mh1j7CIyNeNNqsAkaKLy3A0+pD
saftxTPPxfYf19vkp7x5dPeEhMLjN3mKTWwyrKytE2blI89Ap1mqZpcbirLWYVim
itUTDt58cZ1n9IAl4OYlnbr388TvIlvDdkz9hQSENMkM+HKvKwIyrKDa1iQ8wHHQ
Es2G/TAGKDw0u8cO6W1gxgJcah5ClbzBl/K9zu/xR0EUI6h6iVQOgCOOc0LH4QnI
AR3O3vTj3X6nDz5L/ZGw5Xj/A6T9lYn+WhEESNbc2a7FwwueDyIt7+f0PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEPPclpzeFNjjXkX3xkw0xBsz0XxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUTg5eVduTjRVMk9OZVJmZkdURFRFR3pQUmZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAd/6spe7jO1N8oHS3ly
DNh0fw4g5Ac6Ixes/w5yd+EzbLTvtMqz3VJ2Xkoi9bsqbHoUOAICorRkB4sylS7C
6xU/MO8X3mgHlgPawE0+CBoY6GyeEDWXBcz85qIi7tE7qpAoLHtJqE641Vwrkk3A
NLzn8JkSRjLKyFwcbecsQRz0o3vcAiJkkBizW+U95xIjv9zcx51pQzLBmHcSPjF5
8Drrk5aN0vF1DECgBR53decgqcvYpVvFqoPRzcs07DwFV430niZH0LGXtEO1zdW7
I/QxR/RVnDe8TLOtdSs6YCzJVrBWfgvRThr5w+JEeuaEYmCVFXALdlKd9SrE0vKY
4oQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:42:14 2025 by rpki-client