Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QM4Bz7o1bKZFuiQR0LrYWaLKZlw.roa
File: QM4Bz7o1bKZFuiQR0LrYWaLKZlw.roa (raw, json)
Hash identifier: CJH6o+cMrbWW+2RvG4JB6gf9Xa1mNq8I4BZjoEC8H6U=
Subject key identifier: 40:CE:01:CF:BA:35:6C:A6:45:BA:24:11:D0:BA:D8:59:A2:CA:66:5C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BF5E13EA0FFBEA8CDC4C94598D0B92DAA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QM4Bz7o1bKZFuiQR0LrYWaLKZlw.roa
Signing time: Wed 22 Nov 2023 07:14:21 +0000
ROA not before: Wed 22 Nov 2023 07:14:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f5:e1:3e:a0:ff:be:a8:cd:c4:c9:45:98:d0:b9:2d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 22 07:14:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40ce01cfba356ca645ba2411d0bad859a2ca665c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ac:fb:d9:fc:5c:80:65:81:86:2e:39:c0:74:
35:76:40:b6:df:54:47:8a:6b:d7:7c:94:e6:de:0b:
af:54:0e:09:ef:ed:ff:e9:20:86:51:0e:e1:c1:41:
77:65:9a:33:9d:0e:ac:f1:0c:70:3d:52:86:32:1c:
27:71:a0:bf:fe:d9:03:39:d2:99:40:e7:cf:b0:a0:
33:2d:9c:19:30:98:64:c5:1c:52:c1:08:e3:92:af:
29:8a:d1:dc:93:03:57:75:41:b9:b4:81:39:8f:36:
1d:d5:94:a6:42:e6:85:d7:02:4e:8b:35:87:77:a2:
31:a9:f1:d5:0f:28:81:0f:86:d1:75:e9:e2:ce:79:
5d:17:f8:db:75:fa:fe:e8:53:54:1f:b0:98:a4:5a:
cb:d8:13:95:0e:e4:53:0b:89:db:ec:fb:ee:50:97:
62:80:8d:f8:44:d3:8d:65:5f:d7:f0:08:ae:e9:9a:
e4:99:a5:61:fd:09:dd:24:2a:65:c9:4f:ce:6c:f4:
ec:55:99:ab:53:c7:3f:57:f9:23:8c:74:8b:48:ec:
11:ba:9b:52:21:df:30:5b:c0:9f:35:96:69:b7:d7:
6b:e0:dc:ce:93:90:db:e3:76:6e:05:56:ee:e5:a8:
4b:37:da:b2:83:bd:2c:3e:cf:bd:24:6a:d6:e8:5b:
de:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CE:01:CF:BA:35:6C:A6:45:BA:24:11:D0:BA:D8:59:A2:CA:66:5C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QM4Bz7o1bKZFuiQR0LrYWaLKZlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:af:d2:fa:e2:58:58:3a:2b:ef:41:ae:40:e1:17:f8:4d:e0:
92:28:f2:85:a8:3a:5b:e5:ff:10:11:a6:2b:20:24:44:0d:9a:
a4:af:7f:07:8f:dd:67:9a:d6:59:57:98:56:30:7d:5e:08:01:
5a:6b:bb:3b:d0:8b:f6:bf:7f:a8:9f:51:7f:11:4c:7e:b4:25:
93:7a:27:04:88:55:0e:96:f7:39:df:04:b2:e3:e2:40:16:31:
1c:35:d2:49:aa:ab:4c:89:1f:89:db:a2:b7:f3:72:f9:d4:7f:
a1:3d:d4:cd:de:ab:0c:b2:3b:ba:db:ac:ea:e2:66:96:d3:12:
f6:32:24:a9:69:c0:54:91:77:a3:b6:d4:88:6f:cb:e3:a1:85:
87:b9:d8:3a:b4:00:96:67:70:41:b1:4e:8a:65:a7:8c:9f:48:
1e:d1:83:da:3d:53:df:ba:0c:95:86:b0:60:58:40:5c:f2:a6:
09:72:b0:0e:ea:9e:bb:16:1f:9a:89:0b:01:f8:cd:de:d8:b3:
73:e9:d4:04:5c:7b:75:a1:8d:8c:bf:ab:32:52:55:bf:62:9d:
9b:ad:4a:00:e2:a2:7e:b6:f3:3e:17:8e:64:40:16:4a:41:5b:
b5:5b:18:1a:29:44:d7:77:bf:51:ec:24:ae:e1:18:4e:90:84:
8d:f3:9d:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv14T6g/76ozcTJRZjQuS2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIyMDcxNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGNlMDFjZmJhMzU2Y2E2NDViYTI0MTFkMGJhZDg1OWEyY2E2NjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKz72fxcgGWBhi45wHQ1dkC231RH
imvXfJTm3guvVA4J7+3/6SCGUQ7hwUF3ZZoznQ6s8QxwPVKGMhwncaC//tkDOdKZ
QOfPsKAzLZwZMJhkxRxSwQjjkq8pitHckwNXdUG5tIE5jzYd1ZSmQuaF1wJOizWH
d6IxqfHVDyiBD4bRdeniznldF/jbdfr+6FNUH7CYpFrL2BOVDuRTC4nb7PvuUJdi
gI34RNONZV/X8Aiu6ZrkmaVh/QndJCplyU/ObPTsVZmrU8c/V/kjjHSLSOwRuptS
Id8wW8CfNZZpt9dr4NzOk5Db43ZuBVbu5ahLN9qyg70sPs+9JGrW6FveEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDOAc+6NWymRbokEdC62FmiymZcMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUU00Qno3bzFiS1pGdWlRUjBMcllXYUxLWmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAByv0vriWFg6K+9BrkDh
F/hN4JIo8oWoOlvl/xARpisgJEQNmqSvfweP3Wea1llXmFYwfV4IAVpruzvQi/a/
f6ifUX8RTH60JZN6JwSIVQ6W9znfBLLj4kAWMRw10kmqq0yJH4nborfzcvnUf6E9
1M3eqwyyO7rbrOriZpbTEvYyJKlpwFSRd6O21Ihvy+OhhYe52Dq0AJZncEGxTopl
p4yfSB7Rg9o9U9+6DJWGsGBYQFzypglysA7qnrsWH5qJCwH4zd7Ys3Pp1ARce3Wh
jYy/qzJSVb9inZutSgDion628z4XjmRAFkpBW7VbGBopRNd3v1HsJK7hGE6QhI3z
nUY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:33:33 2025 by rpki-client