Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QO0Ob_kubRc2nxRaabXsvNC78HU.roa
File: QO0Ob_kubRc2nxRaabXsvNC78HU.roa (raw, json)
Hash identifier: Kcfq8ykBxIv+K+hzKMjSNTq4LgTR2GN3cnnIPtOd9iY=
Subject key identifier: 40:ED:0E:6F:F9:2E:6D:17:36:9F:14:5A:69:B5:EC:BC:D0:BB:F0:75
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B00D692698E7A100925175BDD9C08AD90
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QO0Ob_kubRc2nxRaabXsvNC78HU.roa
Signing time: Thu 05 Oct 2023 17:15:44 +0000
ROA not before: Thu 05 Oct 2023 17:15:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:d6:92:69:8e:7a:10:09:25:17:5b:dd:9c:08:ad:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 17:15:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40ed0e6ff92e6d17369f145a69b5ecbcd0bbf075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6f:6b:34:91:01:4e:46:f5:14:77:5a:cd:9f:
5a:e7:bb:34:f9:9b:bf:3e:36:52:b4:db:01:21:61:
74:40:10:82:72:6d:0d:43:bc:12:ed:32:4f:6d:fa:
4a:57:bb:d4:8c:3f:52:65:1e:ba:4f:3f:40:a8:8a:
d3:4e:d3:54:5f:19:db:0b:1d:37:dd:ee:bb:a7:72:
f1:dd:c7:61:8d:ce:59:be:87:4d:ed:0f:13:7e:01:
07:f6:e0:2c:56:1d:95:f3:66:5c:5f:44:5d:a9:0c:
82:5b:90:a1:96:2f:c2:cc:d5:b7:a8:4d:a3:13:80:
d5:ec:57:75:85:37:6a:6a:5e:3d:cb:7e:d9:89:a7:
1c:b8:58:53:1f:12:e8:25:cc:43:51:b7:e9:7e:fa:
46:a0:fd:6e:c9:8a:33:87:12:3f:7d:2c:a9:11:2f:
67:79:2c:9c:69:aa:67:fd:db:13:12:5c:89:6f:53:
4d:08:a9:7f:f0:da:3b:60:78:70:d9:45:97:17:d9:
46:5b:55:02:86:5f:b1:86:da:5b:d2:6b:f0:29:d8:
74:0d:b0:fc:c2:41:c0:d6:78:7e:15:f8:f0:bf:e3:
11:6c:d8:ac:bb:36:b7:e1:36:eb:b4:82:6e:40:54:
7c:bf:02:6f:28:f0:e9:e7:28:38:b9:d1:62:8c:46:
84:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:ED:0E:6F:F9:2E:6D:17:36:9F:14:5A:69:B5:EC:BC:D0:BB:F0:75
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QO0Ob_kubRc2nxRaabXsvNC78HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b3:03:83:75:c0:72:1e:5b:10:7f:d0:41:ad:e7:05:24:29:78:
7b:83:d8:8c:ba:66:9c:72:cc:69:70:6d:9e:46:4f:cf:91:ad:
58:6f:99:13:52:3f:e9:8a:08:d6:b9:bb:df:94:c1:b4:c9:90:
c6:01:0f:c2:1a:d7:a6:53:65:2e:4e:58:32:ce:c7:6d:d0:8c:
a7:ee:6a:e7:7e:63:c6:89:fc:25:95:aa:c5:c6:08:96:c1:cb:
74:d4:ac:9d:0d:a7:04:7b:d7:5e:80:95:13:59:a7:90:4c:4c:
f1:d1:9b:a7:16:71:3e:8c:0b:65:94:cb:95:49:f3:9c:ee:34:
b5:cc:2c:df:a6:b8:f7:47:7d:75:48:cd:d4:39:ad:9e:87:c7:
ca:e9:40:7f:5c:11:3a:de:ff:72:29:67:c1:01:5a:35:4d:3b:
8c:8c:0c:28:7b:fb:14:6f:ed:f2:ef:0a:37:38:d7:d1:ff:12:
03:24:6c:af:f3:b1:e1:dc:03:e8:6b:91:ac:12:8f:9b:cf:81:
7e:ed:4b:fe:4d:84:3d:51:63:7a:87:08:4b:14:bb:ef:07:3a:
10:e3:cb:88:65:a3:ba:90:12:17:f4:f9:e3:eb:20:ea:51:04:
6e:8a:dd:fc:4a:33:60:20:0a:2d:fe:b6:8e:f8:99:9a:7e:9e:
7e:e5:20:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsA1pJpjnoQCSUXW92cCK2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MTcxNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGVkMGU2ZmY5MmU2ZDE3MzY5ZjE0NWE2OWI1ZWNiY2QwYmJmMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu29rNJEBTkb1FHdazZ9a57s0+Zu/
PjZStNsBIWF0QBCCcm0NQ7wS7TJPbfpKV7vUjD9SZR66Tz9AqIrTTtNUXxnbCx03
3e67p3Lx3cdhjc5ZvodN7Q8TfgEH9uAsVh2V82ZcX0RdqQyCW5Chli/CzNW3qE2j
E4DV7Fd1hTdqal49y37ZiaccuFhTHxLoJcxDUbfpfvpGoP1uyYozhxI/fSypES9n
eSycaapn/dsTElyJb1NNCKl/8No7YHhw2UWXF9lGW1UChl+xhtpb0mvwKdh0DbD8
wkHA1nh+Ffjwv+MRbNisuza34TbrtIJuQFR8vwJvKPDp5yg4udFijEaEmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDtDm/5Lm0XNp8UWmm17LzQu/B1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUU8wT2Jfa3ViUmMybnhSYWFiWHN2TkM3OEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALMDg3XAch5bEH/QQa3n
BSQpeHuD2Iy6ZpxyzGlwbZ5GT8+RrVhvmRNSP+mKCNa5u9+UwbTJkMYBD8Ia16ZT
ZS5OWDLOx23QjKfuaud+Y8aJ/CWVqsXGCJbBy3TUrJ0NpwR7116AlRNZp5BMTPHR
m6cWcT6MC2WUy5VJ85zuNLXMLN+muPdHfXVIzdQ5rZ6Hx8rpQH9cETre/3IpZ8EB
WjVNO4yMDCh7+xRv7fLvCjc419H/EgMkbK/zseHcA+hrkawSj5vPgX7tS/5NhD1R
Y3qHCEsUu+8HOhDjy4hlo7qQEhf0+ePrIOpRBG6K3fxKM2AgCi3+to74mZp+nn7l
IJY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 11:09:12 2025 by rpki-client