Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QOCvPtJHv_tUJJJodl-tQpFg7F0.roa
File: QOCvPtJHv_tUJJJodl-tQpFg7F0.roa (raw, json)
Hash identifier: LIiRo5p03CvZoLYHh4Omn94XqybHw2L2xysu/Wg5Ybc=
Subject key identifier: 40:E0:AF:3E:D2:47:BF:FB:54:24:92:68:76:5F:AD:42:91:60:EC:5D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABE88658ABCFFEDBDFCE2DCF0141397AE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QOCvPtJHv_tUJJJodl-tQpFg7F0.roa
Signing time: Fri 22 Sep 2023 20:15:24 +0000
ROA not before: Fri 22 Sep 2023 20:15:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:be:88:65:8a:bc:ff:ed:bd:fc:e2:dc:f0:14:13:97:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 20:15:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40e0af3ed247bffb54249268765fad429160ec5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3a:1d:06:19:2f:3b:3c:08:53:bf:36:9e:24:
70:fb:66:30:77:cb:c2:3f:6b:d6:76:35:ad:40:6f:
89:37:c4:88:da:00:2c:36:7c:03:04:f8:bd:e4:7b:
ba:01:d2:e6:c1:fb:d1:68:24:f2:57:33:9f:be:dd:
7b:0a:cd:ea:ce:a2:c2:b8:4c:48:6f:05:d2:a7:5c:
66:a1:44:86:91:8f:bf:ec:14:7a:f6:bb:0f:39:8c:
ed:05:1f:c4:3c:3a:e6:24:9f:82:3f:21:0d:90:c6:
96:9f:98:0d:02:6f:3e:b9:ef:01:03:2d:83:9e:a7:
05:bf:11:4a:f5:e1:34:b2:94:50:92:c1:fc:53:5b:
e9:2a:07:1a:75:03:94:0f:65:2c:cd:cf:29:56:f3:
c8:d2:80:df:d2:b1:8e:08:20:ac:30:68:12:91:cc:
cf:66:c1:60:14:d5:85:e5:b3:97:6f:b1:da:a8:97:
39:bc:90:e0:1a:f1:bf:e1:b7:dc:26:df:71:10:fc:
77:f3:da:0e:10:55:57:d0:d2:29:01:93:48:45:47:
53:ce:9d:e2:04:d0:98:b7:24:86:e5:6c:2a:56:d6:
b6:b5:e8:a7:3a:72:3e:e3:8b:14:75:b9:ca:93:a4:
88:78:ef:2a:e0:f6:71:76:bf:57:03:c1:1a:5e:c7:
1e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E0:AF:3E:D2:47:BF:FB:54:24:92:68:76:5F:AD:42:91:60:EC:5D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QOCvPtJHv_tUJJJodl-tQpFg7F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:72:ba:20:6a:1a:98:c8:5b:c2:a7:c8:2a:0a:4f:3b:69:f6:
8e:78:1e:5b:c1:3b:45:ea:c4:76:d5:5a:45:14:9c:72:be:c4:
5b:b2:44:c9:22:c6:d7:4d:29:32:7f:60:b7:0a:91:0c:2b:ba:
21:51:4e:94:cd:ca:78:9e:49:8e:92:19:2d:67:95:83:a0:7b:
a9:e5:df:81:b7:f9:e9:66:83:5e:16:48:c7:fd:d9:17:77:08:
2d:a0:50:a4:ab:79:64:6a:58:1f:bd:04:4b:bb:6a:4c:11:e2:
c6:4b:6e:a3:51:1f:a0:41:ee:84:06:8b:92:2a:53:dc:a0:3b:
87:7e:81:61:82:00:81:f4:3f:94:a9:a1:53:09:95:f7:0d:e8:
ea:ff:ac:ef:18:5c:c1:ed:f1:eb:9c:52:c4:2c:fd:bf:1a:a0:
0a:38:d2:aa:ed:43:07:c4:4f:bd:f3:bb:7e:3e:d7:83:e8:76:
43:4f:72:02:32:61:73:10:f7:e9:c3:7d:3e:74:f9:69:23:72:
2c:ff:d7:12:36:52:1c:db:45:b8:5c:24:ce:68:86:9f:46:71:
89:cf:d2:c8:ce:b4:1f:b6:85:24:9a:ee:23:f4:9a:69:0f:b3:
3f:6c:8a:c5:90:ee:04:76:d2:e5:d8:9f:17:f4:ee:9d:a1:0c:
d5:ae:df:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq+iGWKvP/tvfzi3PAUE5euMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMjAxNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGUwYWYzZWQyNDdiZmZiNTQyNDkyNjg3NjVmYWQ0MjkxNjBlYzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjodBhkvOzwIU782niRw+2Ywd8vC
P2vWdjWtQG+JN8SI2gAsNnwDBPi95Hu6AdLmwfvRaCTyVzOfvt17Cs3qzqLCuExI
bwXSp1xmoUSGkY+/7BR69rsPOYztBR/EPDrmJJ+CPyENkMaWn5gNAm8+ue8BAy2D
nqcFvxFK9eE0spRQksH8U1vpKgcadQOUD2Uszc8pVvPI0oDf0rGOCCCsMGgSkczP
ZsFgFNWF5bOXb7HaqJc5vJDgGvG/4bfcJt9xEPx389oOEFVX0NIpAZNIRUdTzp3i
BNCYtySG5WwqVta2teinOnI+44sUdbnKk6SIeO8q4PZxdr9XA8EaXscePwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEDgrz7SR7/7VCSSaHZfrUKRYOxdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUU9DdlB0Skh2X3RVSkpKb2RsLXRRcEZnN0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFZyuiBqGpjIW8KnyCoK
Tztp9o54HlvBO0XqxHbVWkUUnHK+xFuyRMkixtdNKTJ/YLcKkQwruiFRTpTNynie
SY6SGS1nlYOge6nl34G3+elmg14WSMf92Rd3CC2gUKSreWRqWB+9BEu7akwR4sZL
bqNRH6BB7oQGi5IqU9ygO4d+gWGCAIH0P5SpoVMJlfcN6Or/rO8YXMHt8eucUsQs
/b8aoAo40qrtQwfET73zu34+14PodkNPcgIyYXMQ9+nDfT50+Wkjciz/1xI2Uhzb
RbhcJM5ohp9GcYnP0sjOtB+2hSSa7iP0mmkPsz9sisWQ7gR20uXYnxf07p2hDNWu
31o=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:58:44 2025 by rpki-client