Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qc1QW81TNfD5Q3VFVOmOWOdfeww.roa
File: Qc1QW81TNfD5Q3VFVOmOWOdfeww.roa (raw, json)
Hash identifier: 0A4F3ijrYvoIE92NOppGbsZuKu/bQdTTfoY0QwFFtqw=
Subject key identifier: 41:CD:50:5B:CD:53:35:F0:F9:43:75:45:54:E9:8E:58:E7:5F:7B:0C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2C9AEFBDF85EE5EA18E8243662BA8A68
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qc1QW81TNfD5Q3VFVOmOWOdfeww.roa
Signing time: Sat 02 Dec 2023 22:16:40 +0000
ROA not before: Sat 02 Dec 2023 22:16:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2c:9a:ef:bd:f8:5e:e5:ea:18:e8:24:36:62:ba:8a:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 22:16:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41cd505bcd5335f0f943754554e98e58e75f7b0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8b:16:88:f8:a2:f8:fe:ba:61:53:dc:6e:9a:
96:3b:e0:45:e3:f7:98:29:7a:2a:36:f6:3e:37:64:
4d:19:0a:ca:66:f5:12:8f:02:59:30:24:5d:4a:12:
b2:ea:5e:06:b8:8e:73:53:8f:5a:13:99:ed:af:d8:
83:db:50:34:1f:fe:6c:70:95:59:9d:37:c2:ae:a1:
4b:9e:db:b8:f6:b1:8e:d5:64:22:46:b8:0f:5c:05:
ca:f4:91:46:1e:67:12:99:c0:5f:34:bc:3c:3f:d7:
9d:ab:6f:d1:3d:f0:94:2a:52:c4:de:23:b7:18:d0:
dd:09:ef:fb:8a:62:7e:e0:a9:0a:0c:9a:db:f9:79:
d2:48:b5:e5:0a:6a:1a:3b:63:fc:88:ff:31:0c:f2:
01:ab:42:47:e5:da:32:5d:e8:e3:f5:3c:2d:36:aa:
d5:5d:02:aa:06:76:47:f7:5d:82:55:43:d4:45:43:
0b:7f:23:33:ab:2a:4b:54:c0:a0:06:31:51:f5:84:
3c:0b:55:bc:34:75:4a:56:9f:97:ad:e6:8b:13:45:
eb:ce:47:5d:13:2b:6d:91:23:08:45:88:fd:5a:2c:
ce:c1:66:01:e7:f3:64:52:ce:39:ff:e5:ff:64:fa:
7d:ff:48:63:22:57:52:a2:59:ad:91:41:59:d4:51:
d7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CD:50:5B:CD:53:35:F0:F9:43:75:45:54:E9:8E:58:E7:5F:7B:0C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qc1QW81TNfD5Q3VFVOmOWOdfeww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:88:72:e0:2d:0a:19:ec:0d:ba:4c:6c:c0:fa:e8:74:81:58:
d9:80:01:56:d9:c1:83:b8:a0:86:2b:e6:c5:30:b0:6a:84:3e:
49:a4:00:e8:6e:2e:c0:6e:ae:93:8b:bc:8e:4e:ff:21:7e:68:
1d:2c:e7:23:5e:d4:de:2b:97:25:0b:63:7f:63:21:ad:70:d4:
b1:3b:c0:02:e3:2a:8d:b3:e2:15:f2:e7:80:34:3b:65:d4:0f:
f3:34:37:79:21:d3:93:cc:0d:d8:73:a0:34:29:de:ca:b3:a0:
12:c4:07:5d:be:ce:18:cc:a7:2a:46:3f:96:ca:c2:ec:36:eb:
24:28:01:3e:c8:b8:8a:f6:52:10:56:9c:1e:4c:e3:80:dd:f0:
47:d6:05:9d:18:8d:b6:8e:b4:44:9a:2d:b3:2c:64:cd:c6:60:
a7:d4:63:45:98:8f:d1:bb:e9:df:65:42:0c:bc:c5:b6:36:47:
4a:00:e0:31:6c:ab:58:ec:e4:3f:f7:b9:c0:68:54:19:81:02:
ea:43:68:50:63:b7:0e:67:fb:5a:10:17:d2:0c:0e:57:3b:ee:
e8:71:13:24:d4:7c:92:e3:7c:53:bd:d4:64:1c:e7:88:58:04:
84:ec:3a:c9:c9:57:8f:13:08:09:2d:5a:ec:b5:93:e3:74:82:
e1:9e:46:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwsmu+9+F7l6hjoJDZiuopoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMjIxNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWNkNTA1YmNkNTMzNWYwZjk0Mzc1NDU1NGU5OGU1OGU3NWY3YjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIsWiPii+P66YVPcbpqWO+BF4/eY
KXoqNvY+N2RNGQrKZvUSjwJZMCRdShKy6l4GuI5zU49aE5ntr9iD21A0H/5scJVZ
nTfCrqFLntu49rGO1WQiRrgPXAXK9JFGHmcSmcBfNLw8P9edq2/RPfCUKlLE3iO3
GNDdCe/7imJ+4KkKDJrb+XnSSLXlCmoaO2P8iP8xDPIBq0JH5doyXejj9TwtNqrV
XQKqBnZH912CVUPURUMLfyMzqypLVMCgBjFR9YQ8C1W8NHVKVp+XreaLE0Xrzkdd
EyttkSMIRYj9WizOwWYB5/NkUs45/+X/ZPp9/0hjIldSolmtkUFZ1FHXqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEHNUFvNUzXw+UN1RVTpjljnX3sMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUWMxUVc4MVROZkQ1UTNWRlZPbU9XT2RmZXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACKIcuAtChnsDbpMbMD6
6HSBWNmAAVbZwYO4oIYr5sUwsGqEPkmkAOhuLsBurpOLvI5O/yF+aB0s5yNe1N4r
lyULY39jIa1w1LE7wALjKo2z4hXy54A0O2XUD/M0N3kh05PMDdhzoDQp3sqzoBLE
B12+zhjMpypGP5bKwuw26yQoAT7IuIr2UhBWnB5M44Dd8EfWBZ0YjbaOtESaLbMs
ZM3GYKfUY0WYj9G76d9lQgy8xbY2R0oA4DFsq1js5D/3ucBoVBmBAupDaFBjtw5n
+1oQF9IMDlc77uhxEyTUfJLjfFO91GQc54hYBITsOsnJV48TCAktWuy1k+N0guGe
Rk8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:05 2025 by rpki-client