Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qfq1DItfsdsHrSFSF3FEryKkr6A.roa
File: Qfq1DItfsdsHrSFSF3FEryKkr6A.roa (raw, json)
Hash identifier: 2mZqoWK1sL3ID4poVikIHEh3BiaSFdXaj5sDLLi8Rd8=
Subject key identifier: 41:FA:B5:0C:8B:5F:B1:DB:07:AD:21:52:17:71:44:AF:22:A4:AF:A0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B506FF389A6364141B6DBAC618D41392C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qfq1DItfsdsHrSFSF3FEryKkr6A.roa
Signing time: Sat 21 Oct 2023 04:13:15 +0000
ROA not before: Sat 21 Oct 2023 04:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:50:6f:f3:89:a6:36:41:41:b6:db:ac:61:8d:41:39:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 04:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41fab50c8b5fb1db07ad2152177144af22a4afa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ba:fa:49:01:a8:44:46:6d:f6:18:4b:19:66:
fe:4b:22:3a:ba:75:1e:b2:f6:50:77:4b:48:24:b9:
89:44:12:ea:8c:fb:42:51:ce:0d:95:51:6a:1d:cc:
24:be:9d:35:27:b1:73:36:f0:0c:2c:6f:ce:55:e9:
79:e8:8c:db:bb:37:3f:b5:10:48:b7:57:fb:10:b1:
2f:a2:33:91:4d:92:8f:46:ab:64:1c:47:1d:92:46:
9b:52:46:cf:22:ec:f4:08:8b:4b:fc:72:7b:26:50:
26:7d:73:8b:88:4a:00:60:e3:9f:b7:b9:28:4f:fa:
3c:10:23:33:2a:b6:14:c0:23:f4:c5:5c:c2:5f:22:
59:e3:ba:96:09:e2:93:e3:c0:1d:59:e1:74:cb:22:
58:d5:a4:f4:08:14:52:60:db:92:10:26:e1:c6:86:
06:b6:d5:b3:dd:83:8c:33:97:6e:31:16:8e:42:03:
57:4c:59:d3:b6:7d:4f:af:6b:bd:a8:2b:1e:b5:c2:
37:a9:2a:31:f8:4e:78:3a:ce:85:b4:00:8e:55:a8:
72:b8:1a:c1:91:2d:8b:fa:f7:a0:a5:f7:7e:d2:60:
69:5a:23:3f:0c:83:a8:c8:43:4c:86:ba:e1:ae:40:
e0:81:04:72:3c:f6:72:4c:28:14:74:50:95:84:a2:
4a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:FA:B5:0C:8B:5F:B1:DB:07:AD:21:52:17:71:44:AF:22:A4:AF:A0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qfq1DItfsdsHrSFSF3FEryKkr6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ae:44:8d:04:67:aa:62:bd:5a:92:8d:ec:cf:b5:cd:0f:13:53:
2a:48:7a:04:eb:53:6a:57:ca:a2:24:d3:ff:9f:ff:d8:24:8a:
c3:67:f2:ab:b1:ff:0f:00:93:07:45:78:e8:dd:0b:6c:89:ce:
1c:2c:64:14:6f:93:d6:0c:5f:39:eb:ad:5e:d2:f6:df:eb:cb:
99:48:7d:a9:10:36:eb:16:71:40:70:06:f3:d0:d4:fe:52:09:
3b:2c:93:1a:bb:63:b7:a7:f4:d8:fa:93:be:13:78:c2:9a:a7:
a9:09:bc:dd:b2:91:5c:9b:6a:6c:d5:ee:99:71:e2:0b:ff:15:
61:5f:09:a1:64:4a:04:a2:2a:bd:28:5d:e8:cb:80:94:86:c1:
ea:a5:b7:be:26:9c:f5:0f:32:03:c9:51:c7:8a:fd:50:50:8b:
70:ee:1b:36:1b:c8:32:1e:ab:5a:37:42:ee:5d:4e:df:82:e2:
79:47:58:0e:80:b7:55:4c:0c:0d:ee:1d:53:9b:04:53:95:61:
d1:e2:d9:d4:b2:88:c7:4f:cf:db:3b:dc:8a:fd:7b:9d:68:8d:
f3:61:98:a6:9d:37:99:c4:85:e7:99:0e:44:5c:9f:96:14:8e:
38:4e:21:1f:89:66:11:46:b2:50:a3:74:59:4b:f0:b3:d8:2f:
57:74:89:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtQb/OJpjZBQbbbrGGNQTksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMDQxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWZhYjUwYzhiNWZiMWRiMDdhZDIxNTIxNzcxNDRhZjIyYTRhZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibr6SQGoREZt9hhLGWb+SyI6unUe
svZQd0tIJLmJRBLqjPtCUc4NlVFqHcwkvp01J7FzNvAMLG/OVel56Izbuzc/tRBI
t1f7ELEvojORTZKPRqtkHEcdkkabUkbPIuz0CItL/HJ7JlAmfXOLiEoAYOOft7ko
T/o8ECMzKrYUwCP0xVzCXyJZ47qWCeKT48AdWeF0yyJY1aT0CBRSYNuSECbhxoYG
ttWz3YOMM5duMRaOQgNXTFnTtn1Pr2u9qCsetcI3qSox+E54Os6FtACOVahyuBrB
kS2L+vegpfd+0mBpWiM/DIOoyENMhrrhrkDggQRyPPZyTCgUdFCVhKJKIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEH6tQyLX7HbB60hUhdxRK8ipK+gMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUWZxMURJdGZzZHNIclNGU0YzRkVyeUtrcjZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK5EjQRnqmK9WpKN7M+1
zQ8TUypIegTrU2pXyqIk0/+f/9gkisNn8qux/w8AkwdFeOjdC2yJzhwsZBRvk9YM
XznrrV7S9t/ry5lIfakQNusWcUBwBvPQ1P5SCTsskxq7Y7en9Nj6k74TeMKap6kJ
vN2ykVybamzV7plx4gv/FWFfCaFkSgSiKr0oXejLgJSGweqlt74mnPUPMgPJUceK
/VBQi3DuGzYbyDIeq1o3Qu5dTt+C4nlHWA6At1VMDA3uHVObBFOVYdHi2dSyiMdP
z9s73Ir9e51ojfNhmKadN5nEheeZDkRcn5YUjjhOIR+JZhFGslCjdFlL8LPYL1d0
iXg=
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:02:17 2025 by rpki-client