Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QhklzF09cbFo73NgK02JTluVYyM.roa
File: QhklzF09cbFo73NgK02JTluVYyM.roa (raw, json)
Hash identifier: FTCr+9CBh4T3nC0PIRtlys9QxocgZch7u6p/pdmhi2g=
Subject key identifier: 42:19:25:CC:5D:3D:71:B1:68:EF:73:60:2B:4D:89:4E:5B:95:63:23
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B97AC5715028A83127761AEFDD98CCE20
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QhklzF09cbFo73NgK02JTluVYyM.roa
Signing time: Sat 04 Nov 2023 00:12:15 +0000
ROA not before: Sat 04 Nov 2023 00:12:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:97:ac:57:15:02:8a:83:12:77:61:ae:fd:d9:8c:ce:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 00:12:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=421925cc5d3d71b168ef73602b4d894e5b956323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8e:93:0c:a6:e4:b0:03:9a:52:ce:ed:74:e4:
eb:f8:93:4d:ab:0f:2d:2d:76:e2:2f:df:82:7c:4e:
7b:9b:f8:92:9c:31:f6:51:34:5f:c8:43:f9:be:13:
6d:fa:74:a5:f3:ee:77:66:fc:ac:f3:a5:3f:3c:c9:
d7:d8:31:4f:29:46:dd:77:ba:dd:30:43:c0:3a:69:
af:79:e2:a1:5c:94:d5:8e:e4:ca:32:b4:2b:5e:06:
b7:3c:02:26:b6:b6:d1:3f:e8:83:65:bb:7b:f9:fd:
19:c2:db:5e:b5:ac:df:43:a1:80:09:d5:41:a9:c3:
ad:6a:f0:07:d7:1d:14:13:aa:1a:1b:f4:25:a4:1c:
af:ec:79:4a:b3:af:f0:3c:7e:39:5c:3c:3a:ad:0e:
7b:15:29:4a:11:b8:3e:db:7f:2a:51:d9:27:76:29:
f9:c4:02:53:7e:9d:c1:35:f3:a7:ab:23:4a:6c:ef:
7a:f7:55:05:23:82:b1:8a:52:58:a9:41:a6:c1:45:
34:2e:58:fe:87:d4:a7:f2:f9:3b:be:be:ce:67:5d:
8b:af:5a:7a:e8:d4:6a:38:bf:47:51:c4:ec:c0:c0:
ba:bb:c1:37:fc:f6:0c:61:31:a2:82:fc:ef:f3:51:
dd:bd:da:95:fa:50:35:18:a8:c7:40:9d:e2:d1:ab:
9f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:19:25:CC:5D:3D:71:B1:68:EF:73:60:2B:4D:89:4E:5B:95:63:23
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QhklzF09cbFo73NgK02JTluVYyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
41:35:44:a8:58:fc:3a:72:09:94:38:2f:71:00:06:b2:77:c7:
64:36:47:d7:96:98:b4:28:cf:c4:30:e1:1a:59:35:76:d7:64:
98:38:0a:a1:3d:39:e4:91:91:9e:9d:9b:ab:80:49:98:0a:b8:
16:0d:1d:01:e0:67:76:ef:f1:9c:fa:bf:52:90:77:7a:77:1d:
3f:75:7c:47:f0:ee:f5:73:08:eb:f2:96:46:59:62:03:2f:30:
3e:58:4c:8e:3d:8d:81:db:8d:1c:24:57:20:c9:61:9a:cb:be:
f8:e1:a4:4b:51:e9:c3:42:6c:40:12:1c:14:7e:56:ea:9a:09:
b6:00:f9:b4:2a:9c:da:95:0b:1b:ba:6e:9b:b0:32:c6:e4:f6:
a2:c3:83:b7:3d:c1:13:af:25:d6:ff:5c:05:46:5e:14:6a:6a:
77:ba:db:3e:04:77:9e:fd:4d:99:54:fa:4f:2b:2e:54:f5:b9:
5d:4e:16:5f:61:12:7d:03:d3:4d:e8:4c:6e:07:e2:c8:04:c1:
30:1c:37:23:d5:d4:62:61:9f:dd:a9:4c:13:66:60:e6:ee:be:
1c:af:f6:69:7a:6d:a0:60:6c:72:ec:72:ed:8c:df:13:c8:70:
38:f5:fc:13:5c:c1:6c:f4:32:84:f0:51:41:87:0e:d0:71:55:
90:34:13:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuXrFcVAoqDEndhrv3ZjM4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MDAxMjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjE5MjVjYzVkM2Q3MWIxNjhlZjczNjAyYjRkODk0ZTViOTU2MzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA546TDKbksAOaUs7tdOTr+JNNqw8t
LXbiL9+CfE57m/iSnDH2UTRfyEP5vhNt+nSl8+53Zvys86U/PMnX2DFPKUbdd7rd
MEPAOmmveeKhXJTVjuTKMrQrXga3PAImtrbRP+iDZbt7+f0ZwttetazfQ6GACdVB
qcOtavAH1x0UE6oaG/QlpByv7HlKs6/wPH45XDw6rQ57FSlKEbg+238qUdkndin5
xAJTfp3BNfOnqyNKbO9691UFI4KxilJYqUGmwUU0Llj+h9Sn8vk7vr7OZ12Lr1p6
6NRqOL9HUcTswMC6u8E3/PYMYTGigvzv81HdvdqV+lA1GKjHQJ3i0auf2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEIZJcxdPXGxaO9zYCtNiU5blWMjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUWhrbHpGMDljYkZvNzNOZ0swMkpUbHVWWXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEE1RKhY/DpyCZQ4L3EA
BrJ3x2Q2R9eWmLQoz8Qw4RpZNXbXZJg4CqE9OeSRkZ6dm6uASZgKuBYNHQHgZ3bv
8Zz6v1KQd3p3HT91fEfw7vVzCOvylkZZYgMvMD5YTI49jYHbjRwkVyDJYZrLvvjh
pEtR6cNCbEASHBR+VuqaCbYA+bQqnNqVCxu6bpuwMsbk9qLDg7c9wROvJdb/XAVG
XhRqane62z4Ed579TZlU+k8rLlT1uV1OFl9hEn0D003oTG4H4sgEwTAcNyPV1GJh
n92pTBNmYObuvhyv9ml6baBgbHLscu2M3xPIcDj1/BNcwWz0MoTwUUGHDtBxVZA0
E7A=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:50:40 2025 by rpki-client