Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QkXZQ4FGJPVnsrVKvXJ2dAgJ3GM.roa
File: QkXZQ4FGJPVnsrVKvXJ2dAgJ3GM.roa (raw, json)
Hash identifier: ZU5Fowedd+TnPzm7Cb6DifBNtfunKg89ypaO6cnB7HA=
Subject key identifier: 42:45:D9:43:81:46:24:F5:67:B2:B5:4A:BD:72:76:74:08:09:DC:63
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B50AF201A2807753F92C3CC2477E234CC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QkXZQ4FGJPVnsrVKvXJ2dAgJ3GM.roa
Signing time: Sat 21 Oct 2023 05:22:16 +0000
ROA not before: Sat 21 Oct 2023 05:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:50:af:20:1a:28:07:75:3f:92:c3:cc:24:77:e2:34:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 05:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4245d943814624f567b2b54abd7276740809dc63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:11:08:70:c1:dd:13:28:9c:ec:dd:ea:09:1c:
49:01:95:25:09:d6:73:31:2d:00:e9:9a:d3:92:47:
e7:28:50:c4:fd:0a:84:71:70:a9:7f:b1:1f:64:79:
d6:6c:09:8f:d7:16:1e:a4:a7:8d:03:76:e1:d3:4e:
73:ae:04:28:64:e7:65:31:d6:24:10:0e:f8:8c:5e:
04:a1:4d:68:83:5b:1c:25:e3:35:69:eb:7a:50:6c:
15:36:b3:fe:d6:b0:c3:82:d2:f1:9e:8a:b9:a0:05:
82:e2:82:db:9a:5c:d4:57:ae:cd:02:a3:5f:e1:af:
17:ee:a8:aa:c9:da:cc:e0:65:15:ea:e4:67:51:89:
71:2d:e5:ee:b0:98:08:e2:11:31:73:39:cc:dd:05:
d8:64:02:a8:87:99:59:81:17:92:3b:d7:6d:54:0a:
00:2a:bb:4e:21:2e:da:15:a3:0a:29:e4:50:6e:b2:
b5:71:b0:bf:66:67:60:af:f4:75:63:9d:77:e9:97:
34:5d:03:7d:53:9c:a0:15:3b:62:60:cd:67:35:92:
73:c5:47:0f:fc:bf:54:c6:cf:78:91:a0:f0:66:7b:
9c:db:27:b1:c7:56:d5:f9:47:5a:f7:d5:8b:a6:5a:
78:ff:33:ed:bd:f0:83:ba:05:ae:a2:85:52:b2:52:
37:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:45:D9:43:81:46:24:F5:67:B2:B5:4A:BD:72:76:74:08:09:DC:63
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QkXZQ4FGJPVnsrVKvXJ2dAgJ3GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:66:f3:3c:06:cc:1a:d5:8b:96:d8:dc:59:b1:6d:59:a3:6f:
4c:86:a4:e8:85:8b:8a:c4:e6:42:22:5a:b5:59:6b:1b:d5:6c:
7d:bd:2e:36:80:e7:b5:cd:37:43:69:95:b0:70:f0:31:e6:ff:
47:e6:c4:a4:d9:37:d6:22:12:f4:9f:70:87:56:64:95:8c:fb:
f0:d0:3f:4f:de:f5:fd:39:19:61:bf:8b:49:31:5f:e0:bc:5c:
44:d0:d9:3c:91:de:19:48:2f:d5:c5:a7:a1:85:a0:7b:99:18:
24:f6:f7:b2:09:69:66:9c:f2:fb:9b:18:c8:73:43:b0:8a:bd:
bb:83:93:2a:d5:24:1c:06:17:50:c3:0f:20:6c:bf:a4:f5:43:
43:60:a6:44:6f:d8:65:9a:2d:f3:93:87:dd:05:fe:32:1d:41:
e6:67:c5:3f:ca:37:09:7d:43:d3:72:03:94:d3:22:3d:97:ea:
a2:85:bf:3f:ae:48:a3:00:3f:3f:b6:d6:05:65:68:21:10:81:
9a:cb:4e:54:50:b0:00:bc:67:30:0a:30:4c:cd:4f:1c:8f:4d:
37:7d:09:5b:d6:fe:6e:f7:a2:71:a0:2b:10:ad:2e:8b:73:7e:
96:eb:62:36:89:58:bc:10:b6:c2:75:51:e0:b6:dc:6d:23:95:
95:24:75:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtQryAaKAd1P5LDzCR34jTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMDUyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ1ZDk0MzgxNDYyNGY1NjdiMmI1NGFiZDcyNzY3NDA4MDlkYzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhEIcMHdEyic7N3qCRxJAZUlCdZz
MS0A6ZrTkkfnKFDE/QqEcXCpf7EfZHnWbAmP1xYepKeNA3bh005zrgQoZOdlMdYk
EA74jF4EoU1og1scJeM1aet6UGwVNrP+1rDDgtLxnoq5oAWC4oLbmlzUV67NAqNf
4a8X7qiqydrM4GUV6uRnUYlxLeXusJgI4hExcznM3QXYZAKoh5lZgReSO9dtVAoA
KrtOIS7aFaMKKeRQbrK1cbC/Zmdgr/R1Y5136Zc0XQN9U5ygFTtiYM1nNZJzxUcP
/L9Uxs94kaDwZnuc2yexx1bV+Uda99WLplp4/zPtvfCDugWuooVSslI3PQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJF2UOBRiT1Z7K1Sr1ydnQICdxjMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUWtYWlE0RkdKUFZuc3JWS3ZYSjJkQWdKM0dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHBm8zwGzBrVi5bY3Fmx
bVmjb0yGpOiFi4rE5kIiWrVZaxvVbH29LjaA57XNN0NplbBw8DHm/0fmxKTZN9Yi
EvSfcIdWZJWM+/DQP0/e9f05GWG/i0kxX+C8XETQ2TyR3hlIL9XFp6GFoHuZGCT2
97IJaWac8vubGMhzQ7CKvbuDkyrVJBwGF1DDDyBsv6T1Q0NgpkRv2GWaLfOTh90F
/jIdQeZnxT/KNwl9Q9NyA5TTIj2X6qKFvz+uSKMAPz+21gVlaCEQgZrLTlRQsAC8
ZzAKMEzNTxyPTTd9CVvW/m73onGgKxCtLotzfpbrYjaJWLwQtsJ1UeC23G0jlZUk
dTc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:47:10 2025 by rpki-client