Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QkYS4uqrXdP6ywaOqty9jXPuORw.roa
File: QkYS4uqrXdP6ywaOqty9jXPuORw.roa (raw, json)
Hash identifier: MVZHI4vyDXEaqevO+ajCXyb3PZcq5LA6eD5uibThbwA=
Subject key identifier: 42:46:12:E2:EA:AB:5D:D3:FA:CB:06:8E:AA:DC:BD:8D:73:EE:39:1C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ABEBF85B9B2A9FA1DC9D23693096B5712
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QkYS4uqrXdP6ywaOqty9jXPuORw.roa
Signing time: Fri 22 Sep 2023 21:15:37 +0000
ROA not before: Fri 22 Sep 2023 21:15:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:be:bf:85:b9:b2:a9:fa:1d:c9:d2:36:93:09:6b:57:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 22 21:15:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=424612e2eaab5dd3facb068eaadcbd8d73ee391c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:73:92:1b:05:15:b2:3e:8d:5e:2a:a8:57:00:
03:6b:6b:00:4b:e4:1f:31:08:0e:6e:49:51:4d:1f:
10:ba:7c:83:09:29:1e:f1:56:dc:71:35:cc:70:3e:
79:47:70:00:c3:0a:af:1c:78:60:3e:54:7c:9b:d0:
dd:25:25:e0:91:77:7f:a0:b8:ec:d5:78:3e:6d:3e:
cf:ee:4e:01:3c:4f:8f:48:1a:df:4f:34:f2:b1:c7:
86:a7:ba:cf:0a:26:65:a8:41:2a:60:e1:8b:8d:d8:
22:42:47:6a:c7:f1:bd:64:d3:a0:1d:d5:af:3d:80:
ca:e7:15:1b:52:e4:90:d8:a3:3c:01:b7:c3:16:d3:
cb:f4:1a:c9:67:fb:9e:d6:72:24:33:78:e4:4c:6a:
5c:32:35:aa:fd:d2:b7:38:34:ae:41:b3:52:1e:4e:
c7:68:a6:1a:eb:e1:85:02:69:d6:6a:01:c6:15:35:
0e:11:01:f7:a0:7a:91:e1:b1:16:a0:20:bb:f6:a3:
46:7c:db:ca:8d:96:68:6a:bd:6d:ef:31:2e:71:fe:
70:d9:08:1f:10:a7:45:ee:34:cb:de:d2:bd:7c:36:
b3:b9:2d:69:3b:6e:27:76:05:c6:19:e4:6c:7b:7c:
05:6a:a9:c6:36:37:4d:1c:ae:ef:08:21:a2:b9:a1:
a6:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:46:12:E2:EA:AB:5D:D3:FA:CB:06:8E:AA:DC:BD:8D:73:EE:39:1C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QkYS4uqrXdP6ywaOqty9jXPuORw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:6c:d5:97:c3:99:cd:82:37:0b:9f:6d:ce:01:15:a0:0f:26:
7d:61:86:bf:c2:99:8b:70:9d:bd:13:5a:85:8c:12:26:7a:a6:
21:9d:06:47:fb:f5:2e:cb:02:dd:c7:a9:14:3d:49:6a:00:d5:
b9:9f:9f:16:b5:1c:e8:dd:41:45:11:83:46:f4:55:13:d5:71:
70:dc:7a:3d:5a:56:16:97:cb:a3:15:98:6b:b5:7e:d5:90:11:
b4:10:54:b2:26:57:83:58:77:64:b1:82:36:13:8d:a8:98:d2:
4c:b1:bb:03:1b:c8:7b:7b:cd:6b:26:b5:50:ed:60:98:be:82:
b5:93:2e:d1:2b:bb:e5:3a:36:be:78:44:8c:2f:f9:a0:9c:5c:
4a:b6:69:57:0d:4a:2f:0e:b3:3e:8c:ae:ff:e3:d3:38:b1:f2:
bd:fa:8a:3b:63:35:39:f2:1a:0b:c0:cf:f5:01:24:97:f5:b5:
49:a3:3d:f7:72:35:79:3c:f3:33:f7:33:ae:8b:21:1b:42:a3:
fe:36:08:79:0a:f0:bb:bb:35:cf:08:43:df:ab:31:ed:66:b5:
82:22:7c:4d:02:23:2e:37:d7:2c:72:99:38:d7:e8:71:b2:57:
7a:69:bb:23:6c:00:3a:3b:52:c9:b4:f5:93:26:a3:90:b0:29:
ae:61:03:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYq+v4W5sqn6HcnSNpMJa1cSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIyMjExNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjQ2MTJlMmVhYWI1ZGQzZmFjYjA2OGVhYWRjYmQ4ZDczZWUzOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3XOSGwUVsj6NXiqoVwADa2sAS+Qf
MQgObklRTR8QunyDCSke8VbccTXMcD55R3AAwwqvHHhgPlR8m9DdJSXgkXd/oLjs
1Xg+bT7P7k4BPE+PSBrfTzTysceGp7rPCiZlqEEqYOGLjdgiQkdqx/G9ZNOgHdWv
PYDK5xUbUuSQ2KM8AbfDFtPL9BrJZ/ue1nIkM3jkTGpcMjWq/dK3ODSuQbNSHk7H
aKYa6+GFAmnWagHGFTUOEQH3oHqR4bEWoCC79qNGfNvKjZZoar1t7zEucf5w2Qgf
EKdF7jTL3tK9fDazuS1pO24ndgXGGeRse3wFaqnGNjdNHK7vCCGiuaGmDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJGEuLqq13T+ssGjqrcvY1z7jkcMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUWtZUzR1cXJYZFA2eXdhT3F0eTlqWFB1T1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADNs1ZfDmc2CNwufbc4B
FaAPJn1hhr/CmYtwnb0TWoWMEiZ6piGdBkf79S7LAt3HqRQ9SWoA1bmfnxa1HOjd
QUURg0b0VRPVcXDcej1aVhaXy6MVmGu1ftWQEbQQVLImV4NYd2SxgjYTjaiY0kyx
uwMbyHt7zWsmtVDtYJi+grWTLtEru+U6Nr54RIwv+aCcXEq2aVcNSi8Osz6Mrv/j
0zix8r36ijtjNTnyGgvAz/UBJJf1tUmjPfdyNXk88zP3M66LIRtCo/42CHkK8Lu7
Nc8IQ9+rMe1mtYIifE0CIy431yxymTjX6HGyV3ppuyNsADo7Usm09ZMmo5CwKa5h
A3o=
-----END CERTIFICATE-----
Generated at Tue Apr 22 21:07:33 2025 by rpki-client