Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ql1iI2aKlZ-C9xm3UBsyB1MWgrg.roa
File: Ql1iI2aKlZ-C9xm3UBsyB1MWgrg.roa (raw, json)
Hash identifier: L8UgF9j6to4Aq2JzOUjtQ1ZN8jS6bQSx9welcPvK4E0=
Subject key identifier: 42:5D:62:23:66:8A:95:9F:82:F7:19:B7:50:1B:32:07:53:16:82:B8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6A9CBDD78FA1F635B017AE6071208474
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ql1iI2aKlZ-C9xm3UBsyB1MWgrg.roa
Signing time: Thu 14 Dec 2023 23:15:06 +0000
ROA not before: Thu 14 Dec 2023 23:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6a:9c:bd:d7:8f:a1:f6:35:b0:17:ae:60:71:20:84:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 14 23:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=425d6223668a959f82f719b7501b3207531682b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:55:7b:50:3a:6b:81:5a:a2:a1:ed:12:58:f7:
36:19:72:3b:ac:3a:b2:2a:1a:52:97:dd:4a:a8:14:
9d:42:6c:ac:ee:d8:d3:96:ca:1a:10:0a:d8:83:cd:
b9:fc:5f:d2:1a:f4:6a:f5:70:35:7d:4e:b8:7e:39:
c5:75:3d:10:e1:41:b9:54:26:8a:74:16:30:5f:e3:
88:aa:57:42:ef:b4:33:76:0d:2d:9e:2c:32:4c:83:
c6:c8:45:0c:8b:2c:fe:87:28:b8:9e:58:5e:9c:9d:
2b:75:c1:d8:b5:8a:f6:f1:29:f2:1d:5e:f1:49:64:
6d:3f:eb:6f:bb:30:1e:d6:4d:b1:2c:06:79:f6:80:
97:9b:a3:3b:0d:8c:eb:21:04:f2:cc:e1:be:6b:dc:
4a:56:1c:ae:18:9e:ba:20:25:00:d2:5b:9b:e9:e3:
7a:38:ab:be:08:2c:b2:76:53:6f:4c:b7:5c:e7:5d:
9b:14:c7:ce:fc:20:53:26:ee:bd:5a:c0:7a:46:4a:
f4:f9:82:cd:4f:07:06:98:a5:8a:bb:cb:fd:87:bb:
9f:9f:fc:3b:37:f9:a3:7f:7e:80:e0:72:6d:5f:68:
e2:f6:6e:9f:b8:c2:6b:f4:47:13:81:af:b6:dc:2f:
83:04:5b:49:69:ec:b6:92:b1:91:a7:27:ef:c6:34:
a4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5D:62:23:66:8A:95:9F:82:F7:19:B7:50:1B:32:07:53:16:82:B8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ql1iI2aKlZ-C9xm3UBsyB1MWgrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:36:e6:0d:35:1a:7e:7e:b0:a2:3b:7d:e3:85:96:30:e4:77:
31:f7:e7:e1:e2:d7:86:6f:fb:f1:5a:f6:38:a1:2d:9a:b6:a0:
12:31:85:95:45:4c:89:da:1b:75:0d:16:db:c7:5f:45:58:5e:
2c:ed:49:a2:9e:87:69:bd:c8:be:39:f0:ba:d6:42:e6:77:87:
84:df:db:81:97:08:a4:8f:8f:7b:90:f7:56:3d:4d:9a:27:19:
b8:70:fe:31:b9:c4:2c:61:a7:6a:1f:1a:7a:77:15:bc:1a:d7:
c9:5d:d8:33:46:67:ac:51:eb:f0:ad:d4:d1:0a:30:f0:25:58:
2e:a3:8c:ef:cd:73:50:b7:53:6d:34:58:75:64:bb:d6:5b:36:
72:a4:14:d1:da:59:3c:c0:9c:ad:b7:36:5d:0f:bb:f4:93:96:
8b:e5:c8:b3:f0:8a:2a:5d:85:8a:16:cf:8d:20:6c:e3:9b:8b:
4b:07:0f:08:06:11:b2:a5:02:ab:cc:38:4e:c4:30:0d:44:39:
7f:5f:aa:19:cb:bc:f1:11:c7:ee:23:41:f4:fa:18:9a:91:23:
c8:a3:ae:9b:94:a5:a2:b8:e5:cc:57:1a:6d:22:b0:e2:b5:76:
c8:f9:44:4d:ab:b5:02:06:eb:12:a7:7f:53:04:1b:ef:75:1a:
6e:a3:48:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxqnL3Xj6H2NbAXrmBxIIR0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE0MjMxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjVkNjIyMzY2OGE5NTlmODJmNzE5Yjc1MDFiMzIwNzUzMTY4MmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFV7UDprgVqioe0SWPc2GXI7rDqy
KhpSl91KqBSdQmys7tjTlsoaEArYg825/F/SGvRq9XA1fU64fjnFdT0Q4UG5VCaK
dBYwX+OIqldC77Qzdg0tniwyTIPGyEUMiyz+hyi4nlhenJ0rdcHYtYr28SnyHV7x
SWRtP+tvuzAe1k2xLAZ59oCXm6M7DYzrIQTyzOG+a9xKVhyuGJ66ICUA0lub6eN6
OKu+CCyydlNvTLdc512bFMfO/CBTJu69WsB6Rkr0+YLNTwcGmKWKu8v9h7ufn/w7
N/mjf36A4HJtX2ji9m6fuMJr9EcTga+23C+DBFtJaey2krGRpyfvxjSk3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJdYiNmipWfgvcZt1AbMgdTFoK4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUWwxaUkyYUtsWi1DOXhtM1VCc3lCMU1XZ3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHw25g01Gn5+sKI7feOF
ljDkdzH35+Hi14Zv+/Fa9jihLZq2oBIxhZVFTInaG3UNFtvHX0VYXiztSaKeh2m9
yL458LrWQuZ3h4Tf24GXCKSPj3uQ91Y9TZonGbhw/jG5xCxhp2ofGnp3Fbwa18ld
2DNGZ6xR6/Ct1NEKMPAlWC6jjO/Nc1C3U200WHVku9ZbNnKkFNHaWTzAnK23Nl0P
u/STlovlyLPwiipdhYoWz40gbOObi0sHDwgGEbKlAqvMOE7EMA1EOX9fqhnLvPER
x+4jQfT6GJqRI8ijrpuUpaK45cxXGm0isOK1dsj5RE2rtQIG6xKnf1MEG+91Gm6j
SHw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:31:28 2025 by rpki-client