Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qr2WvJIFm0N8tgiBNx_mj59yqtU.roa
File: Qr2WvJIFm0N8tgiBNx_mj59yqtU.roa (raw, json)
Hash identifier: 39MVnyOZ4QBjr2QSFp5OoXUv9fzKXkxNA0ae1tPnsZk=
Subject key identifier: 42:BD:96:BC:92:05:9B:43:7C:B6:08:81:37:1F:E6:8F:9F:72:AA:D5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BAC10B4E39D57AAB1A1A92FAA14DA2496
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qr2WvJIFm0N8tgiBNx_mj59yqtU.roa
Signing time: Tue 07 Nov 2023 23:14:17 +0000
ROA not before: Tue 07 Nov 2023 23:14:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ac:10:b4:e3:9d:57:aa:b1:a1:a9:2f:aa:14:da:24:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 7 23:14:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42bd96bc92059b437cb60881371fe68f9f72aad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:38:a1:81:14:7f:5e:37:05:dd:43:a2:d0:cf:
b4:5d:d8:52:e8:4a:fa:9f:c3:bd:3e:aa:31:d1:16:
87:8d:b9:9d:1e:d7:da:e7:ef:a1:f2:22:04:85:9c:
3b:af:bb:47:d8:2a:15:5f:35:45:f0:fc:8f:f6:59:
80:18:c6:a5:59:3c:03:9f:37:a9:55:b8:45:47:4f:
74:32:da:14:12:4a:75:e5:cb:89:c4:a9:79:56:9f:
85:5d:d3:ae:0a:ec:56:86:38:b2:da:34:23:d2:07:
28:3a:1a:75:62:18:56:99:c0:cf:51:1b:33:03:6d:
6b:0f:31:f3:ad:c5:89:b1:3b:25:8e:06:cb:7f:b3:
51:18:ae:7e:2e:60:25:2a:6c:22:d0:b9:03:5a:1b:
b5:ca:d6:7e:92:9d:9e:2e:65:d8:4d:a9:a4:fb:03:
1a:fe:ff:bf:a0:1b:f5:67:6a:ec:e5:13:95:fb:dd:
ec:aa:ae:7c:3f:a4:ba:09:de:51:7e:61:55:36:39:
eb:fa:1a:0c:c7:e5:b9:af:cc:b4:ca:a8:ec:0f:8f:
89:56:b7:f7:29:4f:0c:de:d7:ad:23:c1:b7:74:92:
8f:d0:ad:c3:69:72:c2:43:7b:34:47:17:f8:61:14:
f3:5d:a7:a2:d3:88:14:7d:af:b0:c9:44:cd:f5:35:
35:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:BD:96:BC:92:05:9B:43:7C:B6:08:81:37:1F:E6:8F:9F:72:AA:D5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Qr2WvJIFm0N8tgiBNx_mj59yqtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d4:a4:8b:e8:05:5d:05:f9:d8:20:4f:bf:20:59:b8:4e:c6:5c:
15:a1:a3:03:b5:41:8a:42:d9:ca:9c:17:2d:26:fd:1d:26:9f:
c0:78:e3:24:16:e3:18:64:f8:32:af:6a:fc:06:33:de:db:b4:
f7:de:52:3b:87:da:fa:ff:65:52:86:d9:b7:65:ef:b3:73:d8:
2e:ee:06:38:c7:7e:55:8c:84:bb:85:23:91:c6:bd:75:0e:06:
69:36:0e:40:80:2f:8e:b0:b1:42:79:cb:d1:f4:c8:83:70:26:
99:77:c7:c1:de:b7:c9:74:83:89:4c:3a:f1:29:89:d4:8f:68:
8a:5e:9d:3e:8b:db:74:1a:64:af:cd:6e:4e:10:74:4a:22:af:
87:1b:ef:98:20:8a:a7:98:84:82:10:e6:42:65:ea:bf:c5:0b:
64:ef:5f:ab:0f:51:e7:d7:f0:fa:7f:be:64:39:a4:38:00:87:
fc:11:71:7e:15:95:1d:61:71:7e:4c:c1:7f:b8:3b:b9:8f:03:
ea:4d:75:97:d0:fc:1b:7f:2d:06:ed:e6:5c:c0:5b:4b:6f:66:
09:a5:4a:1f:7f:59:f9:26:7c:24:f8:b8:7a:95:11:eb:ce:15:
2c:ee:ec:62:54:60:55:41:cf:fd:d0:91:9a:33:fd:b5:3f:77:
57:c7:e8:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYusELTjnVeqsaGpL6oU2iSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA3MjMxNDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmJkOTZiYzkyMDU5YjQzN2NiNjA4ODEzNzFmZTY4ZjlmNzJhYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijihgRR/XjcF3UOi0M+0XdhS6Er6
n8O9Pqox0RaHjbmdHtfa5++h8iIEhZw7r7tH2CoVXzVF8PyP9lmAGMalWTwDnzep
VbhFR090MtoUEkp15cuJxKl5Vp+FXdOuCuxWhjiy2jQj0gcoOhp1YhhWmcDPURsz
A21rDzHzrcWJsTsljgbLf7NRGK5+LmAlKmwi0LkDWhu1ytZ+kp2eLmXYTamk+wMa
/v+/oBv1Z2rs5ROV+93sqq58P6S6Cd5RfmFVNjnr+hoMx+W5r8y0yqjsD4+JVrf3
KU8M3tetI8G3dJKP0K3DaXLCQ3s0Rxf4YRTzXaei04gUfa+wyUTN9TU1cwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEK9lrySBZtDfLYIgTcf5o+fcqrVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUXIyV3ZKSUZtME44dGdpQk54X21qNTl5cXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANSki+gFXQX52CBPvyBZ
uE7GXBWhowO1QYpC2cqcFy0m/R0mn8B44yQW4xhk+DKvavwGM97btPfeUjuH2vr/
ZVKG2bdl77Nz2C7uBjjHflWMhLuFI5HGvXUOBmk2DkCAL46wsUJ5y9H0yINwJpl3
x8Het8l0g4lMOvEpidSPaIpenT6L23QaZK/Nbk4QdEoir4cb75ggiqeYhIIQ5kJl
6r/FC2TvX6sPUefX8Pp/vmQ5pDgAh/wRcX4VlR1hcX5MwX+4O7mPA+pNdZfQ/Bt/
LQbt5lzAW0tvZgmlSh9/WfkmfCT4uHqVEevOFSzu7GJUYFVBz/3QkZoz/bU/d1fH
6Dk=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:59:31 2025 by rpki-client