Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QvtJdPwpucgAHe9KjLLjGBy7K1I.roa
File: QvtJdPwpucgAHe9KjLLjGBy7K1I.roa (raw, json)
Hash identifier: mQWNXi0GEOE9KN9wr1J9f92HeFXoANDkB1DK978Il3g=
Subject key identifier: 42:FB:49:74:FC:29:B9:C8:00:1D:EF:4A:8C:B2:E3:18:1C:BB:2B:52
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B4022D494F9EFB220CDAF749FAEEB1BB9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QvtJdPwpucgAHe9KjLLjGBy7K1I.roa
Signing time: Wed 18 Oct 2023 00:15:06 +0000
ROA not before: Wed 18 Oct 2023 00:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:40:22:d4:94:f9:ef:b2:20:cd:af:74:9f:ae:eb:1b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 18 00:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42fb4974fc29b9c8001def4a8cb2e3181cbb2b52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ae:0d:da:64:6d:1d:90:ef:41:80:26:03:da:
30:f3:c1:3c:99:14:8f:03:22:3f:95:48:56:3c:d2:
27:4c:db:a7:6c:b3:0b:61:90:b7:2e:11:13:35:38:
e6:58:9f:d0:50:41:54:47:7d:6e:9f:66:a7:cd:2f:
6c:6c:e4:91:1d:b8:bc:46:67:95:43:83:83:5f:83:
b0:62:00:44:d1:78:8d:a4:f4:3a:c7:1e:8e:6a:e9:
23:61:36:fa:cf:2b:03:42:46:19:ca:03:d3:7e:3e:
dd:db:a3:5a:29:01:91:aa:d8:f6:2e:2f:8c:c9:bb:
b5:c4:62:c0:81:a5:a4:0c:0b:9e:1a:2a:24:00:7e:
9e:be:94:20:d7:b9:86:9b:0d:3f:b5:a3:74:3f:fb:
04:a1:43:6e:c2:42:f1:1a:41:e4:7a:90:43:ed:c2:
d3:77:5d:bd:92:3b:e7:e3:73:1c:fb:da:0d:c9:ee:
dd:b1:ba:22:ec:65:ba:2f:6a:9a:bf:ab:e4:3d:f0:
ba:c4:2c:d2:81:bf:6d:b7:74:7c:05:7f:ca:bc:31:
c6:1d:4e:52:d0:7a:59:e1:a2:ac:13:33:12:55:1f:
2d:c1:ad:68:f4:01:e4:fa:5c:2e:9e:5c:11:fb:32:
be:0e:ff:9a:d8:28:d2:75:c8:79:2a:ed:77:42:b9:
a0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:FB:49:74:FC:29:B9:C8:00:1D:EF:4A:8C:B2:E3:18:1C:BB:2B:52
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QvtJdPwpucgAHe9KjLLjGBy7K1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2e:93:49:92:73:56:4e:77:76:62:00:4a:14:93:a2:5d:fd:16:
5d:7f:63:c9:c3:7b:58:3e:71:de:29:8b:91:9b:22:05:c6:6a:
10:21:49:88:6b:11:61:13:11:b7:af:9f:91:db:e5:c3:97:8d:
9c:5a:f2:f2:a3:95:ac:b0:d2:c8:9f:d0:16:f3:66:e3:b8:a1:
e0:56:4b:94:c6:dd:75:21:61:ca:42:24:1f:d0:38:fa:f7:23:
e0:1d:b1:21:52:65:99:04:1c:44:69:84:26:9a:a7:6c:01:45:
09:4d:97:c5:0e:91:43:77:62:93:f5:3f:02:9d:db:ec:cd:6b:
b7:8a:75:12:ab:80:ec:95:39:5f:79:e7:c1:95:1d:94:0d:92:
f2:de:8f:d3:0e:d8:7b:52:a3:2b:3e:26:68:c2:63:3c:4a:42:
da:44:52:0d:4c:27:dc:c7:ad:09:48:54:c8:ed:13:da:17:e4:
e1:a7:44:c4:aa:a1:aa:f1:12:e4:61:68:26:60:0b:35:28:a4:
d2:d8:a1:f7:a7:c9:c1:4d:d6:ae:9e:26:96:0e:76:4e:eb:67:
c4:7d:cd:f0:ef:aa:b1:53:d2:d1:07:63:f1:ba:70:13:79:17:
a7:26:5a:f2:cd:c9:56:58:ed:b1:6e:93:b3:b0:0c:0e:0b:8d:
5a:d2:0a:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtAItSU+e+yIM2vdJ+u6xu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE4MDAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmZiNDk3NGZjMjliOWM4MDAxZGVmNGE4Y2IyZTMxODFjYmIyYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwq4N2mRtHZDvQYAmA9ow88E8mRSP
AyI/lUhWPNInTNunbLMLYZC3LhETNTjmWJ/QUEFUR31un2anzS9sbOSRHbi8RmeV
Q4ODX4OwYgBE0XiNpPQ6xx6OaukjYTb6zysDQkYZygPTfj7d26NaKQGRqtj2Li+M
ybu1xGLAgaWkDAueGiokAH6evpQg17mGmw0/taN0P/sEoUNuwkLxGkHkepBD7cLT
d129kjvn43Mc+9oNye7dsboi7GW6L2qav6vkPfC6xCzSgb9tt3R8BX/KvDHGHU5S
0HpZ4aKsEzMSVR8twa1o9AHk+lwunlwR+zK+Dv+a2CjSdch5Ku13Qrmg3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEL7SXT8KbnIAB3vSoyy4xgcuytSMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUXZ0SmRQd3B1Y2dBSGU5S2pMTGpHQnk3SzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC6TSZJzVk53dmIAShST
ol39Fl1/Y8nDe1g+cd4pi5GbIgXGahAhSYhrEWETEbevn5Hb5cOXjZxa8vKjlayw
0sif0BbzZuO4oeBWS5TG3XUhYcpCJB/QOPr3I+AdsSFSZZkEHERphCaap2wBRQlN
l8UOkUN3YpP1PwKd2+zNa7eKdRKrgOyVOV9558GVHZQNkvLej9MO2HtSoys+JmjC
YzxKQtpEUg1MJ9zHrQlIVMjtE9oX5OGnRMSqoarxEuRhaCZgCzUopNLYofenycFN
1q6eJpYOdk7rZ8R9zfDvqrFT0tEHY/G6cBN5F6cmWvLNyVZY7bFuk7OwDA4LjVrS
Chg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:16:49 2025 by rpki-client