Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwGZxEjvokzRFAALRvUoxvzqhiA.roa
File: QwGZxEjvokzRFAALRvUoxvzqhiA.roa (raw, json)
Hash identifier: QTVMEq59SGtz5t+OJNHLCNHfetXSqJ9LNXBIKIXUh6o=
Subject key identifier: 43:01:99:C4:48:EF:A2:4C:D1:14:00:0B:46:F5:28:C6:FC:EA:86:20
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF3BD1CA64D3589CFE7FD656FD60C16AF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwGZxEjvokzRFAALRvUoxvzqhiA.roa
Signing time: Tue 03 Oct 2023 04:12:51 +0000
ROA not before: Tue 03 Oct 2023 04:12:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f3:bd:1c:a6:4d:35:89:cf:e7:fd:65:6f:d6:0c:16:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 04:12:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=430199c448efa24cd114000b46f528c6fcea8620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7e:6c:c4:a8:d4:06:3e:34:5c:14:fb:70:3b:
48:46:65:54:ca:ab:83:f6:ab:fa:0a:d6:eb:2a:a9:
f4:72:90:ca:ea:31:51:2a:c0:9f:d1:9f:2e:27:5b:
2b:cf:bd:39:85:98:69:3f:c0:f0:24:63:72:63:9e:
2d:a7:2c:8a:a9:82:e8:29:db:c5:35:cc:c2:da:bc:
95:7f:99:73:17:53:fa:14:20:13:19:1f:ca:7b:c6:
81:48:72:26:4e:c5:6c:6a:c7:e8:63:f5:fa:89:7e:
18:f6:fc:13:4f:4f:11:f8:73:84:4a:81:56:41:b2:
5e:01:c7:3e:19:67:37:b8:04:34:75:fa:12:de:28:
b3:eb:a2:cd:f0:5a:bb:07:c7:16:1f:da:7c:f4:76:
de:70:d3:d6:ae:e9:c3:3c:a4:69:8a:84:4c:61:fe:
a2:d1:2d:fa:0c:bc:ef:ec:6c:a9:6e:86:de:79:6b:
9a:72:82:ec:47:de:da:db:c8:69:ea:01:97:8f:7e:
e4:15:03:6a:66:db:9c:12:c8:a8:ad:23:cd:bc:0b:
0f:5b:77:4e:02:b1:5f:98:eb:3b:9a:70:6d:26:5b:
bd:fa:4e:e1:ae:c8:2e:34:bf:2e:7d:3c:0c:a6:80:
64:da:5e:25:49:17:07:27:94:b4:8e:28:53:16:31:
3c:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:01:99:C4:48:EF:A2:4C:D1:14:00:0B:46:F5:28:C6:FC:EA:86:20
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwGZxEjvokzRFAALRvUoxvzqhiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:70:2c:65:cc:ad:3d:c6:d8:69:16:08:2b:db:b0:1a:17:ea:
45:3b:f3:58:56:60:bc:8c:77:74:cf:db:0d:1b:3e:78:21:c4:
dc:d5:e4:9c:b2:4c:1c:c9:5e:b0:43:39:9c:4f:86:b6:53:e9:
dc:c2:7e:30:2e:26:ea:b8:b0:05:77:d6:ba:fa:2f:fb:9f:fc:
88:34:68:92:25:e4:d7:51:da:65:ed:f0:db:38:f0:ce:f2:ee:
d1:8a:c3:88:e6:6d:da:fa:b4:c5:ef:29:ed:ab:78:84:89:3d:
f5:e0:a7:9e:7c:09:b3:e2:d2:a7:aa:8e:48:2f:b1:be:49:07:
d2:6a:03:7d:76:dc:5a:fd:8e:03:dd:e9:06:da:85:21:ff:1d:
c9:87:ab:6e:a2:05:ec:11:fe:51:64:68:05:bf:f4:25:ae:25:
bc:f5:8a:db:4c:91:73:ec:cd:9e:fc:2e:7e:0f:e5:ae:ba:aa:
c2:62:1a:3c:c3:c2:0c:19:b5:f7:41:3c:d6:8b:2c:a4:bd:f9:
44:19:5d:dc:89:bf:16:df:a8:db:08:b3:ae:78:7d:2b:d5:90:
9d:14:ed:f0:49:bc:ac:2b:17:b4:58:3f:7b:c2:da:82:1f:54:
cb:4e:77:d1:54:5a:48:4c:09:96:00:78:0c:ec:8d:24:2f:ff:
d2:17:ce:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrzvRymTTWJz+f9ZW/WDBavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMDQxMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzAxOTljNDQ4ZWZhMjRjZDExNDAwMGI0NmY1MjhjNmZjZWE4NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsH5sxKjUBj40XBT7cDtIRmVUyquD
9qv6CtbrKqn0cpDK6jFRKsCf0Z8uJ1srz705hZhpP8DwJGNyY54tpyyKqYLoKdvF
NczC2ryVf5lzF1P6FCATGR/Ke8aBSHImTsVsasfoY/X6iX4Y9vwTT08R+HOESoFW
QbJeAcc+GWc3uAQ0dfoS3iiz66LN8Fq7B8cWH9p89HbecNPWrunDPKRpioRMYf6i
0S36DLzv7GypbobeeWuacoLsR97a28hp6gGXj37kFQNqZtucEsiorSPNvAsPW3dO
ArFfmOs7mnBtJlu9+k7hrsguNL8ufTwMpoBk2l4lSRcHJ5S0jihTFjE8YQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEMBmcRI76JM0RQAC0b1KMb86oYgMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUXdHWnhFanZva3pSRkFBTFJ2VW94dnpxaGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNwLGXMrT3G2GkWCCvb
sBoX6kU781hWYLyMd3TP2w0bPnghxNzV5JyyTBzJXrBDOZxPhrZT6dzCfjAuJuq4
sAV31rr6L/uf/Ig0aJIl5NdR2mXt8Ns48M7y7tGKw4jmbdr6tMXvKe2reISJPfXg
p558CbPi0qeqjkgvsb5JB9JqA3123Fr9jgPd6QbahSH/HcmHq26iBewR/lFkaAW/
9CWuJbz1ittMkXPszZ78Ln4P5a66qsJiGjzDwgwZtfdBPNaLLKS9+UQZXdyJvxbf
qNsIs654fSvVkJ0U7fBJvKwrF7RYP3vC2oIfVMtOd9FUWkhMCZYAeAzsjSQv/9IX
zn8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:27:09 2025 by rpki-client