Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwJfKWRSlm_xYpZ4-rTXDl3bab0.roa
File: QwJfKWRSlm_xYpZ4-rTXDl3bab0.roa (raw, json)
Hash identifier: DF24fku9nb/eJYa++kaV2Q5x2gbF0fNdnMU90hNtqiA=
Subject key identifier: 43:02:5F:29:64:52:96:6F:F1:62:96:78:FA:B4:D7:0E:5D:DB:69:BD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C04DE3862A99C4CA5275AB3380F449986
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwJfKWRSlm_xYpZ4-rTXDl3bab0.roa
Signing time: Sat 25 Nov 2023 05:05:21 +0000
ROA not before: Sat 25 Nov 2023 05:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:4dd:6471/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:04:de:38:62:a9:9c:4c:a5:27:5a:b3:38:0f:44:99:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 25 05:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43025f296452966ff1629678fab4d70e5ddb69bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e6:22:ac:37:05:c1:7e:20:28:c8:39:8d:8e:
fe:da:83:52:32:91:9f:53:88:b1:d8:96:eb:07:c9:
64:bc:91:10:a9:4d:0c:63:dc:0e:7c:5b:7c:75:ec:
f7:78:74:0f:f1:6b:1b:26:b7:85:78:d0:1d:8f:e0:
2f:cb:eb:38:2b:bb:9c:81:6f:84:6d:0a:7d:ba:47:
dd:7f:20:36:92:ab:98:24:ae:d9:89:5a:57:da:98:
20:2d:a7:71:e9:a3:01:92:74:c8:34:36:d6:f1:41:
23:68:04:c9:d3:3a:a9:90:eb:83:d5:fa:c1:28:bf:
62:99:0f:55:f4:95:18:dd:33:cf:47:46:55:ba:e4:
cb:02:1c:c2:c5:5e:3c:52:cd:d5:30:ea:2b:70:9e:
66:5a:7a:fc:6f:ab:22:f5:e5:ef:8c:e2:38:2b:98:
b4:01:67:e6:5c:e6:68:30:97:7f:da:12:48:de:ec:
64:1b:49:41:e5:5b:38:75:0c:00:d7:3b:bc:b1:41:
ca:ae:e3:57:b0:a3:c0:8e:39:fa:94:bf:03:f8:d2:
1a:f2:9a:ff:79:ee:c8:e7:1a:ba:4e:f9:a9:e5:b3:
90:7e:ae:35:d9:7b:61:25:17:c3:fa:20:8e:6b:e2:
85:5a:3a:28:f5:63:00:56:cd:85:c8:78:48:4f:c4:
55:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:02:5F:29:64:52:96:6F:F1:62:96:78:FA:B4:D7:0E:5D:DB:69:BD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwJfKWRSlm_xYpZ4-rTXDl3bab0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:d0:a2:1e:5d:a8:1c:1b:77:7b:9b:a3:8c:ab:9d:84:83:94:
e3:40:d1:97:5b:8c:7f:4b:70:e8:bf:ce:f0:7a:d1:50:ce:57:
fd:28:e5:cd:a2:df:d1:b7:d4:79:da:c9:5e:5d:0b:51:0d:95:
8f:87:2d:08:1a:e7:33:a2:48:d0:15:c7:b9:ed:4e:fb:63:eb:
29:98:81:ed:00:37:18:ff:9a:3c:ca:a1:e1:3c:b1:17:39:2d:
6d:92:25:f4:ec:f6:b3:a8:e6:6a:cb:44:6b:0e:ea:82:43:96:
ef:77:0f:75:12:2a:77:24:a4:e3:4a:2c:c4:b1:de:01:aa:c0:
12:10:88:ba:ee:eb:5f:fd:5c:4d:86:eb:c4:e5:c4:dd:f3:5e:
3b:c6:7a:e0:32:f2:94:fa:cd:59:f0:11:77:9e:d1:fd:25:2a:
6d:e8:61:29:c8:dc:de:71:10:0f:c1:cb:fb:a4:7f:b9:50:5b:
44:df:f2:7e:b1:b7:88:88:60:10:9a:a2:58:a9:d1:0d:e0:b4:
d7:c7:26:d9:fc:0e:7f:d0:e3:da:b8:2f:7e:6d:62:7b:60:7d:
b4:4a:b3:24:df:77:98:9f:11:6d:e5:70:ad:31:14:c2:c7:bf:
ce:56:2c:cb:97:06:b3:f7:c2:0f:15:dc:ab:1c:2a:d6:c5:a0:
79:c1:71:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwE3jhiqZxMpSdaszgPRJmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI1MDUwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzAyNWYyOTY0NTI5NjZmZjE2Mjk2NzhmYWI0ZDcwZTVkZGI2OWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuYirDcFwX4gKMg5jY7+2oNSMpGf
U4ix2JbrB8lkvJEQqU0MY9wOfFt8dez3eHQP8WsbJreFeNAdj+Avy+s4K7ucgW+E
bQp9ukfdfyA2kquYJK7ZiVpX2pggLadx6aMBknTINDbW8UEjaATJ0zqpkOuD1frB
KL9imQ9V9JUY3TPPR0ZVuuTLAhzCxV48Us3VMOorcJ5mWnr8b6si9eXvjOI4K5i0
AWfmXOZoMJd/2hJI3uxkG0lB5Vs4dQwA1zu8sUHKruNXsKPAjjn6lL8D+NIa8pr/
ee7I5xq6Tvmp5bOQfq412XthJRfD+iCOa+KFWjoo9WMAVs2FyHhIT8RV9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEMCXylkUpZv8WKWePq01w5d22m9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUXdKZktXUlNsbV94WXBaNC1yVFhEbDNiYWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIzQoh5dqBwbd3ubo4yr
nYSDlONA0ZdbjH9LcOi/zvB60VDOV/0o5c2i39G31HnayV5dC1ENlY+HLQga5zOi
SNAVx7ntTvtj6ymYge0ANxj/mjzKoeE8sRc5LW2SJfTs9rOo5mrLRGsO6oJDlu93
D3USKnckpONKLMSx3gGqwBIQiLru61/9XE2G68TlxN3zXjvGeuAy8pT6zVnwEXee
0f0lKm3oYSnI3N5xEA/By/ukf7lQW0Tf8n6xt4iIYBCaolip0Q3gtNfHJtn8Dn/Q
49q4L35tYntgfbRKsyTfd5ifEW3lcK0xFMLHv85WLMuXBrP3wg8V3KscKtbFoHnB
cdM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:09:24 2025 by rpki-client