Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VQZOS7ueFDSVZL2of_HjX6VW2FY.roa
File: VQZOS7ueFDSVZL2of_HjX6VW2FY.roa (raw, json)
Hash identifier: TY5b7UBeUfs3qtZNP0kw853PQJwfgRljpPmnLunz4lI=
Subject key identifier: 55:06:4E:4B:BB:9E:14:34:95:64:BD:A8:7F:F1:E3:5F:A5:56:D8:56
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACD1FA3F6DB4009DC8CC345C1476B686C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VQZOS7ueFDSVZL2of_HjX6VW2FY.roa
Signing time: Mon 25 Sep 2023 16:15:17 +0000
ROA not before: Mon 25 Sep 2023 16:15:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:1f:a3:f6:db:40:09:dc:8c:c3:45:c1:47:6b:68:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 16:15:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=55064e4bbb9e14349564bda87ff1e35fa556d856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:68:d4:2a:28:26:7f:97:cb:6f:61:8c:a4:78:
c5:3f:53:7a:75:b2:f3:e3:5c:34:78:8a:ea:c4:14:
1b:27:8b:d1:f0:db:ba:6b:1a:4d:28:5e:10:3d:9b:
e6:2d:f7:ae:0e:99:34:88:79:fc:2a:8d:c2:fb:24:
0e:b0:90:9f:31:8a:af:fd:0f:57:95:bb:91:ad:04:
ce:4e:bf:66:05:85:e1:24:da:93:bc:93:7f:9a:28:
ae:b4:25:a6:9b:44:bb:1e:e2:8a:0b:07:1a:68:f8:
82:99:72:36:f4:a2:c4:06:79:22:2e:1f:a4:0c:e3:
04:43:e6:13:c9:35:c1:da:45:13:ea:b5:8b:b3:a2:
a8:e9:86:c5:69:27:b4:41:50:0e:6f:4c:bb:e4:26:
4b:7c:8b:b8:88:21:dc:0b:a5:8a:d5:13:d6:4b:d1:
b6:6a:90:b7:05:f4:4a:7e:b0:1c:42:7d:58:8e:35:
44:ee:e3:9c:a5:84:90:53:57:3e:78:b9:ff:70:86:
8d:2c:38:b0:29:a9:7b:87:e7:a6:4d:d0:cd:8a:64:
07:e2:7c:c1:ca:4a:30:79:ab:c9:d1:38:45:b9:27:
64:44:71:f8:d9:9c:e3:7f:41:ac:77:b2:73:e2:fb:
ef:cb:0a:1b:ca:e1:b3:cc:35:f7:da:fc:ec:09:fc:
29:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:06:4E:4B:BB:9E:14:34:95:64:BD:A8:7F:F1:E3:5F:A5:56:D8:56
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/VQZOS7ueFDSVZL2of_HjX6VW2FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:af:aa:83:96:30:60:7d:b1:45:be:4a:be:e9:57:96:63:1b:
08:a0:55:1a:57:a7:cc:a0:50:f2:43:fa:06:5c:b5:93:d5:e1:
6d:1e:76:10:70:00:b1:76:ca:ae:00:b3:a8:97:d4:e5:94:fd:
86:05:09:6e:c7:a5:37:67:38:72:24:9e:e5:43:e3:86:ac:34:
c9:d0:b2:2c:0a:d7:8c:c0:51:70:b5:de:1e:84:05:03:6c:a2:
c9:87:12:c1:e3:6e:34:aa:16:4f:7f:03:22:37:20:88:1b:49:
d2:f4:2d:5a:f0:83:31:61:0c:01:f9:7a:98:92:18:95:65:f2:
31:37:61:25:ed:80:3f:35:87:3f:17:02:96:65:a6:6b:98:24:
44:38:7f:d9:c7:e4:00:f4:cd:77:20:7f:6d:c5:4a:4c:50:0f:
eb:04:e5:c7:a2:46:9d:70:03:0c:fe:6b:0a:d5:1b:ac:e2:40:
12:83:d6:90:b5:bc:96:42:5c:58:bb:4c:b9:7f:73:31:de:45:
39:dc:09:19:b4:d1:80:af:96:ed:ef:b4:da:ef:d3:d7:7f:e3:
c9:4e:bb:a4:49:02:e0:81:4a:61:ff:1a:e6:a6:88:31:33:c0:
c1:78:99:bc:08:bf:32:fc:07:9b:87:a7:c2:e7:9c:c3:8b:e8:
61:39:c4:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrNH6P220AJ3IzDRcFHa2hsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MTYxNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTA2NGU0YmJiOWUxNDM0OTU2NGJkYTg3ZmYxZTM1ZmE1NTZkODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWjUKigmf5fLb2GMpHjFP1N6dbLz
41w0eIrqxBQbJ4vR8Nu6axpNKF4QPZvmLfeuDpk0iHn8Ko3C+yQOsJCfMYqv/Q9X
lbuRrQTOTr9mBYXhJNqTvJN/miiutCWmm0S7HuKKCwcaaPiCmXI29KLEBnkiLh+k
DOMEQ+YTyTXB2kUT6rWLs6Ko6YbFaSe0QVAOb0y75CZLfIu4iCHcC6WK1RPWS9G2
apC3BfRKfrAcQn1YjjVE7uOcpYSQU1c+eLn/cIaNLDiwKal7h+emTdDNimQH4nzB
ykoweavJ0ThFuSdkRHH42Zzjf0Gsd7Jz4vvvywobyuGzzDX32vzsCfwpLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFUGTku7nhQ0lWS9qH/x41+lVthWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVlFaT1M3dWVGRFNWWkwyb2ZfSGpYNlZXMkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHWvqoOWMGB9sUW+Sr7p
V5ZjGwigVRpXp8ygUPJD+gZctZPV4W0edhBwALF2yq4As6iX1OWU/YYFCW7HpTdn
OHIknuVD44asNMnQsiwK14zAUXC13h6EBQNsosmHEsHjbjSqFk9/AyI3IIgbSdL0
LVrwgzFhDAH5epiSGJVl8jE3YSXtgD81hz8XApZlpmuYJEQ4f9nH5AD0zXcgf23F
SkxQD+sE5ceiRp1wAwz+awrVG6ziQBKD1pC1vJZCXFi7TLl/czHeRTncCRm00YCv
lu3vtNrv09d/48lOu6RJAuCBSmH/GuamiDEzwMF4mbwIvzL8B5uHp8LnnMOL6GE5
xKQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:29 2025 by rpki-client