Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aQyQn5J5-C8Rwyhc9vkEsvLtSd0.roa
File: aQyQn5J5-C8Rwyhc9vkEsvLtSd0.roa (raw, json)
Hash identifier: BHGFpTwlxAuJukd4fQOJ0k9N0XTO5Y41SGxZpPw8VEs=
Subject key identifier: 69:0C:90:9F:92:79:F8:2F:11:C3:28:5C:F6:F9:04:B2:F2:ED:49:DD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACA8CAE7C1CE505A7CA0972845D7983D7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aQyQn5J5-C8Rwyhc9vkEsvLtSd0.roa
Signing time: Mon 25 Sep 2023 04:15:31 +0000
ROA not before: Mon 25 Sep 2023 04:15:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ca:8c:ae:7c:1c:e5:05:a7:ca:09:72:84:5d:79:83:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 04:15:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=690c909f9279f82f11c3285cf6f904b2f2ed49dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a8:59:c8:47:2d:c7:94:a7:dc:6d:7f:ac:8f:
18:16:5c:c5:fd:52:d1:11:d7:f6:63:70:8e:6d:20:
ef:01:92:cd:25:12:6b:1a:81:7f:9f:d5:2d:29:58:
c3:27:6b:d4:7e:f8:53:28:3e:5e:1a:30:e2:f0:06:
ac:ed:54:7a:d1:73:b9:d4:5b:e2:7c:4c:0d:cf:fb:
5d:18:3a:19:6f:82:8b:ea:82:00:1f:24:05:83:ca:
70:03:80:b7:bb:24:83:72:41:b4:f1:e3:58:70:34:
b0:99:95:eb:ff:92:ab:84:ca:0f:a4:37:39:0f:7c:
d3:e2:81:0b:4d:f4:cf:a8:11:cf:d1:3a:af:8a:2e:
d3:96:96:11:d9:ab:17:f8:16:90:56:9d:11:32:f4:
5e:5c:ea:f2:ab:5a:a2:0a:d8:2e:b8:5e:23:65:27:
9d:5c:3f:6a:ff:06:5b:d2:21:58:ef:64:b8:91:ba:
de:98:d8:41:24:bd:23:55:9b:c7:2c:55:9f:4e:9f:
46:85:5b:de:cf:1d:e4:29:b8:2f:dc:64:a3:bd:37:
b9:3d:96:a6:dd:39:c3:81:a2:ba:11:cd:b1:d1:77:
9d:1f:28:fd:af:57:de:37:1c:19:17:0b:65:8a:0f:
df:e4:93:81:c1:8f:a5:86:16:a1:16:57:5f:ae:77:
ca:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:0C:90:9F:92:79:F8:2F:11:C3:28:5C:F6:F9:04:B2:F2:ED:49:DD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aQyQn5J5-C8Rwyhc9vkEsvLtSd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:95:12:eb:47:af:57:d3:29:6b:ed:f4:16:a3:82:ef:76:64:
87:8d:0e:44:69:82:1b:b0:be:24:09:18:8e:f2:41:75:b8:77:
6d:e1:e3:37:69:f8:21:aa:e8:27:ad:38:15:6f:b1:1a:94:2d:
0f:05:54:30:bf:ab:98:1c:d7:08:a1:46:32:aa:e1:d0:ce:69:
20:da:86:a6:00:be:10:20:0c:06:ed:73:0e:f4:f4:3d:be:6c:
96:cd:0b:d7:00:3e:21:79:5b:01:3d:4b:08:47:fe:64:d2:f6:
65:d4:12:4e:74:76:ff:62:bd:de:83:41:77:cb:ce:d8:ff:6b:
e4:b8:5d:9e:15:9c:88:17:99:60:75:4b:01:18:9e:00:df:8f:
1c:6a:e1:7c:a2:50:17:5a:25:7a:0f:ab:06:1f:84:20:75:70:
12:30:f9:6c:33:dd:0a:fe:e2:3a:97:91:be:1b:d5:f6:46:e8:
fc:73:9b:c8:ab:c2:28:97:ef:31:42:78:e3:0a:08:d1:31:3a:
4e:0f:d2:47:ce:67:2c:d4:a8:a0:96:68:ff:65:ae:60:a2:2d:
ca:cc:e3:a4:63:9f:bc:f9:b9:87:46:08:4c:71:bb:98:2b:05:
90:ba:db:b9:bf:91:bf:71:a3:08:9b:0e:68:32:83:c2:6b:9c:
e4:6f:5e:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrKjK58HOUFp8oJcoRdeYPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MDQxNTMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTBjOTA5ZjkyNzlmODJmMTFjMzI4NWNmNmY5MDRiMmYyZWQ0OWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ahZyEctx5Sn3G1/rI8YFlzF/VLR
Edf2Y3CObSDvAZLNJRJrGoF/n9UtKVjDJ2vUfvhTKD5eGjDi8Aas7VR60XO51Fvi
fEwNz/tdGDoZb4KL6oIAHyQFg8pwA4C3uySDckG08eNYcDSwmZXr/5KrhMoPpDc5
D3zT4oELTfTPqBHP0Tqvii7TlpYR2asX+BaQVp0RMvReXOryq1qiCtguuF4jZSed
XD9q/wZb0iFY72S4kbremNhBJL0jVZvHLFWfTp9GhVvezx3kKbgv3GSjvTe5PZam
3TnDgaK6Ec2x0XedHyj9r1feNxwZFwtlig/f5JOBwY+lhhahFldfrnfKgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGkMkJ+SefgvEcMoXPb5BLLy7UndMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYVF5UW41SjUtQzhSd3loYzl2a0Vzdkx0U2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADuVEutHr1fTKWvt9Baj
gu92ZIeNDkRpghuwviQJGI7yQXW4d23h4zdp+CGq6CetOBVvsRqULQ8FVDC/q5gc
1wihRjKq4dDOaSDahqYAvhAgDAbtcw709D2+bJbNC9cAPiF5WwE9SwhH/mTS9mXU
Ek50dv9ivd6DQXfLztj/a+S4XZ4VnIgXmWB1SwEYngDfjxxq4XyiUBdaJXoPqwYf
hCB1cBIw+Wwz3Qr+4jqXkb4b1fZG6Pxzm8irwiiX7zFCeOMKCNExOk4P0kfOZyzU
qKCWaP9lrmCiLcrM46Rjn7z5uYdGCExxu5grBZC627m/kb9xowibDmgyg8JrnORv
XgA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:22:47 2025 by rpki-client