Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aqZKOIqoQ-NVylHjoqIOjl-LgjM.roa
File: aqZKOIqoQ-NVylHjoqIOjl-LgjM.roa (raw, json)
Hash identifier: 5X0rBs1duZUEfVgu9GrLzBO34nGX5sNYSdfAgd18XFE=
Subject key identifier: 6A:A6:4A:38:8A:A8:43:E3:55:CA:51:E3:A2:A2:0E:8E:5F:8B:82:33
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C420D92583A4D22509C5A25C20CE8209C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aqZKOIqoQ-NVylHjoqIOjl-LgjM.roa
Signing time: Thu 07 Dec 2023 02:13:54 +0000
ROA not before: Thu 07 Dec 2023 02:13:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:42:0d:92:58:3a:4d:22:50:9c:5a:25:c2:0c:e8:20:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 02:13:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6aa64a388aa843e355ca51e3a2a20e8e5f8b8233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:36:4a:7c:a4:b4:bc:ab:6e:6f:52:0e:f7:d7:
3a:7c:0c:ce:d7:25:f9:25:59:b8:db:e4:44:7b:6e:
3e:1d:54:0f:10:19:8e:ac:c5:91:8e:6d:a8:43:a5:
bc:32:24:e5:2d:3c:cc:ab:40:c7:6d:1d:a5:7f:a4:
d3:66:1d:c8:c8:c5:7c:78:9f:ac:a7:a5:6d:c0:cd:
ac:88:70:09:85:e4:55:4a:64:34:00:63:55:a5:b0:
ca:ae:f7:87:32:d9:6f:b9:9f:1b:ac:a5:78:16:79:
95:2c:a3:fe:2f:32:bc:13:77:89:84:12:98:14:28:
f1:ec:d9:2a:3a:ab:34:8a:e4:c5:19:f9:16:b5:b3:
96:25:f5:7a:16:d2:6c:33:77:7c:3e:40:ac:0e:97:
1b:60:d3:c3:be:c6:95:71:67:0d:13:00:e7:02:07:
7a:14:cf:e8:97:d1:8c:7f:c0:99:e9:04:e4:3b:1e:
65:81:96:bf:eb:8f:7f:0b:77:7d:fa:79:77:07:9c:
12:6c:97:a4:61:ff:32:f5:a3:f7:df:95:06:75:b0:
ff:8a:e4:cd:52:88:41:6f:41:18:6a:a9:02:12:49:
58:6d:1a:b8:f9:ec:59:b1:1d:17:7a:1f:87:03:68:
db:77:61:80:8f:30:21:62:73:e2:aa:62:76:2b:60:
7c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A6:4A:38:8A:A8:43:E3:55:CA:51:E3:A2:A2:0E:8E:5F:8B:82:33
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/aqZKOIqoQ-NVylHjoqIOjl-LgjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:0c:0e:9b:d5:2a:1b:16:a5:90:71:04:53:fe:a6:f9:9a:66:
31:6a:69:a7:ef:d7:72:8c:ad:ae:00:8a:ac:4d:0e:d6:b1:e1:
04:e6:31:b9:f6:f7:c9:f3:d4:8f:d2:55:b6:67:12:a9:b1:28:
fb:96:de:53:93:98:45:f9:93:36:5c:1b:0e:a2:c5:e0:4f:78:
f3:20:2c:3d:54:80:68:26:3e:96:a0:d7:db:68:f1:e9:a9:0b:
83:f6:c8:65:38:cc:e3:0d:6f:05:85:2e:e5:65:38:36:77:16:
12:7f:1e:f2:d8:19:b9:70:91:e7:ab:2e:98:3e:79:71:f1:bf:
66:67:a3:20:7d:7f:3b:47:f9:78:6f:b8:eb:ee:e3:0a:68:98:
9d:ff:a8:2b:6a:c7:38:84:0f:0a:48:18:ad:72:ac:7c:1a:7e:
bd:30:12:31:62:b9:8c:bf:63:09:17:b2:98:26:12:49:51:d6:
00:88:e6:c6:4a:6c:0b:58:5b:0e:1a:ba:a6:0d:9f:c7:ff:2c:
87:62:33:b6:0e:cd:7a:84:45:58:1f:2c:ad:f8:3b:32:f4:6f:
16:59:0b:69:c3:6a:9d:df:9e:53:b5:83:8a:91:58:e0:6a:f5:
5d:b7:93:15:89:0e:e9:03:4d:ac:9e:d3:0c:d6:c7:a6:51:5a:
52:42:1b:d7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxCDZJYOk0iUJxaJcIM6CCcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MDIxMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE2NGEzODhhYTg0M2UzNTVjYTUxZTNhMmEyMGU4ZTVmOGI4MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTZKfKS0vKtub1IO99c6fAzO1yX5
JVm42+REe24+HVQPEBmOrMWRjm2oQ6W8MiTlLTzMq0DHbR2lf6TTZh3IyMV8eJ+s
p6VtwM2siHAJheRVSmQ0AGNVpbDKrveHMtlvuZ8brKV4FnmVLKP+LzK8E3eJhBKY
FCjx7NkqOqs0iuTFGfkWtbOWJfV6FtJsM3d8PkCsDpcbYNPDvsaVcWcNEwDnAgd6
FM/ol9GMf8CZ6QTkOx5lgZa/649/C3d9+nl3B5wSbJekYf8y9aP335UGdbD/iuTN
UohBb0EYaqkCEklYbRq4+exZsR0Xeh+HA2jbd2GAjzAhYnPiqmJ2K2B8KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGqmSjiKqEPjVcpR46KiDo5fi4IzMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYXFaS09JcW9RLU5WeWxIam9xSU9qbC1MZ2pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACEMDpvVKhsWpZBxBFP+
pvmaZjFqaafv13KMra4AiqxNDtax4QTmMbn298nz1I/SVbZnEqmxKPuW3lOTmEX5
kzZcGw6ixeBPePMgLD1UgGgmPpag19to8empC4P2yGU4zOMNbwWFLuVlODZ3FhJ/
HvLYGblwkeerLpg+eXHxv2ZnoyB9fztH+XhvuOvu4wpomJ3/qCtqxziEDwpIGK1y
rHwafr0wEjFiuYy/YwkXspgmEklR1gCI5sZKbAtYWw4auqYNn8f/LIdiM7YOzXqE
RVgfLK34OzL0bxZZC2nDap3fnlO1g4qRWOBq9V23kxWJDukDTaye0wzWx6ZRWlJC
G9c=
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:50:52 2025 by rpki-client