Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bq8QFHonlHNp1o89TU5BHfNj-5o.roa
File: bq8QFHonlHNp1o89TU5BHfNj-5o.roa (raw, json)
Hash identifier: 4pHCkRWKXVJfM6+MtSBoynBzNqvrFkiDCt9LsvHyQK4=
Subject key identifier: 6E:AF:10:14:7A:27:94:73:69:D6:8F:3D:4D:4E:41:1D:F3:63:FB:9A
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9A3E9C2D433AB1C9E7D86EA178AADCEB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bq8QFHonlHNp1o89TU5BHfNj-5o.roa
Signing time: Sat 04 Nov 2023 12:11:16 +0000
ROA not before: Sat 04 Nov 2023 12:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9a:3e:9c:2d:43:3a:b1:c9:e7:d8:6e:a1:78:aa:dc:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 12:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eaf10147a27947369d68f3d4d4e411df363fb9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4d:47:bd:0f:86:3d:2c:c0:b9:a6:6c:ca:bf:
94:41:74:c2:56:95:ac:f9:e5:2b:85:94:21:ec:48:
e4:e9:fb:f6:23:2c:43:66:5a:bb:d5:a0:e3:dc:4e:
e3:32:d1:40:c8:23:98:e9:0d:17:e3:d4:dc:18:3f:
58:e8:76:8f:d0:e0:7b:4a:c0:2d:ec:f1:79:af:15:
14:14:a4:40:a2:24:13:37:24:85:25:b3:29:0a:13:
b7:3a:26:44:e0:cc:46:4e:44:3e:2d:6e:0a:68:0a:
a8:7c:66:e4:0b:f9:1a:61:a3:4e:f2:39:64:5c:59:
c7:7c:b3:fb:8c:2c:32:21:9b:72:43:35:e0:ef:1e:
f6:75:65:4d:dd:37:ed:2f:7c:4c:83:6a:c3:4b:df:
9d:2e:cc:00:3e:72:1c:3b:80:e0:96:63:73:ac:96:
6b:f8:d5:7e:ef:36:4c:fe:d9:48:ed:55:0d:04:f6:
a0:86:4e:58:c8:33:37:09:ad:3c:2a:e6:df:3c:86:
60:b1:36:04:87:f0:cd:56:23:4e:a3:38:5f:f2:fd:
63:ce:ac:56:6c:2d:8f:15:f3:f6:62:eb:73:6f:0c:
1c:54:14:4b:50:8c:63:d6:fd:15:c3:61:c5:0c:73:
79:51:0a:a7:e9:97:92:68:4a:8c:73:3a:7a:a2:8d:
89:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AF:10:14:7A:27:94:73:69:D6:8F:3D:4D:4E:41:1D:F3:63:FB:9A
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bq8QFHonlHNp1o89TU5BHfNj-5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:92:5f:9d:40:d9:72:43:a4:85:db:5a:39:30:58:48:22:ff:
c5:74:99:5b:0d:9c:72:eb:9a:5b:cb:7b:28:38:1f:3f:d9:01:
d1:d7:43:91:26:1c:f0:6e:12:c9:f2:0d:1d:07:3b:11:71:fe:
c7:ec:44:70:e1:0b:71:58:da:9e:52:aa:04:84:41:ed:c9:e5:
c2:81:ad:87:2d:c5:10:2b:84:fe:2f:f8:3a:a0:3d:23:3e:74:
2e:e7:45:12:05:3b:62:8b:28:6a:5c:c8:5a:cc:90:66:b8:7d:
e7:0f:38:db:51:d3:aa:b5:2c:46:e7:f5:75:ad:04:c3:6a:62:
09:3d:11:9a:6d:77:bc:7b:d6:bb:b2:cf:fb:ff:78:64:65:d0:
77:1c:e6:04:ff:dd:d7:13:90:29:2c:cd:6d:e3:01:ce:ff:f3:
09:9a:82:89:5c:a1:99:fe:34:63:d6:fb:6a:77:d3:cc:af:a2:
91:64:56:f2:e3:8b:21:30:b5:ff:09:1f:82:05:f0:a2:1e:eb:
1b:e5:39:90:e3:77:f3:06:26:bf:ad:42:88:8b:bd:e4:c8:c5:
b9:cc:eb:54:8b:7c:e5:de:96:6f:f5:d1:3f:67:cc:6f:86:84:
36:03:f0:3e:6a:4d:7b:eb:cc:bf:b8:9d:71:f2:c6:41:2d:62:
6e:bb:83:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuaPpwtQzqxyefYbqF4qtzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MTIxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWFmMTAxNDdhMjc5NDczNjlkNjhmM2Q0ZDRlNDExZGYzNjNmYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjE1HvQ+GPSzAuaZsyr+UQXTCVpWs
+eUrhZQh7Ejk6fv2IyxDZlq71aDj3E7jMtFAyCOY6Q0X49TcGD9Y6HaP0OB7SsAt
7PF5rxUUFKRAoiQTNySFJbMpChO3OiZE4MxGTkQ+LW4KaAqofGbkC/kaYaNO8jlk
XFnHfLP7jCwyIZtyQzXg7x72dWVN3TftL3xMg2rDS9+dLswAPnIcO4DglmNzrJZr
+NV+7zZM/tlI7VUNBPaghk5YyDM3Ca08KubfPIZgsTYEh/DNViNOozhf8v1jzqxW
bC2PFfP2YutzbwwcVBRLUIxj1v0Vw2HFDHN5UQqn6ZeSaEqMczp6oo2JQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG6vEBR6J5RzadaPPU1OQR3zY/uaMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYnE4UUZIb25sSE5wMW84OVRVNUJIZk5qLTVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABaSX51A2XJDpIXbWjkw
WEgi/8V0mVsNnHLrmlvLeyg4Hz/ZAdHXQ5EmHPBuEsnyDR0HOxFx/sfsRHDhC3FY
2p5SqgSEQe3J5cKBrYctxRArhP4v+DqgPSM+dC7nRRIFO2KLKGpcyFrMkGa4fecP
ONtR06q1LEbn9XWtBMNqYgk9EZptd7x71ruyz/v/eGRl0Hcc5gT/3dcTkCkszW3j
Ac7/8wmagolcoZn+NGPW+2p308yvopFkVvLjiyEwtf8JH4IF8KIe6xvlOZDjd/MG
Jr+tQoiLveTIxbnM61SLfOXelm/10T9nzG+GhDYD8D5qTXvrzL+4nXHyxkEtYm67
g2Q=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:14:09 2025 by rpki-client