Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dQXXlaLqdMQJgQd-KCDwL6iqzIk.roa
File: dQXXlaLqdMQJgQd-KCDwL6iqzIk.roa (raw, json)
Hash identifier: qODl+qjhwwAAVtqL57Ha8pkueI6bnVjMg01EjkbiaTM=
Subject key identifier: 75:05:D7:95:A2:EA:74:C4:09:81:07:7E:28:20:F0:2F:A8:AA:CC:89
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B5AB9ED13C0E68FA8CE20091B61CBFE79
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dQXXlaLqdMQJgQd-KCDwL6iqzIk.roa
Signing time: Mon 23 Oct 2023 04:10:16 +0000
ROA not before: Mon 23 Oct 2023 04:10:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5a:b9:ed:13:c0:e6:8f:a8:ce:20:09:1b:61:cb:fe:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 23 04:10:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7505d795a2ea74c40981077e2820f02fa8aacc89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:41:00:88:55:e0:35:b9:07:99:49:e6:bd:28:
7b:45:21:4e:bb:2e:b4:63:91:05:0a:a6:67:39:9b:
21:e8:79:c6:2e:e1:d5:ee:31:ef:06:9d:f7:6e:fa:
2e:61:d8:7e:28:07:31:d9:3f:fd:51:29:90:d8:24:
27:32:7d:4f:8a:e8:93:1f:61:42:54:e9:07:5c:a1:
63:e1:97:14:d6:7e:69:16:b4:22:ea:88:40:ec:e6:
1c:43:39:8c:f7:87:7d:30:c0:4c:e7:54:84:64:da:
9b:90:25:b9:3d:41:7e:72:9c:f3:18:e6:10:25:63:
4f:2d:46:a6:1a:12:94:4c:05:bd:b5:17:b4:3a:f3:
b0:6c:72:50:ba:f5:07:c5:cf:2c:01:d0:da:e2:40:
99:0a:d5:c4:d7:1d:55:91:0c:bd:ba:b5:3b:1a:0b:
54:31:09:c6:87:33:4c:ca:e1:16:f0:7f:6d:42:b9:
10:df:bd:e5:37:63:9c:d0:42:85:9b:5a:ec:92:7a:
89:06:49:fa:51:33:fa:9c:af:da:d0:ac:bc:ad:eb:
29:d9:f3:f7:ec:54:c3:f6:a3:fd:cd:6f:0b:e5:59:
9f:c5:be:b9:0b:bb:f3:1c:83:75:8b:08:cc:a4:fb:
f7:51:83:40:b4:ab:70:a8:6b:c4:ea:ec:60:49:4f:
fa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:05:D7:95:A2:EA:74:C4:09:81:07:7E:28:20:F0:2F:A8:AA:CC:89
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/dQXXlaLqdMQJgQd-KCDwL6iqzIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9b:00:8f:45:5e:b2:8f:a9:2a:de:5d:d4:eb:12:b6:37:eb:23:
42:74:fd:db:6c:46:2f:4a:f8:2c:b7:5a:93:b4:6f:ad:e9:82:
93:f1:3e:88:8a:0f:4f:2f:43:8d:a3:91:41:d4:27:c4:ab:81:
85:d7:9d:3e:b5:ef:63:d1:85:98:e3:eb:77:07:54:42:09:ec:
28:52:c8:67:1c:22:38:d1:19:1a:5a:ac:4f:2e:34:dc:9b:a6:
94:38:8d:60:64:20:09:d9:42:98:05:60:ac:27:80:29:2c:95:
62:d5:db:27:a8:1f:84:e4:8f:d1:e5:bf:fa:19:40:c8:b0:76:
24:e9:99:b6:bb:e7:26:7c:3a:d6:86:e8:1d:e0:0a:78:1e:e8:
fa:c3:47:ec:2c:f8:c8:e9:32:fd:34:b1:2f:af:87:56:1c:76:
a8:3b:52:f9:62:68:9c:fe:b5:45:64:d5:33:6a:e7:2c:2e:4e:
91:2c:7e:03:d7:e5:25:bb:b6:0f:d2:4f:41:ef:cd:11:1d:2c:
52:37:45:92:bd:ca:64:c6:9b:fa:a8:5d:19:ba:dd:a2:f4:7f:
e8:f2:57:75:bc:28:a2:5b:77:51:32:fb:78:3c:0e:7e:9c:f2:
d4:fa:b6:4f:92:33:11:f2:1b:82:b0:3f:b0:3f:c7:24:79:6f:
6c:fb:64:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtaue0TwOaPqM4gCRthy/55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIzMDQxMDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTA1ZDc5NWEyZWE3NGM0MDk4MTA3N2UyODIwZjAyZmE4YWFjYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUEAiFXgNbkHmUnmvSh7RSFOuy60
Y5EFCqZnOZsh6HnGLuHV7jHvBp33bvouYdh+KAcx2T/9USmQ2CQnMn1PiuiTH2FC
VOkHXKFj4ZcU1n5pFrQi6ohA7OYcQzmM94d9MMBM51SEZNqbkCW5PUF+cpzzGOYQ
JWNPLUamGhKUTAW9tRe0OvOwbHJQuvUHxc8sAdDa4kCZCtXE1x1VkQy9urU7GgtU
MQnGhzNMyuEW8H9tQrkQ373lN2Oc0EKFm1rsknqJBkn6UTP6nK/a0Ky8resp2fP3
7FTD9qP9zW8L5Vmfxb65C7vzHIN1iwjMpPv3UYNAtKtwqGvE6uxgSU/64QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHUF15Wi6nTECYEHfigg8C+oqsyJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZFFYWGxhTHFkTVFKZ1FkLUtDRHdMNmlxeklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJsAj0Veso+pKt5d1OsS
tjfrI0J0/dtsRi9K+Cy3WpO0b63pgpPxPoiKD08vQ42jkUHUJ8SrgYXXnT6172PR
hZjj63cHVEIJ7ChSyGccIjjRGRparE8uNNybppQ4jWBkIAnZQpgFYKwngCkslWLV
2yeoH4Tkj9Hlv/oZQMiwdiTpmba75yZ8OtaG6B3gCnge6PrDR+ws+MjpMv00sS+v
h1Ycdqg7UvliaJz+tUVk1TNq5ywuTpEsfgPX5SW7tg/ST0HvzREdLFI3RZK9ymTG
m/qoXRm63aL0f+jyV3W8KKJbd1Ey+3g8Dn6c8tT6tk+SMxHyG4KwP7A/xyR5b2z7
ZNw=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:13 2025 by rpki-client