Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kUq90bGLYEAg4O5SC3eUFprpZTE.roa
File: kUq90bGLYEAg4O5SC3eUFprpZTE.roa (raw, json)
Hash identifier: uLK8VaE6EoG/9eAKT7WdMZVO8UkZRNlHe5+67lGILc0=
Subject key identifier: 91:4A:BD:D1:B1:8B:60:40:20:E0:EE:52:0B:77:94:16:9A:E9:65:31
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C213A5A4348B1CE9541193EFAACB80ED7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kUq90bGLYEAg4O5SC3eUFprpZTE.roa
Signing time: Thu 30 Nov 2023 17:15:21 +0000
ROA not before: Thu 30 Nov 2023 17:15:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:21:3a:5a:43:48:b1:ce:95:41:19:3e:fa:ac:b8:0e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 30 17:15:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=914abdd1b18b604020e0ee520b7794169ae96531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:27:38:f1:53:0a:27:78:d2:70:2d:5f:d7:21:
08:6c:fe:6f:c5:25:7b:c2:47:ef:bc:c8:0a:24:39:
42:f0:c1:57:f9:4a:84:e4:11:8f:0a:b4:b2:02:1d:
cb:68:93:a8:50:3d:f3:83:c3:9a:5b:53:4e:91:0c:
5b:78:26:32:5d:f7:33:bd:05:0c:b4:07:48:b6:03:
db:1e:2d:68:62:c1:ee:8e:b6:ae:60:84:fb:6c:f4:
f3:52:e3:2d:d7:a6:91:31:2c:30:88:11:03:a4:19:
55:1b:19:ac:c2:16:78:d6:75:7e:fe:db:10:25:cf:
a0:93:c3:ff:f1:15:30:9f:5b:fb:64:a6:f1:88:19:
70:98:11:ab:03:a9:45:04:3c:03:87:c5:c5:30:32:
94:02:64:b5:66:3a:22:15:27:73:c4:66:54:b5:69:
9c:58:7d:3c:bd:44:0f:cb:6c:1b:53:a7:df:c7:90:
f3:96:e3:c4:cb:22:85:dd:ae:80:61:25:62:6e:ac:
f8:a8:2f:bb:c2:8c:23:62:f4:90:c3:18:16:30:56:
ef:e7:6b:83:ba:11:02:a6:a4:5a:df:ed:8b:05:a6:
b3:26:6f:43:d5:91:e5:eb:4e:bb:82:cb:4c:30:f7:
44:5d:26:95:ba:23:c4:65:cb:6d:00:6e:4a:d0:f3:
cb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:4A:BD:D1:B1:8B:60:40:20:E0:EE:52:0B:77:94:16:9A:E9:65:31
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/kUq90bGLYEAg4O5SC3eUFprpZTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5f:97:ae:4b:d2:32:88:48:2a:a4:0f:5a:ed:0e:7f:33:1d:01:
4e:ef:98:66:cc:9d:fc:74:53:c9:6e:23:06:d1:3a:0c:bf:7a:
b7:f1:b6:db:d1:bd:17:53:46:57:05:c0:99:9a:f1:b1:e6:ec:
5c:bc:cd:f6:61:26:ad:08:9a:df:6f:0e:81:13:03:20:fc:df:
dc:f6:65:58:cf:8e:e7:aa:87:b9:16:fd:8e:a7:ae:3c:be:50:
33:60:e1:11:af:e9:b0:ed:3f:e2:40:19:ef:46:c4:1a:c8:3b:
e4:6a:dd:a4:42:e2:aa:2f:82:c1:7f:2c:84:ed:53:7e:a0:2c:
22:16:8c:b5:3c:7e:9f:f7:f7:9d:7a:77:05:7d:ee:f0:43:b0:
16:d4:e1:aa:89:63:d1:85:3a:ff:62:0a:59:02:25:10:a6:44:
4f:f3:f5:13:84:33:f4:88:ec:48:c5:cf:4f:26:62:fd:33:1b:
a8:6f:ac:99:73:3f:2d:fa:42:40:ed:e0:50:8f:dd:34:b6:48:
d8:ab:8e:2b:0c:86:3f:16:64:44:8f:e0:f9:56:26:f6:e3:ad:
a8:c3:6f:ec:b6:ae:e5:b8:e9:63:cf:e8:15:23:e7:45:c1:01:
45:ce:04:a8:d3:34:bc:5a:12:6e:b0:59:01:6a:ce:15:4f:f0:
7a:7c:53:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwhOlpDSLHOlUEZPvqsuA7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTMwMTcxNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTRhYmRkMWIxOGI2MDQwMjBlMGVlNTIwYjc3OTQxNjlhZTk2NTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoic48VMKJ3jScC1f1yEIbP5vxSV7
wkfvvMgKJDlC8MFX+UqE5BGPCrSyAh3LaJOoUD3zg8OaW1NOkQxbeCYyXfczvQUM
tAdItgPbHi1oYsHujrauYIT7bPTzUuMt16aRMSwwiBEDpBlVGxmswhZ41nV+/tsQ
Jc+gk8P/8RUwn1v7ZKbxiBlwmBGrA6lFBDwDh8XFMDKUAmS1ZjoiFSdzxGZUtWmc
WH08vUQPy2wbU6ffx5DzluPEyyKF3a6AYSVibqz4qC+7wowjYvSQwxgWMFbv52uD
uhECpqRa3+2LBaazJm9D1ZHl6067gstMMPdEXSaVuiPEZcttAG5K0PPL2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJFKvdGxi2BAIODuUgt3lBaa6WUxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva1VxOTBiR0xZRUFnNE81U0MzZVVGcHJwWlRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF+XrkvSMohIKqQPWu0O
fzMdAU7vmGbMnfx0U8luIwbROgy/erfxttvRvRdTRlcFwJma8bHm7Fy8zfZhJq0I
mt9vDoETAyD839z2ZVjPjueqh7kW/Y6nrjy+UDNg4RGv6bDtP+JAGe9GxBrIO+Rq
3aRC4qovgsF/LITtU36gLCIWjLU8fp/39516dwV97vBDsBbU4aqJY9GFOv9iClkC
JRCmRE/z9ROEM/SI7EjFz08mYv0zG6hvrJlzPy36QkDt4FCP3TS2SNirjisMhj8W
ZESP4PlWJvbjrajDb+y2ruW46WPP6BUj50XBAUXOBKjTNLxaEm6wWQFqzhVP8Hp8
U1Y=
-----END CERTIFICATE-----
Generated at Mon May 5 23:24:32 2025 by rpki-client