Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/q8dlHwsEZbmtMTYF3v3_P9zwSTw.roa
File: q8dlHwsEZbmtMTYF3v3_P9zwSTw.roa (raw, json)
Hash identifier: GZZ2vskE69zScWVgN7im9XoK2uhN8FBgxyCWi5C6Cdo=
Subject key identifier: AB:C7:65:1F:0B:04:65:B9:AD:31:36:05:DE:FD:FF:3F:DC:F0:49:3C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9F64F733239EDAA58FD055E550C60788
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/q8dlHwsEZbmtMTYF3v3_P9zwSTw.roa
Signing time: Sun 05 Nov 2023 12:11:16 +0000
ROA not before: Sun 05 Nov 2023 12:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9f:64:f7:33:23:9e:da:a5:8f:d0:55:e5:50:c6:07:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 12:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abc7651f0b0465b9ad313605defdff3fdcf0493c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:21:d0:2c:84:e3:14:1d:78:1e:a9:9c:60:b1:
36:ee:18:da:4b:3e:af:50:0e:90:ab:91:02:49:37:
16:59:cc:1c:2f:8c:d2:f3:f3:57:d8:30:12:0e:e6:
1a:2f:f0:94:35:0e:4e:d9:c7:28:3b:be:2f:d9:01:
e4:be:ac:94:46:08:25:5c:e0:34:6b:ba:54:49:e5:
84:b6:e8:1c:5a:e1:20:66:80:dc:a5:9e:37:16:1d:
46:32:ac:a3:13:f4:db:7a:87:8c:77:ad:b8:00:27:
0b:db:e5:03:fc:af:ef:e6:ba:51:9c:61:68:98:81:
9a:d9:ef:3c:63:68:f9:b6:74:51:4d:fb:44:dd:ec:
e2:e1:1e:5b:cc:88:5b:45:aa:00:36:a4:79:b6:25:
92:9b:5b:e5:4a:f6:32:4e:16:d8:c8:9e:a1:03:74:
77:60:bd:03:5e:e1:bb:78:5f:c8:68:22:3b:eb:ff:
93:6c:46:ec:87:f5:d7:8d:14:a6:77:45:03:76:58:
ba:93:7c:56:d6:4d:c5:f6:8d:45:62:2c:8f:b7:bd:
f6:75:9e:3d:2d:41:50:e4:aa:76:8d:70:84:22:4e:
a0:f8:85:69:74:28:46:48:73:78:03:0b:ba:c1:82:
3b:17:fa:69:98:bf:6b:38:35:b9:f2:7c:94:8d:56:
4f:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C7:65:1F:0B:04:65:B9:AD:31:36:05:DE:FD:FF:3F:DC:F0:49:3C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/q8dlHwsEZbmtMTYF3v3_P9zwSTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:76:65:11:74:22:04:3b:f5:a0:8a:8e:04:4a:de:b1:9d:31:
bc:17:83:cf:f9:0d:97:e0:a6:18:44:a5:aa:0e:4c:db:17:01:
44:86:ac:cd:93:bc:75:06:7a:c6:60:e2:6a:62:8c:59:9e:29:
2f:c0:2e:89:a6:c8:c2:75:52:4f:b6:08:36:07:1a:cc:9c:11:
15:ed:b3:05:45:1c:c4:f1:29:ac:6e:8e:80:58:0d:bf:20:42:
db:93:de:89:c3:82:7d:d3:ad:3e:b5:92:c0:12:82:c9:bf:36:
1b:98:19:a6:f3:79:11:cf:f4:dd:72:95:ce:1a:18:bc:de:5f:
ab:ea:af:78:a0:85:a1:d2:76:5e:2b:b4:a4:22:8c:f3:08:f7:
65:ed:5f:06:84:47:b4:60:0f:f6:16:54:cb:23:26:f3:86:7c:
6b:68:c3:12:68:a9:eb:4a:ca:34:df:04:97:f6:27:66:a2:46:
3c:25:be:08:73:2f:7c:2d:1a:a0:d7:f7:02:d1:60:49:3e:f6:
65:13:ba:dc:26:19:5d:02:0b:06:1a:f6:81:e9:b1:1e:ac:38:
fe:47:cf:0b:46:4b:2d:8a:73:c3:2a:6f:aa:5d:fb:e2:16:6d:
46:0b:f1:08:9a:39:c9:49:b2:74:4a:54:28:54:44:d3:15:aa:
3f:bb:34:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYufZPczI57apY/QVeVQxgeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MTIxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM3NjUxZjBiMDQ2NWI5YWQzMTM2MDVkZWZkZmYzZmRjZjA0OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCHQLITjFB14HqmcYLE27hjaSz6v
UA6Qq5ECSTcWWcwcL4zS8/NX2DASDuYaL/CUNQ5O2ccoO74v2QHkvqyURgglXOA0
a7pUSeWEtugcWuEgZoDcpZ43Fh1GMqyjE/TbeoeMd624ACcL2+UD/K/v5rpRnGFo
mIGa2e88Y2j5tnRRTftE3ezi4R5bzIhbRaoANqR5tiWSm1vlSvYyThbYyJ6hA3R3
YL0DXuG7eF/IaCI76/+TbEbsh/XXjRSmd0UDdli6k3xW1k3F9o1FYiyPt732dZ49
LUFQ5Kp2jXCEIk6g+IVpdChGSHN4Awu6wYI7F/ppmL9rODW58nyUjVZPpQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKvHZR8LBGW5rTE2Bd79/z/c8Ek8MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcThkbEh3c0VaYm10TVRZRjN2M19QOXp3U1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJB2ZRF0IgQ79aCKjgRK
3rGdMbwXg8/5DZfgphhEpaoOTNsXAUSGrM2TvHUGesZg4mpijFmeKS/ALommyMJ1
Uk+2CDYHGsycERXtswVFHMTxKaxujoBYDb8gQtuT3onDgn3TrT61ksASgsm/NhuY
GabzeRHP9N1ylc4aGLzeX6vqr3ighaHSdl4rtKQijPMI92XtXwaER7RgD/YWVMsj
JvOGfGtowxJoqetKyjTfBJf2J2aiRjwlvghzL3wtGqDX9wLRYEk+9mUTutwmGV0C
CwYa9oHpsR6sOP5HzwtGSy2Kc8Mqb6pd++IWbUYL8QiaOclJsnRKVChURNMVqj+7
NF0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:47:15 2025 by rpki-client