Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qM2KlNhKFhkR8BhNoqkJ7iE5fsc.roa
File: qM2KlNhKFhkR8BhNoqkJ7iE5fsc.roa (raw, json)
Hash identifier: IfXZ6Ic/3JqcJvgVDp7GT+kYbbirVs7yNQTFRGmKHQ0=
Subject key identifier: A8:CD:8A:94:D8:4A:16:19:11:F0:18:4D:A2:A9:09:EE:21:39:7E:C7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6EAF87A0ACDBD4FBED985772B7BF176F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qM2KlNhKFhkR8BhNoqkJ7iE5fsc.roa
Signing time: Fri 15 Dec 2023 18:14:06 +0000
ROA not before: Fri 15 Dec 2023 18:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6e:af:87:a0:ac:db:d4:fb:ed:98:57:72:b7:bf:17:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 15 18:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8cd8a94d84a161911f0184da2a909ee21397ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:02:08:c6:08:9c:c1:1f:f7:f7:8f:03:01:66:
87:61:d9:49:a2:37:f2:1f:4d:ee:0c:36:ee:7d:bb:
aa:22:1a:c0:bc:05:68:b7:7f:5e:cf:16:9c:cc:ca:
e6:38:5a:6b:62:9d:39:51:23:2e:d4:82:6c:47:b6:
95:73:06:68:7d:18:64:72:25:08:b6:b3:44:c5:fc:
1f:e0:3b:c2:cd:91:4e:55:1d:2d:62:09:01:ac:99:
6b:00:ef:3c:6f:a4:94:a1:d2:69:45:9e:1a:5a:74:
88:03:5c:c7:b6:2f:21:3e:fc:a7:04:19:04:71:7d:
6a:96:cc:76:a0:a9:ca:1e:d6:b5:16:66:46:ed:25:
09:d8:ea:78:01:31:6b:42:80:87:34:77:f2:27:56:
0a:57:8d:6d:49:81:60:e1:5f:5e:26:e2:1f:78:9e:
a4:51:12:e2:25:cb:df:0a:e9:76:39:04:f9:78:39:
dd:be:07:84:d8:76:cb:ec:f7:db:60:56:c8:1f:b2:
f0:ce:55:35:6c:46:06:5f:fd:95:06:e0:b6:d1:32:
f9:aa:9b:73:20:7b:f8:0a:12:49:a4:a8:88:ac:e4:
b5:77:6c:8f:62:4d:0b:0f:7f:05:de:9b:58:14:b2:
ba:e8:7a:a4:53:55:6e:19:51:37:c5:a2:e4:c2:ba:
f0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:CD:8A:94:D8:4A:16:19:11:F0:18:4D:A2:A9:09:EE:21:39:7E:C7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qM2KlNhKFhkR8BhNoqkJ7iE5fsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:4c:f4:37:63:0e:e0:f1:5a:9c:4b:3a:e7:89:78:10:12:d5:
33:3c:5c:e4:9e:95:89:8a:38:07:6f:83:75:b3:0c:40:b1:63:
a8:9e:f2:c0:6d:6d:30:67:bd:84:6b:81:42:2e:a3:ad:28:d7:
ad:d2:34:b9:61:c4:17:a0:b6:1c:f6:f9:17:c4:8d:c7:15:e2:
f3:c3:6f:27:90:6a:97:b9:63:9d:5a:09:fa:4f:c6:32:cb:46:
30:76:03:fa:bd:9c:90:a5:f2:6d:b8:b1:4d:87:a4:73:d7:d4:
e2:43:e1:4f:9e:4c:e9:2d:4f:6a:01:8e:d7:54:bd:b8:a6:4d:
17:24:2c:14:71:48:fc:e9:15:ae:e8:59:e1:4f:e7:b8:01:92:
bb:b1:66:70:a4:c7:17:0e:01:11:c9:9c:ed:1d:ee:a8:23:2c:
a4:5e:15:43:7c:d7:10:ce:e2:53:b3:eb:07:15:78:1d:e6:e1:
08:52:d7:44:57:f4:e3:5f:93:80:34:82:d5:54:31:19:91:a5:
2f:9a:37:19:08:18:dc:d4:3f:71:e7:0a:52:df:f7:c8:16:2e:
28:25:6a:03:b9:41:8c:5e:2f:02:ee:32:78:52:c0:72:0c:59:
f7:9e:de:14:6e:f2:8d:09:0a:41:71:57:33:da:e6:95:ad:cb:
c6:a2:38:32
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxur4egrNvU++2YV3K3vxdvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE1MTgxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGNkOGE5NGQ4NGExNjE5MTFmMDE4NGRhMmE5MDllZTIxMzk3ZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwIIxgicwR/3948DAWaHYdlJojfy
H03uDDbufbuqIhrAvAVot39ezxaczMrmOFprYp05USMu1IJsR7aVcwZofRhkciUI
trNExfwf4DvCzZFOVR0tYgkBrJlrAO88b6SUodJpRZ4aWnSIA1zHti8hPvynBBkE
cX1qlsx2oKnKHta1FmZG7SUJ2Op4ATFrQoCHNHfyJ1YKV41tSYFg4V9eJuIfeJ6k
URLiJcvfCul2OQT5eDndvgeE2HbL7PfbYFbIH7LwzlU1bEYGX/2VBuC20TL5qptz
IHv4ChJJpKiIrOS1d2yPYk0LD38F3ptYFLK66HqkU1VuGVE3xaLkwrrw1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKjNipTYShYZEfAYTaKpCe4hOX7HMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcU0yS2xOaEtGaGtSOEJoTm9xa0o3aUU1ZnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJdM9DdjDuDxWpxLOueJ
eBAS1TM8XOSelYmKOAdvg3WzDECxY6ie8sBtbTBnvYRrgUIuo60o163SNLlhxBeg
thz2+RfEjccV4vPDbyeQape5Y51aCfpPxjLLRjB2A/q9nJCl8m24sU2HpHPX1OJD
4U+eTOktT2oBjtdUvbimTRckLBRxSPzpFa7oWeFP57gBkruxZnCkxxcOARHJnO0d
7qgjLKReFUN81xDO4lOz6wcVeB3m4QhS10RX9ONfk4A0gtVUMRmRpS+aNxkIGNzU
P3HnClLf98gWLiglagO5QYxeLwLuMnhSwHIMWfee3hRu8o0JCkFxVzPa5pWty8ai
ODI=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:52:31 2025 by rpki-client