Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qU8TOza17dpKejLbmSF-ptsf5cg.roa
File: qU8TOza17dpKejLbmSF-ptsf5cg.roa (raw, json)
Hash identifier: fPggpLHCCW2WFx98y7YhvoNRF6JXBAU+HR2JRMrqGmw=
Subject key identifier: A9:4F:13:3B:36:B5:ED:DA:4A:7A:32:DB:99:21:7E:A6:DB:1F:E5:C8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B15A45FC5392019B564E1195C61FD5C1B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qU8TOza17dpKejLbmSF-ptsf5cg.roa
Signing time: Mon 09 Oct 2023 18:12:55 +0000
ROA not before: Mon 09 Oct 2023 18:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:15:a4:5f:c5:39:20:19:b5:64:e1:19:5c:61:fd:5c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 9 18:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a94f133b36b5edda4a7a32db99217ea6db1fe5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5a:51:30:12:58:b2:69:2b:f5:53:1c:14:ac:
5d:ff:43:f0:84:69:93:82:cf:96:cc:e7:a6:57:c0:
b9:ba:db:68:00:1a:f0:22:52:37:f7:49:93:f2:c2:
98:d3:4c:cd:00:52:08:2e:66:ef:62:36:b4:20:85:
f8:d1:35:4f:1a:c1:12:7f:3d:4d:7f:f1:0a:6a:6d:
d6:3d:7f:40:1e:10:cb:c6:60:60:85:ff:ed:e2:d6:
f2:79:08:91:55:64:c9:af:40:11:f3:3f:10:79:d7:
ca:66:98:a7:67:df:59:89:7a:51:24:f2:84:69:81:
ac:07:ee:04:8a:29:ee:ac:7b:36:9b:b6:30:55:13:
c2:63:e8:50:58:83:ca:29:cf:e2:75:0a:62:43:17:
f2:9f:16:a5:f3:94:9c:de:70:b2:35:dc:94:e1:8f:
44:2b:b9:34:2d:c4:36:d5:e8:a3:09:87:8f:53:da:
ef:de:3f:bb:30:57:1a:b4:f7:96:cb:4b:e2:6e:0a:
e5:17:78:96:06:83:f5:b5:5d:af:a0:e5:b9:3f:bf:
17:3d:95:40:a6:f4:d7:ed:38:8f:0a:1a:ce:a6:7b:
cd:6e:1d:b4:5c:18:11:aa:5d:46:9b:b8:a2:af:84:
70:20:69:57:cd:3f:cb:a7:be:ac:1a:18:c8:3a:3d:
b2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4F:13:3B:36:B5:ED:DA:4A:7A:32:DB:99:21:7E:A6:DB:1F:E5:C8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qU8TOza17dpKejLbmSF-ptsf5cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bf:ad:66:81:8f:91:9d:cb:fb:47:30:3d:b2:08:67:e3:38:db:
19:b0:bd:a3:f6:c8:dc:31:b8:0a:b2:c4:5b:50:1d:f6:71:2f:
eb:45:28:6a:d8:74:60:71:b5:87:a8:83:64:43:83:1a:c2:67:
6a:5f:65:b4:43:73:e4:3d:04:7a:74:4b:75:3c:4f:9a:ab:cc:
3e:bc:61:da:71:4d:4e:22:1a:82:a5:13:bf:f6:0d:39:92:2f:
1c:e1:eb:96:fd:59:63:9a:cd:57:e3:bf:e6:41:45:c8:0f:b0:
ab:2b:90:cb:ec:a0:c9:24:e5:b1:4c:43:80:af:5b:d7:f1:d5:
64:da:37:b2:bc:3f:36:fb:d7:55:1f:1b:a3:f8:29:6b:3e:68:
ae:86:fc:61:88:e7:b6:49:25:8a:cd:92:5a:1b:b1:b1:5d:77:
3c:14:4b:e1:1d:c8:a0:3a:b4:de:05:54:4f:36:7c:39:8b:f9:
a4:1e:a5:ff:9c:f3:09:5f:3c:8a:32:7e:5d:7b:86:a5:9d:2b:
71:fa:eb:fe:3a:17:d5:e4:9f:22:72:c1:18:cb:ed:3f:36:1a:
74:9b:57:57:14:2e:3e:e1:d7:08:dc:b8:33:70:40:6e:88:a6:
09:d9:af:a1:ee:4d:ea:85:5b:bd:ea:01:49:e0:77:e8:25:44:
be:89:d2:9c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsVpF/FOSAZtWThGVxh/VwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA5MTgxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRmMTMzYjM2YjVlZGRhNGE3YTMyZGI5OTIxN2VhNmRiMWZlNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVpRMBJYsmkr9VMcFKxd/0PwhGmT
gs+WzOemV8C5uttoABrwIlI390mT8sKY00zNAFIILmbvYja0IIX40TVPGsESfz1N
f/EKam3WPX9AHhDLxmBghf/t4tbyeQiRVWTJr0AR8z8QedfKZpinZ99ZiXpRJPKE
aYGsB+4EiinurHs2m7YwVRPCY+hQWIPKKc/idQpiQxfynxal85Sc3nCyNdyU4Y9E
K7k0LcQ21eijCYePU9rv3j+7MFcatPeWy0vibgrlF3iWBoP1tV2voOW5P78XPZVA
pvTX7TiPChrOpnvNbh20XBgRql1Gm7iir4RwIGlXzT/Lp76sGhjIOj2yKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKlPEzs2te3aSnoy25khfqbbH+XIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcVU4VE96YTE3ZHBLZWpMYm1TRi1wdHNmNWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL+tZoGPkZ3L+0cwPbII
Z+M42xmwvaP2yNwxuAqyxFtQHfZxL+tFKGrYdGBxtYeog2RDgxrCZ2pfZbRDc+Q9
BHp0S3U8T5qrzD68YdpxTU4iGoKlE7/2DTmSLxzh65b9WWOazVfjv+ZBRcgPsKsr
kMvsoMkk5bFMQ4CvW9fx1WTaN7K8Pzb711UfG6P4KWs+aK6G/GGI57ZJJYrNklob
sbFddzwUS+EdyKA6tN4FVE82fDmL+aQepf+c8wlfPIoyfl17hqWdK3H66/46F9Xk
nyJywRjL7T82GnSbV1cULj7h1wjcuDNwQG6IpgnZr6HuTeqFW73qAUngd+glRL6J
0pw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:00:37 2025 by rpki-client