Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qdb0FKLwuQce0zVAPdjDxJSVEeg.roa
File: qdb0FKLwuQce0zVAPdjDxJSVEeg.roa (raw, json)
Hash identifier: c/8v7ADn6vY0liiBVEQHTZlVAuOqeYMVTV0MmtxQp5c=
Subject key identifier: A9:D6:F4:14:A2:F0:B9:07:1E:D3:35:40:3D:D8:C3:C4:94:95:11:E8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B039FC39ABE54C240E1DDE87490E8BE60
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qdb0FKLwuQce0zVAPdjDxJSVEeg.roa
Signing time: Fri 06 Oct 2023 06:14:43 +0000
ROA not before: Fri 06 Oct 2023 06:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:03:9f:c3:9a:be:54:c2:40:e1:dd:e8:74:90:e8:be:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 06:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9d6f414a2f0b9071ed335403dd8c3c4949511e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:40:a0:f6:ec:02:c1:1c:af:b8:88:45:59:65:
76:16:d1:cd:4d:a4:f6:ac:6a:da:38:d0:38:ce:5e:
d3:2b:e6:2f:9f:5c:c2:85:3e:57:f0:bf:18:96:79:
89:61:5c:05:ef:c9:70:ff:bd:7f:23:07:90:e7:b4:
36:29:f0:1f:86:2d:bb:f6:0c:e1:03:cb:72:6f:fa:
71:7e:7a:b0:44:a8:41:bd:83:7f:c7:69:c6:39:71:
5b:3d:e5:84:89:03:e2:65:15:fc:c7:2c:d7:db:d4:
a5:74:3d:d0:90:c1:9f:cb:67:d1:5a:66:87:ab:98:
5c:d5:80:28:ce:d5:21:1d:df:c3:67:d3:e3:f1:e9:
66:31:53:57:93:66:23:a4:e2:59:b5:44:26:02:62:
f0:b0:78:51:12:5a:f0:23:20:48:27:5f:e3:dd:ed:
3b:37:a0:ce:a2:7e:b8:24:aa:16:d3:a6:37:67:f8:
32:a0:a3:39:7d:d4:0c:f7:e0:19:81:f8:f4:f6:7b:
58:5f:03:95:e2:11:21:ab:89:76:a6:b1:2d:b5:1c:
04:a7:b9:dc:d5:e0:ed:64:b2:0d:d1:3e:35:5c:5b:
1c:31:20:c1:0a:27:a6:72:ef:4f:11:13:dd:ee:ec:
c9:f8:3a:a9:89:3a:46:61:3a:5c:4c:fe:5c:fe:b1:
64:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D6:F4:14:A2:F0:B9:07:1E:D3:35:40:3D:D8:C3:C4:94:95:11:E8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qdb0FKLwuQce0zVAPdjDxJSVEeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d4:76:b2:cf:ec:2f:8a:f6:0c:ab:cd:fd:a8:cc:16:50:c7:23:
1e:8f:29:78:a0:36:6a:c1:79:63:f1:ab:a1:63:cb:35:c8:e3:
73:13:34:42:34:8a:c0:4a:62:eb:9e:da:54:98:f5:e2:f4:c2:
45:b4:8b:f6:97:77:1d:c2:1c:4a:03:ab:00:fe:75:23:28:88:
08:a5:eb:64:ef:42:fe:69:35:5f:e4:c4:ed:32:68:db:69:2d:
a5:92:a9:c7:87:e8:90:6e:fc:55:21:bd:ef:fa:98:91:fe:aa:
1a:70:76:d4:a4:6a:5d:d0:71:be:30:12:fb:84:c8:4a:19:c4:
f1:71:7c:5e:bd:d2:c6:62:d9:30:c1:cb:99:3d:ef:1f:41:cd:
75:d1:b8:b8:57:96:50:c6:0e:b9:57:88:a4:5c:e4:ec:92:3c:
63:4b:4e:3d:4e:d8:14:42:64:22:c9:1d:8d:88:08:c0:0f:97:
77:c9:ec:fa:1d:fa:28:2a:14:63:16:58:71:88:2f:1e:9e:03:
fa:21:45:5d:39:59:d1:1c:44:0d:33:6c:e0:ba:75:46:4d:d1:
c0:12:c8:39:21:b9:65:53:9a:31:75:fe:fd:8c:44:22:99:48:
25:ca:7d:56:a6:2b:ed:73:3e:4f:d0:2c:06:7f:49:cd:e0:74:
40:d4:93:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsDn8OavlTCQOHd6HSQ6L5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWQ2ZjQxNGEyZjBiOTA3MWVkMzM1NDAzZGQ4YzNjNDk0OTUxMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiECg9uwCwRyvuIhFWWV2FtHNTaT2
rGraONA4zl7TK+Yvn1zChT5X8L8YlnmJYVwF78lw/71/IweQ57Q2KfAfhi279gzh
A8tyb/pxfnqwRKhBvYN/x2nGOXFbPeWEiQPiZRX8xyzX29SldD3QkMGfy2fRWmaH
q5hc1YAoztUhHd/DZ9Pj8elmMVNXk2YjpOJZtUQmAmLwsHhRElrwIyBIJ1/j3e07
N6DOon64JKoW06Y3Z/gyoKM5fdQM9+AZgfj09ntYXwOV4hEhq4l2prEttRwEp7nc
1eDtZLIN0T41XFscMSDBCiemcu9PERPd7uzJ+DqpiTpGYTpcTP5c/rFkhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKnW9BSi8LkHHtM1QD3Yw8SUlRHoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcWRiMEZLTHd1UWNlMHpWQVBkakR4SlNWRWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANR2ss/sL4r2DKvN/ajM
FlDHIx6PKXigNmrBeWPxq6FjyzXI43MTNEI0isBKYuue2lSY9eL0wkW0i/aXdx3C
HEoDqwD+dSMoiAil62TvQv5pNV/kxO0yaNtpLaWSqceH6JBu/FUhve/6mJH+qhpw
dtSkal3Qcb4wEvuEyEoZxPFxfF690sZi2TDBy5k97x9BzXXRuLhXllDGDrlXiKRc
5OySPGNLTj1O2BRCZCLJHY2ICMAPl3fJ7Pod+igqFGMWWHGILx6eA/ohRV05WdEc
RA0zbOC6dUZN0cASyDkhuWVTmjF1/v2MRCKZSCXKfVamK+1zPk/QLAZ/Sc3gdEDU
k0c=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:49:02 2025 by rpki-client