Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qfU9_ag12YICNbyAaVvnoKHOKuI.roa
File: qfU9_ag12YICNbyAaVvnoKHOKuI.roa (raw, json)
Hash identifier: RLWDW9TAYhsWGKmONMcDnTubKEwPck6Lg5JXnCdsDj4=
Subject key identifier: A9:F5:3D:FD:A8:35:D9:82:02:35:BC:80:69:5B:E7:A0:A1:CE:2A:E2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AAD9445A3FC5221913BC5E6268218BAE4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qfU9_ag12YICNbyAaVvnoKHOKuI.roa
Signing time: Tue 19 Sep 2023 13:14:50 +0000
ROA not before: Tue 19 Sep 2023 13:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ad:94:45:a3:fc:52:21:91:3b:c5:e6:26:82:18:ba:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 19 13:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9f53dfda835d9820235bc80695be7a0a1ce2ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e7:bb:19:9a:d1:ec:c2:a7:15:d1:33:1f:c4:
b6:49:0e:36:e0:9f:cf:a7:a2:9b:6e:bf:40:0b:a5:
62:27:46:a5:0e:f8:fc:8e:12:92:ca:51:5a:d4:31:
04:bd:3b:70:57:4e:b1:f5:a8:3e:c3:18:75:2d:d8:
ed:47:32:36:06:47:22:fa:3e:16:1a:53:66:da:6b:
cc:18:dc:4f:bc:2c:13:06:da:0e:d8:f4:a2:4a:81:
2a:7a:a7:64:bd:ef:03:f0:43:7d:1b:be:7a:35:ce:
13:1d:05:e6:60:d8:e6:30:0b:2c:b9:c5:8f:d6:9d:
01:92:ea:1e:39:a6:59:97:40:50:89:80:3e:f3:b0:
40:94:67:c6:47:96:04:e1:1f:ec:09:9c:7d:8e:0d:
a4:78:e1:5d:a8:ad:8f:5e:da:e8:4a:81:0e:3f:15:
51:84:73:bb:61:43:b3:3e:48:ec:45:07:7e:4b:01:
66:94:60:a9:d6:35:fa:8a:3a:51:99:28:55:f4:b8:
03:31:88:03:97:82:51:01:37:9e:c0:e6:21:ec:a5:
ec:f5:8f:72:7d:0b:21:fc:25:75:6d:36:e9:e5:eb:
19:6d:05:40:52:e3:c0:a4:8f:fd:1d:e1:5c:81:e5:
0f:f7:04:8e:03:f0:62:97:23:22:23:b8:74:3f:7f:
67:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:F5:3D:FD:A8:35:D9:82:02:35:BC:80:69:5B:E7:A0:A1:CE:2A:E2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qfU9_ag12YICNbyAaVvnoKHOKuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:a8:f6:ec:c7:ae:0c:de:81:40:bd:75:a9:38:65:1f:12:68:
9f:6a:2a:d6:9f:d2:6c:ad:5c:bd:54:d2:49:02:b3:74:3a:2b:
1f:b0:72:ac:3e:74:78:32:63:d1:6d:f7:d3:de:55:bf:b4:da:
d4:05:44:f9:ec:74:a3:36:63:fe:c3:a6:38:25:54:61:2a:6d:
f9:f0:39:9c:d1:e9:e4:17:59:47:fd:93:44:ba:c9:41:b6:5f:
a2:de:29:36:9a:e8:96:80:c4:3a:98:ee:32:83:c2:c6:f1:e7:
9d:78:63:f9:90:ae:c0:84:28:fc:74:01:0a:ae:1e:c6:70:67:
97:80:1c:60:ee:3f:0a:95:df:4c:c9:bd:aa:89:af:51:3f:e0:
6f:b6:38:68:87:10:a5:9e:2d:d5:d4:98:0e:83:06:43:9d:64:
5a:d5:b5:83:bf:4f:1c:8f:e4:72:e0:68:1d:dd:ec:e5:f2:c1:
0a:e4:ec:80:48:f0:cb:ef:20:44:e9:33:fc:3d:66:bf:00:53:
cb:34:5e:45:8f:6d:7b:5f:af:79:6b:9b:01:c9:81:8c:d0:91:
9e:8b:dd:fd:cd:7c:af:d9:9b:c9:70:c6:70:25:bb:7c:c8:d2:
90:a3:8c:72:63:2a:d1:67:ef:b6:9a:d1:e1:d1:a8:3b:2f:f0:
2f:5e:62:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqtlEWj/FIhkTvF5iaCGLrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTE5MTMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWY1M2RmZGE4MzVkOTgyMDIzNWJjODA2OTViZTdhMGExY2UyYWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjee7GZrR7MKnFdEzH8S2SQ424J/P
p6Kbbr9AC6ViJ0alDvj8jhKSylFa1DEEvTtwV06x9ag+wxh1LdjtRzI2Bkci+j4W
GlNm2mvMGNxPvCwTBtoO2PSiSoEqeqdkve8D8EN9G756Nc4THQXmYNjmMAssucWP
1p0BkuoeOaZZl0BQiYA+87BAlGfGR5YE4R/sCZx9jg2keOFdqK2PXtroSoEOPxVR
hHO7YUOzPkjsRQd+SwFmlGCp1jX6ijpRmShV9LgDMYgDl4JRATeewOYh7KXs9Y9y
fQsh/CV1bTbp5esZbQVAUuPApI/9HeFcgeUP9wSOA/BilyMiI7h0P39newIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKn1Pf2oNdmCAjW8gGlb56ChziriMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcWZVOV9hZzEyWUlDTmJ5QWFWdm5vS0hPS3VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKCo9uzHrgzegUC9dak4
ZR8SaJ9qKtaf0mytXL1U0kkCs3Q6Kx+wcqw+dHgyY9Ft99PeVb+02tQFRPnsdKM2
Y/7DpjglVGEqbfnwOZzR6eQXWUf9k0S6yUG2X6LeKTaa6JaAxDqY7jKDwsbx5514
Y/mQrsCEKPx0AQquHsZwZ5eAHGDuPwqV30zJvaqJr1E/4G+2OGiHEKWeLdXUmA6D
BkOdZFrVtYO/TxyP5HLgaB3d7OXywQrk7IBI8MvvIETpM/w9Zr8AU8s0XkWPbXtf
r3lrmwHJgYzQkZ6L3f3NfK/Zm8lwxnAlu3zI0pCjjHJjKtFn77aa0eHRqDsv8C9e
Ygc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:05:02 2025 by rpki-client