Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qpQQiiNF7bxPiQXD_sEZWLIoNOU.roa
File: qpQQiiNF7bxPiQXD_sEZWLIoNOU.roa (raw, json)
Hash identifier: eqZdO6bipB0vytETnEfTEm9NB5n55DiK+Tn9kfgm0mA=
Subject key identifier: AA:94:10:8A:23:45:ED:BC:4F:89:05:C3:FE:C1:19:58:B2:28:34:E5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B9FA163033DF1D14AD1A34266D48C22BA
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qpQQiiNF7bxPiQXD_sEZWLIoNOU.roa
Signing time: Sun 05 Nov 2023 13:17:15 +0000
ROA not before: Sun 05 Nov 2023 13:17:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9f:a1:63:03:3d:f1:d1:4a:d1:a3:42:66:d4:8c:22:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 5 13:17:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa94108a2345edbc4f8905c3fec11958b22834e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:56:bc:f5:27:08:17:4c:37:4a:4b:e0:70:87:
46:85:71:51:99:d3:a1:f5:98:d0:89:95:a7:92:3b:
17:0d:72:52:fb:d7:33:8d:01:6a:41:f5:a5:a2:19:
63:fc:8b:5c:bc:00:b6:64:40:f1:ad:8d:b5:8a:24:
e8:9d:65:18:93:6e:79:03:1f:eb:48:57:a3:19:05:
63:79:93:b4:ff:ca:77:70:c8:8f:89:bd:38:88:8e:
af:06:81:2c:70:23:24:53:88:44:ab:70:ae:49:69:
00:eb:9b:28:e7:23:65:ce:e1:76:09:d9:f2:c4:2f:
7a:c8:32:be:c3:08:09:86:c7:5f:93:42:45:bf:a6:
4e:aa:3b:df:ca:4b:20:80:2d:69:5b:e4:de:44:3e:
95:c0:97:f3:89:c3:ba:f1:2c:9e:d1:8a:4a:ac:e9:
7c:00:db:51:f2:eb:c0:e4:61:f4:4c:62:56:3c:e0:
c3:65:f7:58:a6:0e:e5:95:b2:ac:0a:10:9d:ee:45:
d7:49:be:d1:96:5e:a6:fe:6f:99:07:2c:5e:d8:79:
e4:a3:43:7b:2c:af:88:ff:b4:34:e7:00:ec:01:64:
fc:ab:41:b5:fb:7b:a8:08:44:6c:dd:8d:16:66:d2:
84:27:91:f7:21:b8:3e:9e:05:71:90:25:fa:56:eb:
c5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:94:10:8A:23:45:ED:BC:4F:89:05:C3:FE:C1:19:58:B2:28:34:E5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qpQQiiNF7bxPiQXD_sEZWLIoNOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:70:c4:83:83:8f:87:88:54:69:91:26:5b:b2:a5:94:93:e4:
4a:62:d5:4a:ac:e0:fe:08:9b:62:10:63:de:fb:08:be:49:d0:
04:85:19:dd:bc:a5:ac:09:5c:6a:44:a6:54:95:47:bf:48:cb:
77:39:82:b2:91:7e:d8:18:e0:ab:2f:c1:4a:bb:b7:f3:50:a8:
e2:e4:cd:1f:20:ec:c9:e6:e6:b6:2c:b6:7c:30:5d:f3:52:3b:
c9:39:79:78:8b:79:58:26:2a:98:18:19:2d:49:4b:b9:f0:5b:
d7:cb:d2:e2:53:93:55:f8:ef:2b:1a:d0:aa:7e:3c:a0:64:9e:
8f:69:f0:83:75:03:89:00:8c:2f:df:11:87:31:a6:e1:94:b3:
fa:f0:1a:5e:28:54:c7:13:79:d1:16:88:09:80:73:e9:f4:ea:
1b:be:9a:b1:e9:08:a3:05:ea:41:fc:dc:87:d3:cb:e3:57:8e:
de:b9:fd:6a:21:3c:43:d3:19:3b:d9:23:8f:1f:57:17:e1:33:
fc:50:89:60:81:7d:10:b0:94:f7:a9:04:3e:c9:11:7f:59:84:
96:d2:7b:43:3c:e5:b3:0e:b0:c8:f0:39:55:c3:26:f8:7a:e0:
4f:cf:1c:44:7d:4c:ba:c7:1c:4e:85:a5:66:76:43:14:4f:7b:
77:05:a6:c6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYufoWMDPfHRStGjQmbUjCK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA1MTMxNzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTk0MTA4YTIzNDVlZGJjNGY4OTA1YzNmZWMxMTk1OGIyMjgzNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApla89ScIF0w3SkvgcIdGhXFRmdOh
9ZjQiZWnkjsXDXJS+9czjQFqQfWlohlj/ItcvAC2ZEDxrY21iiTonWUYk255Ax/r
SFejGQVjeZO0/8p3cMiPib04iI6vBoEscCMkU4hEq3CuSWkA65so5yNlzuF2Cdny
xC96yDK+wwgJhsdfk0JFv6ZOqjvfyksggC1pW+TeRD6VwJfzicO68Sye0YpKrOl8
ANtR8uvA5GH0TGJWPODDZfdYpg7llbKsChCd7kXXSb7Rll6m/m+ZByxe2Hnko0N7
LK+I/7Q05wDsAWT8q0G1+3uoCERs3Y0WZtKEJ5H3Ibg+ngVxkCX6VuvFTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKqUEIojRe28T4kFw/7BGViyKDTlMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcXBRUWlpTkY3YnhQaVFYRF9zRVpXTElvTk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKZwxIODj4eIVGmRJluy
pZST5Epi1Uqs4P4Im2IQY977CL5J0ASFGd28pawJXGpEplSVR79Iy3c5grKRftgY
4KsvwUq7t/NQqOLkzR8g7Mnm5rYstnwwXfNSO8k5eXiLeVgmKpgYGS1JS7nwW9fL
0uJTk1X47ysa0Kp+PKBkno9p8IN1A4kAjC/fEYcxpuGUs/rwGl4oVMcTedEWiAmA
c+n06hu+mrHpCKMF6kH83IfTy+NXjt65/WohPEPTGTvZI48fVxfhM/xQiWCBfRCw
lPepBD7JEX9ZhJbSe0M85bMOsMjwOVXDJvh64E/PHER9TLrHHE6FpWZ2QxRPe3cF
psY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:18:03 2025 by rpki-client