Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qqOu7SdJM5-024zWzyPa_CU2JC0.roa
File: qqOu7SdJM5-024zWzyPa_CU2JC0.roa (raw, json)
Hash identifier: axVF9p0WO6k+Kczwlvn8WRtwZAiZCYcBLrJV+x5U1SM=
Subject key identifier: AA:A3:AE:ED:27:49:33:9F:B4:DB:8C:D6:CF:23:DA:FC:25:36:24:2D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACB9D97713CF6BBEDD2D2B8BC8485F689
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qqOu7SdJM5-024zWzyPa_CU2JC0.roa
Signing time: Mon 25 Sep 2023 09:13:37 +0000
ROA not before: Mon 25 Sep 2023 09:13:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:9d:97:71:3c:f6:bb:ed:d2:d2:b8:bc:84:85:f6:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 09:13:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aaa3aeed2749339fb4db8cd6cf23dafc2536242d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d5:6b:59:e3:80:dc:61:43:7d:bf:a3:b4:00:
ab:1a:6b:f3:0e:20:cf:d3:f4:30:a3:4a:1e:62:97:
6e:09:35:62:1b:46:e1:17:f0:b7:8c:12:30:26:ad:
40:a8:0c:cf:41:ec:18:0f:92:c3:07:6e:14:01:91:
d4:6d:90:83:2f:a4:80:3d:45:4d:85:5d:64:7b:0d:
6d:02:24:4e:58:04:e7:c9:c8:c7:ab:d1:1f:3b:42:
81:95:d0:fb:13:bf:6a:69:26:f2:c7:0b:b8:37:33:
f6:26:88:8c:d0:cc:4e:92:92:9c:20:2b:c5:fc:4a:
40:28:4c:5b:88:c9:a0:13:6a:97:68:81:32:31:b8:
f8:08:65:66:51:a1:97:23:4b:fc:7f:98:d1:f7:01:
cd:9a:20:e8:74:8d:71:44:71:50:a7:11:fa:23:9b:
2d:b8:82:87:a0:dc:f0:ca:26:1a:4b:39:23:e2:b5:
51:6f:0e:87:f1:49:6c:f8:96:d1:60:78:db:26:44:
92:a1:2c:dc:1e:c7:0c:81:67:52:8b:de:55:68:2b:
00:84:c2:d9:75:d1:d0:c3:93:b9:b2:dc:71:4a:2a:
45:eb:94:3d:4b:d3:f4:e9:ff:a2:ca:36:f2:7d:82:
ca:94:43:b7:c6:2d:da:a8:a2:f9:e1:2d:d3:23:b7:
55:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:A3:AE:ED:27:49:33:9F:B4:DB:8C:D6:CF:23:DA:FC:25:36:24:2D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qqOu7SdJM5-024zWzyPa_CU2JC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:f6:bc:9d:2b:2a:51:da:a2:43:af:df:04:2f:49:c8:68:7e:
49:6c:8d:a4:a6:47:fb:06:67:30:b6:9e:0c:ed:65:28:62:65:
61:90:ac:43:cc:5e:3f:88:12:90:8a:e1:5a:ed:e8:9a:93:ba:
a4:b5:b8:b0:c7:b4:d8:57:f3:be:97:54:80:80:10:54:7d:6d:
82:ee:93:dd:8a:ca:03:d4:9d:d9:2d:d1:65:24:87:15:d9:21:
7d:15:4d:a3:59:c9:65:8d:5b:ba:18:93:6f:51:bc:85:62:6a:
5c:d0:67:94:56:2c:9f:6d:94:b0:a7:b1:04:e1:83:6a:2a:fe:
74:0e:13:74:58:52:ea:80:a2:91:99:fa:41:22:26:6a:75:73:
4c:87:10:88:12:a6:6d:81:ef:2c:1d:d4:18:3f:ca:b8:c8:27:
38:6a:0f:bb:50:39:b8:fa:7e:33:af:76:35:a5:6a:e1:fc:e4:
37:d4:2f:3c:b1:a0:f9:4f:c5:2e:75:1d:a4:33:a5:79:56:fd:
82:fa:68:9a:07:7e:99:0b:eb:17:06:52:7c:26:7f:e4:97:d5:
de:a3:32:1b:e1:f8:7d:55:91:ac:c2:c1:78:84:e6:a0:2d:33:
2e:51:e8:09:b2:5f:52:76:c3:2b:73:25:07:1e:47:a0:24:8d:
07:e5:25:a2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrLnZdxPPa77dLSuLyEhfaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MDkxMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWEzYWVlZDI3NDkzMzlmYjRkYjhjZDZjZjIzZGFmYzI1MzYyNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdVrWeOA3GFDfb+jtACrGmvzDiDP
0/Qwo0oeYpduCTViG0bhF/C3jBIwJq1AqAzPQewYD5LDB24UAZHUbZCDL6SAPUVN
hV1kew1tAiROWATnycjHq9EfO0KBldD7E79qaSbyxwu4NzP2JoiM0MxOkpKcICvF
/EpAKExbiMmgE2qXaIEyMbj4CGVmUaGXI0v8f5jR9wHNmiDodI1xRHFQpxH6I5st
uIKHoNzwyiYaSzkj4rVRbw6H8Uls+JbRYHjbJkSSoSzcHscMgWdSi95VaCsAhMLZ
ddHQw5O5stxxSipF65Q9S9P06f+iyjbyfYLKlEO3xi3aqKL54S3TI7dV2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKqjru0nSTOftNuM1s8j2vwlNiQtMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcXFPdTdTZEpNNS0wMjR6V3p5UGFfQ1UySkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIH2vJ0rKlHaokOv3wQv
SchofklsjaSmR/sGZzC2ngztZShiZWGQrEPMXj+IEpCK4Vrt6JqTuqS1uLDHtNhX
876XVICAEFR9bYLuk92KygPUndkt0WUkhxXZIX0VTaNZyWWNW7oYk29RvIVialzQ
Z5RWLJ9tlLCnsQThg2oq/nQOE3RYUuqAopGZ+kEiJmp1c0yHEIgSpm2B7ywd1Bg/
yrjIJzhqD7tQObj6fjOvdjWlauH85DfULzyxoPlPxS51HaQzpXlW/YL6aJoHfpkL
6xcGUnwmf+SX1d6jMhvh+H1VkazCwXiE5qAtMy5R6AmyX1J2wytzJQceR6AkjQfl
JaI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:05:38 2025 by rpki-client