Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qvKKvXFQX4lw6-AayvgvpfN0vJs.roa
File: qvKKvXFQX4lw6-AayvgvpfN0vJs.roa (raw, json)
Hash identifier: OadPkChx8HWLOKUFT8nN3SwV0mAHuOCSSc05oRntKu8=
Subject key identifier: AA:F2:8A:BD:71:50:5F:89:70:EB:E0:1A:CA:F8:2F:A5:F3:74:BC:9B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2A3C9148EFAE3362D6179F182E0C1DE3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qvKKvXFQX4lw6-AayvgvpfN0vJs.roa
Signing time: Sat 02 Dec 2023 11:14:21 +0000
ROA not before: Sat 02 Dec 2023 11:14:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:2a:3c:91:48:ef:ae:33:62:d6:17:9f:18:2e:0c:1d:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 2 11:14:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aaf28abd71505f8970ebe01acaf82fa5f374bc9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e8:c6:b2:d7:a8:a2:d9:46:4a:a4:f4:53:1e:
9d:ee:ab:56:40:46:b7:54:1b:e3:f5:18:a4:97:c1:
5f:60:bf:2d:fc:be:04:16:a4:7d:77:11:0f:20:8b:
1b:22:af:09:e2:e1:6e:23:60:f8:a1:b8:46:c5:6b:
ab:bf:cc:83:51:ab:6b:fe:73:13:2f:24:7c:e3:e1:
c1:00:b5:87:b3:72:b0:f9:9e:aa:fe:e9:38:85:b6:
8a:33:93:83:56:38:cc:f2:a9:17:cc:06:ef:f0:33:
cc:a4:65:32:3c:c5:cf:f0:cc:9f:97:c5:cf:54:19:
20:10:c2:fe:e7:6c:74:a1:34:3f:dd:66:b1:23:7e:
6d:1a:50:41:f6:52:7a:0f:2f:6c:4c:8e:15:b9:80:
cf:f4:bf:e1:be:55:b2:ce:ec:ab:a2:9f:b2:79:8b:
0d:02:55:07:8f:92:f4:cc:1f:7c:f1:e9:dd:42:56:
66:7a:9f:d1:39:59:a6:b4:f9:8e:ba:2b:92:92:55:
b2:0c:b6:f3:f0:86:dc:11:0e:37:78:4f:32:d5:74:
f5:fb:a7:f2:65:f8:6f:f6:85:e8:5e:c5:d2:2d:6e:
f4:87:10:d0:3b:b4:46:d0:95:c7:c4:ba:60:81:70:
af:50:ac:53:af:63:d7:b2:8c:86:4f:2b:1f:19:b0:
8c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:F2:8A:BD:71:50:5F:89:70:EB:E0:1A:CA:F8:2F:A5:F3:74:BC:9B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qvKKvXFQX4lw6-AayvgvpfN0vJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d1:01:55:62:4f:19:8e:c9:97:1b:21:02:b9:e5:f8:26:35:fc:
6d:28:0b:b8:94:10:86:54:01:e7:cf:a1:d8:3d:6f:37:7e:01:
de:a7:4f:21:24:d1:0c:ad:77:da:46:55:c5:48:fc:f2:c3:fd:
ac:da:3d:4f:c5:0d:10:24:c5:4a:eb:5f:31:71:fe:d9:e9:09:
53:75:f1:57:0a:a1:c7:0f:ba:e9:c0:bf:57:a6:65:8e:45:82:
58:28:f8:1b:3e:88:00:d9:d9:35:b6:2e:5a:39:ef:3b:cd:81:
31:4e:49:fb:d7:89:8f:e3:e2:ab:ef:b4:1f:5d:81:f3:bd:1a:
06:ab:93:3f:f8:88:29:74:b5:4f:71:98:dc:bb:fb:df:c4:41:
b2:d9:e7:1f:bb:fc:21:ec:60:08:b3:ff:d0:71:63:e1:a6:f2:
46:f8:9b:47:75:81:2e:5d:6e:7f:1c:ac:3b:94:94:df:b3:8a:
a9:98:43:59:76:60:d5:d5:a5:7c:ca:24:59:1e:ab:9f:69:a9:
3d:24:c9:e4:a2:50:8a:7f:3e:48:77:3a:20:37:20:68:45:98:
7d:da:08:d3:97:2d:3a:14:b7:c2:98:3b:62:f0:1b:26:9f:88:
4b:1a:fd:a0:25:89:3c:23:18:c5:c6:fe:b6:2b:fb:78:c5:b7:
00:e9:c0:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwqPJFI764zYtYXnxguDB3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAyMTExNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWYyOGFiZDcxNTA1Zjg5NzBlYmUwMWFjYWY4MmZhNWYzNzRiYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOjGsteootlGSqT0Ux6d7qtWQEa3
VBvj9Rikl8FfYL8t/L4EFqR9dxEPIIsbIq8J4uFuI2D4obhGxWurv8yDUatr/nMT
LyR84+HBALWHs3Kw+Z6q/uk4hbaKM5ODVjjM8qkXzAbv8DPMpGUyPMXP8Myfl8XP
VBkgEML+52x0oTQ/3WaxI35tGlBB9lJ6Dy9sTI4VuYDP9L/hvlWyzuyrop+yeYsN
AlUHj5L0zB988endQlZmep/ROVmmtPmOuiuSklWyDLbz8IbcEQ43eE8y1XT1+6fy
Zfhv9oXoXsXSLW70hxDQO7RG0JXHxLpggXCvUKxTr2PXsoyGTysfGbCMNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKryir1xUF+JcOvgGsr4L6XzdLybMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcXZLS3ZYRlFYNGx3Ni1BYXl2Z3ZwZk4wdkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANEBVWJPGY7JlxshArnl
+CY1/G0oC7iUEIZUAefPodg9bzd+Ad6nTyEk0Qytd9pGVcVI/PLD/azaPU/FDRAk
xUrrXzFx/tnpCVN18VcKoccPuunAv1emZY5Fglgo+Bs+iADZ2TW2Llo57zvNgTFO
SfvXiY/j4qvvtB9dgfO9Ggarkz/4iCl0tU9xmNy7+9/EQbLZ5x+7/CHsYAiz/9Bx
Y+Gm8kb4m0d1gS5dbn8crDuUlN+ziqmYQ1l2YNXVpXzKJFkeq59pqT0kyeSiUIp/
Pkh3OiA3IGhFmH3aCNOXLToUt8KYO2LwGyafiEsa/aAliTwjGMXG/rYr+3jFtwDp
wBQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:59 2025 by rpki-client