Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uqpZQPluZfum_mXj1-7IYB2DzsM.roa
File: uqpZQPluZfum_mXj1-7IYB2DzsM.roa (raw, json)
Hash identifier: OEWOvXsE7vZkkZ1jxlS0RHagkXl9HWtL0SIY7tSOiZA=
Subject key identifier: BA:AA:59:40:F9:6E:65:FB:A6:FE:65:E3:D7:EE:C8:60:1D:83:CE:C3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFE77CA18030B13092A7D4FB07E455328
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uqpZQPluZfum_mXj1-7IYB2DzsM.roa
Signing time: Thu 05 Oct 2023 06:12:57 +0000
ROA not before: Thu 05 Oct 2023 06:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:77:ca:18:03:0b:13:09:2a:7d:4f:b0:7e:45:53:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 06:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=baaa5940f96e65fba6fe65e3d7eec8601d83cec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e0:41:25:c9:7f:4f:57:4a:db:ad:1c:0c:4e:
0c:9d:28:0f:d7:f6:d0:be:84:db:8b:35:3a:1f:13:
d7:a5:aa:65:67:5e:df:84:26:fe:b9:c8:85:20:d0:
3a:35:b4:60:8e:b5:8b:f7:90:8d:85:38:42:fa:82:
5b:82:ce:60:a6:1f:91:a3:f5:86:20:e2:2d:af:4d:
90:22:97:f6:54:ae:83:83:4a:cd:6f:f3:37:4c:eb:
87:f1:07:25:c3:83:2d:84:c3:8d:a3:10:4b:e6:b1:
5b:c7:d8:72:2c:20:17:d4:da:11:0a:52:05:c5:4c:
6d:cb:50:83:2b:9a:77:fc:3f:ac:09:df:6a:6f:0a:
94:1a:6b:97:73:a6:23:b2:30:a9:81:12:ac:17:99:
b0:97:a6:5e:f9:fe:5c:96:2c:2f:21:7e:b1:27:10:
91:29:6e:07:be:b8:36:1a:04:ad:f1:cf:7a:e3:f2:
04:ab:4b:c0:04:8e:07:8a:36:32:8b:7b:ce:90:b2:
cf:08:21:fe:1f:52:4e:87:2c:87:44:c7:f7:a3:8a:
f2:bc:90:30:a9:e6:f8:78:25:75:6d:78:72:4e:4e:
ab:44:4e:b6:34:2d:67:7f:df:6b:bc:52:6c:88:69:
ac:57:e9:ba:d8:07:56:06:bc:98:49:fe:89:94:4d:
6e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AA:59:40:F9:6E:65:FB:A6:FE:65:E3:D7:EE:C8:60:1D:83:CE:C3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/uqpZQPluZfum_mXj1-7IYB2DzsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:46:52:67:a0:2c:7f:a7:c5:81:95:49:fe:f0:e9:39:28:6e:
c4:e9:83:9c:ac:d5:da:5a:80:1d:96:1f:36:e0:fc:91:e6:61:
bd:0c:9e:19:5b:00:89:0d:f2:33:64:89:97:71:e7:5a:9f:62:
87:7f:a4:3e:e3:b2:b1:6b:38:40:4c:03:42:f6:41:5a:15:ce:
a1:84:87:25:04:98:c2:9a:24:86:16:e8:01:26:7a:e3:8c:fe:
56:a2:8e:69:35:23:41:5e:45:0b:b3:27:d4:4e:27:67:07:db:
95:be:9f:76:48:ef:d6:2d:6a:ac:a3:e2:0e:a7:ce:24:07:02:
2a:60:02:89:a9:a2:86:5f:79:12:1b:7a:68:6c:c9:16:26:e6:
cd:6a:8d:8a:10:8b:33:c9:ca:6b:cb:58:ec:08:83:3e:c5:a2:
c8:98:3f:d5:a6:4e:f0:60:06:55:dd:c2:46:69:e7:8d:ef:7f:
29:39:73:10:11:9c:7c:2c:03:5b:10:b8:be:44:cf:57:bf:5c:
82:a7:65:4b:8a:ae:b6:95:48:02:a6:65:6b:30:c3:c8:12:f7:
ce:6a:73:d1:2e:76:9a:72:56:6b:65:cf:a1:32:81:86:6a:9b:
0f:0d:a3:1b:50:e2:64:91:e9:a3:04:42:a5:02:aa:0f:6b:4f:
50:c3:7c:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr+d8oYAwsTCSp9T7B+RVMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MDYxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFhNTk0MGY5NmU2NWZiYTZmZTY1ZTNkN2VlYzg2MDFkODNjZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOBBJcl/T1dK260cDE4MnSgP1/bQ
voTbizU6HxPXpaplZ17fhCb+uciFINA6NbRgjrWL95CNhThC+oJbgs5gph+Ro/WG
IOItr02QIpf2VK6Dg0rNb/M3TOuH8Qclw4MthMONoxBL5rFbx9hyLCAX1NoRClIF
xUxty1CDK5p3/D+sCd9qbwqUGmuXc6YjsjCpgRKsF5mwl6Ze+f5cliwvIX6xJxCR
KW4Hvrg2GgSt8c964/IEq0vABI4HijYyi3vOkLLPCCH+H1JOhyyHRMf3o4ryvJAw
qeb4eCV1bXhyTk6rRE62NC1nf99rvFJsiGmsV+m62AdWBryYSf6JlE1uJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLqqWUD5bmX7pv5l49fuyGAdg87DMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdXFwWlFQbHVaZnVtX21YajEtN0lZQjJEenNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH9GUmegLH+nxYGVSf7w
6TkobsTpg5ys1dpagB2WHzbg/JHmYb0MnhlbAIkN8jNkiZdx51qfYod/pD7jsrFr
OEBMA0L2QVoVzqGEhyUEmMKaJIYW6AEmeuOM/laijmk1I0FeRQuzJ9ROJ2cH25W+
n3ZI79Ytaqyj4g6nziQHAipgAompooZfeRIbemhsyRYm5s1qjYoQizPJymvLWOwI
gz7FosiYP9WmTvBgBlXdwkZp543vfyk5cxARnHwsA1sQuL5Ez1e/XIKnZUuKrraV
SAKmZWsww8gS985qc9EudppyVmtlz6EygYZqmw8NoxtQ4mSR6aMEQqUCqg9rT1DD
fLA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:32:11 2025 by rpki-client