Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QqW55MO150-jPv3gaYe2FOak32U.roa
File: QqW55MO150-jPv3gaYe2FOak32U.roa (raw, json)
Hash identifier: R3y7dkJWti5mgwBNHb2YHIPzQSDCCPumQfUHHWzE5hY=
Subject key identifier: 42:A5:B9:E4:C3:B5:E7:4F:A3:3E:FD:E0:69:87:B6:14:E6:A4:DF:65
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018AAC159490A34F663D1BA58A2DE865E1AC
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QqW55MO150-jPv3gaYe2FOak32U.roa
Signing time: Tue 19 Sep 2023 06:16:50 +0000
ROA not before: Tue 19 Sep 2023 06:16:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:15:94:90:a3:4f:66:3d:1b:a5:8a:2d:e8:65:e1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 19 06:16:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42a5b9e4c3b5e74fa33efde06987b614e6a4df65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5e:8a:e2:0a:8a:1e:1c:e2:34:bb:d5:0b:92:
8f:5a:e1:38:86:23:0c:0a:4b:be:16:73:30:e9:97:
b6:de:35:17:32:27:0b:6c:d0:e2:1c:63:b2:8a:c2:
41:4d:34:1e:f1:3e:6f:cd:dd:2c:ac:4b:dd:45:d9:
3e:4e:88:9a:72:2d:a2:46:80:37:d0:af:ab:93:96:
9c:55:84:ec:59:86:5a:b7:1f:cd:bc:f6:a5:f5:5d:
8d:55:5a:95:03:63:12:b1:e7:73:c1:89:15:3e:63:
e2:7b:ca:37:77:8f:f2:6f:4c:69:bb:0b:78:a0:d5:
ff:88:70:57:0f:e7:ca:ae:89:2d:23:c8:8a:4b:2d:
28:b4:06:aa:11:20:4f:e2:d0:b1:d7:ef:ca:27:3a:
a7:33:b5:4d:67:d2:b1:5d:52:5b:11:bb:c4:02:16:
07:87:96:b5:52:11:65:2a:e4:ef:ce:7e:6c:cc:26:
df:25:0e:0b:f3:30:79:1d:5e:6f:34:a5:28:f7:5a:
5a:f8:c3:f7:03:9b:d6:a7:c8:21:eb:dd:f2:24:8e:
b0:dd:0a:29:51:5b:e0:65:1b:d1:a1:23:e0:f5:eb:
62:a3:88:36:12:95:37:75:62:ff:0d:31:ea:9d:98:
1d:ac:7c:ad:d2:a9:74:f9:fe:c0:2f:45:06:9d:f7:
de:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A5:B9:E4:C3:B5:E7:4F:A3:3E:FD:E0:69:87:B6:14:E6:A4:DF:65
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/QqW55MO150-jPv3gaYe2FOak32U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:29:39:d4:91:6b:70:95:13:15:65:a2:dc:e5:79:b2:2a:75:
c5:da:f6:f8:85:b6:ce:7f:0a:43:e8:be:a1:e0:0e:e5:27:cf:
92:a1:e0:5b:51:77:9e:2d:74:c2:e5:d9:bf:a9:c0:5a:d7:ee:
ab:06:9f:56:61:97:75:3d:57:1f:07:4f:ad:dc:a9:ce:84:87:
83:6d:d1:67:07:96:9b:98:a2:b5:b2:3b:c8:22:3c:65:38:b3:
b0:dc:a6:97:5a:93:51:7c:26:b9:f2:44:7c:40:0b:ef:da:db:
cc:99:ad:d7:09:23:46:4d:a3:b2:bf:9f:fa:35:4a:c5:eb:f3:
b9:6b:40:b3:34:de:91:27:91:cd:9c:5d:26:e5:4e:6e:75:3b:
38:ac:50:f0:36:8c:55:74:d6:78:c1:9d:98:d8:c3:df:0d:fb:
ab:a0:49:d8:23:80:97:0e:d4:ca:67:eb:ae:f8:45:05:49:bc:
e2:b3:a8:3a:7b:2b:e4:58:1a:1b:8b:cf:c2:1e:54:23:40:f2:
7b:76:9f:c0:86:71:2f:48:fd:9e:ee:f3:54:95:4f:36:19:e6:
e6:07:4a:da:d1:d7:59:1e:a4:dc:20:da:02:63:43:ae:0b:34:
93:be:f2:83:10:90:9a:48:6e:50:25:fd:69:4d:2c:88:19:28:
d8:bd:4f:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqsFZSQo09mPRulii3oZeGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE5MDYxNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmE1YjllNGMzYjVlNzRmYTMzZWZkZTA2OTg3YjYxNGU2YTRkZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA016K4gqKHhziNLvVC5KPWuE4hiMM
Cku+FnMw6Ze23jUXMicLbNDiHGOyisJBTTQe8T5vzd0srEvdRdk+Toiaci2iRoA3
0K+rk5acVYTsWYZatx/NvPal9V2NVVqVA2MSsedzwYkVPmPie8o3d4/yb0xpuwt4
oNX/iHBXD+fKroktI8iKSy0otAaqESBP4tCx1+/KJzqnM7VNZ9KxXVJbEbvEAhYH
h5a1UhFlKuTvzn5szCbfJQ4L8zB5HV5vNKUo91pa+MP3A5vWp8gh693yJI6w3Qop
UVvgZRvRoSPg9etio4g2EpU3dWL/DTHqnZgdrHyt0ql0+f7AL0UGnffejwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEKlueTDtedPoz794GmHthTmpN9lMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvUXFXNTVNTzE1MC1qUHYzZ2FZZTJGT2FrMzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJkpOdSRa3CVExVlotzl
ebIqdcXa9viFts5/CkPovqHgDuUnz5Kh4FtRd54tdMLl2b+pwFrX7qsGn1Zhl3U9
Vx8HT63cqc6Eh4Nt0WcHlpuYorWyO8giPGU4s7Dcppdak1F8JrnyRHxAC+/a28yZ
rdcJI0ZNo7K/n/o1SsXr87lrQLM03pEnkc2cXSblTm51OzisUPA2jFV01njBnZjY
w98N+6ugSdgjgJcO1Mpn6674RQVJvOKzqDp7K+RYGhuLz8IeVCNA8nt2n8CGcS9I
/Z7u81SVTzYZ5uYHStrR11kepNwg2gJjQ64LNJO+8oMQkJpIblAl/WlNLIgZKNi9
T3Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:57 2024 by rpki-client on console-fra.rpki-client.org