Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QOZm8B_6Cylh1BaLDjmzkWDwIA.roa
File: 2QOZm8B_6Cylh1BaLDjmzkWDwIA.roa (raw, json)
Hash identifier: U1FYfEd6JfbnA8miI4MUSzcXbkEukPF8IaUWPqjv5XE=
Subject key identifier: D9:03:99:9B:C0:7F:E8:2C:A5:87:50:5A:2C:38:E6:CE:45:83:C0:80
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BA60B9B93330802CFB514102AA3DE314A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QOZm8B_6Cylh1BaLDjmzkWDwIA.roa
Signing time: Mon 06 Nov 2023 19:11:00 +0000
ROA not before: Mon 06 Nov 2023 19:11:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:a605:7ca6/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a6:0b:9b:93:33:08:02:cf:b5:14:10:2a:a3:de:31:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 6 19:11:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d903999bc07fe82ca587505a2c38e6ce4583c080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:65:0e:02:2d:74:e6:ce:98:38:5b:32:c7:3a:
af:6e:ae:6a:11:0e:bb:a7:41:85:41:98:d1:e0:95:
86:d7:92:90:4a:d8:8e:1f:8c:9d:56:50:85:73:a1:
0b:f2:cd:c8:61:21:1f:7b:77:e1:4c:07:55:97:fb:
74:30:55:87:b6:4c:7a:27:58:1d:96:3c:7c:60:25:
9d:40:c5:d7:42:90:bf:96:8f:4c:f1:32:d6:06:11:
55:54:e9:d2:e0:1e:ed:57:c7:65:05:0c:c2:b1:be:
7d:be:34:82:0a:f6:83:56:78:c6:d8:c2:76:a9:25:
04:d1:77:a4:a5:9f:96:30:f9:33:ca:c0:ae:49:5c:
9d:5d:85:47:56:d1:40:4d:2a:8c:d8:a3:8b:ca:0f:
f2:be:86:c7:7f:23:7a:6d:60:0e:a2:4a:81:ef:d3:
2f:b8:ac:52:85:ca:30:3b:dc:b6:03:d7:4c:96:dd:
7a:ec:72:04:01:0f:8b:0b:db:c0:85:68:72:5b:f7:
f4:c3:16:f2:86:21:6a:65:16:f3:1c:11:a0:fa:09:
71:1b:b4:cc:32:de:60:b1:14:51:28:44:d8:b9:e3:
23:22:6a:5e:60:9e:00:61:ae:36:35:73:75:7c:bb:
40:33:54:43:5e:67:14:65:4d:ff:47:86:7a:56:b1:
38:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:03:99:9B:C0:7F:E8:2C:A5:87:50:5A:2C:38:E6:CE:45:83:C0:80
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QOZm8B_6Cylh1BaLDjmzkWDwIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:56:a7:d5:07:1b:c1:4a:e2:bf:76:5d:ef:7e:ad:02:19:86:
c5:29:39:97:58:47:f8:01:39:2b:36:16:e9:f6:b2:91:8f:ff:
44:d7:7f:4c:8c:28:b9:a4:3b:0c:69:56:2a:d4:25:0b:31:4c:
d4:f7:2c:3b:35:c6:e6:c0:50:b8:fe:56:9d:79:e1:f9:41:ea:
1b:27:2d:a3:a1:89:01:40:fa:b1:da:c9:42:58:78:81:1b:0e:
c0:8a:93:21:99:05:23:30:13:6c:c2:49:ef:4b:ee:3a:df:46:
4d:76:56:83:04:08:1a:b4:af:0c:05:9c:58:8a:ff:0f:7f:4f:
2a:9c:ff:67:32:a9:4c:ba:ed:94:e6:a9:ae:72:71:4b:05:56:
69:40:7d:71:b8:d9:30:be:a8:9c:01:80:9d:73:0d:4e:e1:b6:
ed:bb:bc:04:60:4b:28:87:53:43:9b:df:b3:e2:84:09:0b:d4:
69:7f:1b:47:60:3f:3d:ad:f1:4e:22:86:87:fa:a6:b5:d6:5c:
8c:fa:37:a0:a4:16:5c:79:75:c9:74:d3:2e:c0:b6:5b:ac:44:
b6:73:b9:29:12:c0:64:c6:bf:8c:03:2e:87:a5:5d:89:ba:49:
29:1f:69:fc:29:59:59:7a:f6:c4:70:0f:2f:07:4f:8d:1c:d6:
6b:e6:c8:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYumC5uTMwgCz7UUECqj3jFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA2MTkxMTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTAzOTk5YmMwN2ZlODJjYTU4NzUwNWEyYzM4ZTZjZTQ1ODNjMDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGUOAi105s6YOFsyxzqvbq5qEQ67
p0GFQZjR4JWG15KQStiOH4ydVlCFc6EL8s3IYSEfe3fhTAdVl/t0MFWHtkx6J1gd
ljx8YCWdQMXXQpC/lo9M8TLWBhFVVOnS4B7tV8dlBQzCsb59vjSCCvaDVnjG2MJ2
qSUE0XekpZ+WMPkzysCuSVydXYVHVtFATSqM2KOLyg/yvobHfyN6bWAOokqB79Mv
uKxShcowO9y2A9dMlt167HIEAQ+LC9vAhWhyW/f0wxbyhiFqZRbzHBGg+glxG7TM
Mt5gsRRRKETYueMjImpeYJ4AYa42NXN1fLtAM1RDXmcUZU3/R4Z6VrE43wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNkDmZvAf+gspYdQWiw45s5Fg8CAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMlFPWm04Ql82Q3lsaDFCYUxEam16a1dEd0lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGJWp9UHG8FK4r92Xe9+
rQIZhsUpOZdYR/gBOSs2Fun2spGP/0TXf0yMKLmkOwxpVirUJQsxTNT3LDs1xubA
ULj+Vp154flB6hsnLaOhiQFA+rHayUJYeIEbDsCKkyGZBSMwE2zCSe9L7jrfRk12
VoMECBq0rwwFnFiK/w9/Tyqc/2cyqUy67ZTmqa5ycUsFVmlAfXG42TC+qJwBgJ1z
DU7htu27vARgSyiHU0Ob37PihAkL1Gl/G0dgPz2t8U4ihof6prXWXIz6N6CkFlx5
dcl00y7AtlusRLZzuSkSwGTGv4wDLoelXYm6SSkfafwpWVl69sRwDy8HT40c1mvm
yE0=
-----END CERTIFICATE-----
Generated at Sun May 11 15:49:57 2025 by rpki-client