Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QcPb7kMx3WVCMCpTHL4hD8IqyY.roa
File: 2QcPb7kMx3WVCMCpTHL4hD8IqyY.roa (raw, json)
Hash identifier: 6hjWPKleXuHggU9HjBG9WWD3EPpU0PsWlj1pvKv5fM8=
Subject key identifier: D9:07:0F:6F:B9:0C:C7:75:95:08:C0:A9:4C:72:F8:84:3F:08:AB:26
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C78C63ABD7051D5CE13E880417516315D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QcPb7kMx3WVCMCpTHL4hD8IqyY.roa
Signing time: Sun 17 Dec 2023 17:15:06 +0000
ROA not before: Sun 17 Dec 2023 17:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:78:c6:3a:bd:70:51:d5:ce:13:e8:80:41:75:16:31:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 17 17:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9070f6fb90cc7759508c0a94c72f8843f08ab26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3f:52:03:bf:88:1c:f9:94:ae:7b:54:e4:50:
8f:fa:cd:bb:1a:15:04:fe:ae:c3:e0:88:a2:98:de:
be:4a:10:54:55:ae:15:df:da:7a:7b:a9:a3:5d:c3:
5c:73:db:57:1a:b6:32:c1:7b:30:08:22:20:46:9a:
21:6b:cf:82:78:97:cd:bb:83:28:11:95:7d:f8:a5:
83:2f:68:c2:a1:6f:67:ca:65:74:be:4e:33:2e:55:
db:5b:26:af:68:67:d6:88:a8:30:6f:89:44:51:55:
fe:76:22:3f:f0:7d:4f:ad:bf:bc:a1:be:03:2e:98:
20:62:e9:2f:22:96:48:e3:3a:fd:11:ef:43:af:31:
23:88:99:a9:4b:06:06:7b:a0:a6:9e:f0:a5:4e:b8:
5f:ce:f7:79:06:a1:09:bb:3d:d3:f7:d6:cd:76:da:
72:75:75:20:2b:72:5f:75:24:aa:df:7c:dc:5e:5b:
dc:62:ef:b7:9f:4c:eb:97:ca:f6:ba:1f:9d:1d:ae:
d1:5d:1f:5d:85:21:9c:35:81:2a:a9:f3:6e:ba:53:
6d:00:65:1d:46:4b:f3:25:7e:c6:20:fd:16:9e:9c:
93:44:b0:57:dc:e9:e4:e7:fd:89:8a:6e:8a:50:47:
73:12:99:f1:9d:8a:7c:8f:48:36:c9:20:50:d3:f0:
cd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:07:0F:6F:B9:0C:C7:75:95:08:C0:A9:4C:72:F8:84:3F:08:AB:26
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QcPb7kMx3WVCMCpTHL4hD8IqyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:56:48:5d:aa:b3:ad:0e:e3:aa:a9:cb:3f:c8:e8:c6:79:bf:
58:6c:b0:17:5b:bb:6c:30:0c:7c:84:33:59:5e:7e:6b:aa:6b:
c1:47:1c:0a:84:3f:bf:ea:36:41:10:e4:6a:85:0b:99:ec:e5:
c8:49:5d:c4:f0:1e:4a:3c:0f:a4:42:57:e7:0b:1c:32:7a:54:
6a:7d:dc:b5:13:f3:a2:a0:f9:23:7f:12:86:96:eb:51:b2:6e:
69:31:f6:b7:55:c6:61:70:a8:0c:19:37:4c:25:53:ff:ab:3c:
3c:ed:ee:1c:01:5b:48:ba:d2:54:2b:86:ec:df:8e:07:d8:e7:
d3:bb:f6:e5:26:89:34:d3:0b:0a:99:62:25:26:11:e2:8b:a7:
53:f0:61:c4:ab:7d:52:e3:10:de:9c:46:f7:84:23:85:48:d8:
0c:88:b1:d9:5d:8f:3d:91:2c:48:ec:3a:43:97:e3:27:76:5d:
e4:89:b9:bb:37:13:9e:2e:e3:1b:49:50:16:03:28:1d:ef:12:
80:c4:ed:16:25:6d:bd:7b:f4:05:93:9d:e5:8d:8d:f6:4f:9b:
9f:39:a6:89:13:40:de:a3:12:d2:7a:bf:c1:d5:b9:8e:25:07:
7f:64:28:72:35:d7:e7:e0:f0:d8:e4:63:de:50:41:ee:0e:66:
22:79:24:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx4xjq9cFHVzhPogEF1FjFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE3MTcxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTA3MGY2ZmI5MGNjNzc1OTUwOGMwYTk0YzcyZjg4NDNmMDhhYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT9SA7+IHPmUrntU5FCP+s27GhUE
/q7D4IiimN6+ShBUVa4V39p6e6mjXcNcc9tXGrYywXswCCIgRpoha8+CeJfNu4Mo
EZV9+KWDL2jCoW9nymV0vk4zLlXbWyavaGfWiKgwb4lEUVX+diI/8H1Prb+8ob4D
LpggYukvIpZI4zr9Ee9DrzEjiJmpSwYGe6CmnvClTrhfzvd5BqEJuz3T99bNdtpy
dXUgK3JfdSSq33zcXlvcYu+3n0zrl8r2uh+dHa7RXR9dhSGcNYEqqfNuulNtAGUd
RkvzJX7GIP0WnpyTRLBX3Onk5/2Jim6KUEdzEpnxnYp8j0g2ySBQ0/DNrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNkHD2+5DMd1lQjAqUxy+IQ/CKsmMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMlFjUGI3a014M1dWQ01DcFRITDRoRDhJcXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKtWSF2qs60O46qpyz/I
6MZ5v1hssBdbu2wwDHyEM1lefmuqa8FHHAqEP7/qNkEQ5GqFC5ns5chJXcTwHko8
D6RCV+cLHDJ6VGp93LUT86Kg+SN/EoaW61Gybmkx9rdVxmFwqAwZN0wlU/+rPDzt
7hwBW0i60lQrhuzfjgfY59O79uUmiTTTCwqZYiUmEeKLp1PwYcSrfVLjEN6cRveE
I4VI2AyIsdldjz2RLEjsOkOX4yd2XeSJubs3E54u4xtJUBYDKB3vEoDE7RYlbb17
9AWTneWNjfZPm585pokTQN6jEtJ6v8HVuY4lB39kKHI11+fg8NjkY95QQe4OZiJ5
JCc=
-----END CERTIFICATE-----
Generated at Mon May 12 19:44:15 2025 by rpki-client