Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QvFzHOdZIt3cRz2QT_DI4D1pNE.roa
File: 2QvFzHOdZIt3cRz2QT_DI4D1pNE.roa (raw, json)
Hash identifier: pFhsYg9pg7EcQjt9JbZmDr7x62vt8ZUUI17AXh5zRv4=
Subject key identifier: D9:0B:C5:CC:73:9D:64:8B:77:71:1C:F6:41:3F:C3:23:80:F5:A4:D1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5482640991FCF1D859F9ACE65A5C9CEB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QvFzHOdZIt3cRz2QT_DI4D1pNE.roa
Signing time: Sun 10 Dec 2023 16:14:40 +0000
ROA not before: Sun 10 Dec 2023 16:14:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:54:82:64:09:91:fc:f1:d8:59:f9:ac:e6:5a:5c:9c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 16:14:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d90bc5cc739d648b77711cf6413fc32380f5a4d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b2:e0:d3:4f:c8:40:5f:09:8a:00:bf:b8:72:
e6:af:a8:ff:01:ab:93:84:fb:56:3c:b5:cf:e5:a0:
ed:85:4b:f3:22:91:c0:9f:7d:71:83:53:a9:27:17:
57:7d:2c:cf:5e:9e:da:95:90:82:f9:ca:58:38:2a:
9c:d4:2f:da:ba:72:4b:c0:b0:61:fb:b8:a7:ce:08:
f3:24:76:7e:9c:f7:c3:71:73:de:a3:32:89:73:b2:
99:8b:8f:6d:0a:7c:6a:55:c5:82:23:f3:b7:dd:ba:
70:7a:f3:30:a0:75:6c:dd:49:1a:94:a5:c7:bd:a6:
a1:d3:be:02:cf:a3:09:a7:33:16:e1:db:14:4a:63:
f8:32:44:35:72:50:8d:d8:bb:2a:69:86:af:f1:56:
d0:c1:ff:c5:36:19:f5:86:bb:37:93:30:81:c9:b8:
b6:80:a5:13:05:f2:1c:d7:4b:e5:59:b9:94:bf:fe:
65:ba:16:f9:ab:32:fa:fa:fa:62:b2:2c:e0:c4:72:
98:9a:e2:ad:23:ab:2d:bb:a1:49:02:b0:ba:a9:9f:
42:6d:84:24:6e:12:eb:d8:65:a2:63:f6:64:1b:36:
27:1f:04:7d:26:b5:df:b0:fe:d3:87:ff:23:0e:2d:
f6:83:51:47:99:50:5e:dc:99:e5:0d:8e:e4:c5:e6:
a6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0B:C5:CC:73:9D:64:8B:77:71:1C:F6:41:3F:C3:23:80:F5:A4:D1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/2QvFzHOdZIt3cRz2QT_DI4D1pNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:11:dd:70:c7:a5:98:d4:e5:1c:40:48:61:75:2a:be:48:08:
eb:a2:da:43:56:d0:f4:93:bb:75:5e:a3:61:f4:27:a1:4c:ba:
7e:47:b5:6e:fd:3f:94:a8:64:da:98:02:d5:39:84:f2:e6:22:
04:f6:38:a7:eb:4d:3f:fb:5a:09:b1:51:d0:0b:21:cd:91:99:
60:0d:b6:c5:78:9e:d0:ab:b7:6a:94:32:43:e9:c9:ee:2c:7f:
59:72:96:a0:a8:95:57:c0:61:f5:3f:5b:ab:09:cb:2d:5f:99:
31:d1:d7:b6:5c:10:af:55:a4:6a:60:b1:1b:d7:97:81:c3:94:
cb:c0:6c:2e:f6:a5:d9:8e:bc:db:fe:d4:4a:c9:37:08:3e:29:
07:96:b0:63:3c:c4:67:b8:d3:c2:f1:b2:a4:67:f4:0d:d5:f9:
e3:2f:70:c8:9d:a7:e0:ad:5a:2f:d3:8b:db:17:3d:d6:8d:da:
c2:0f:a0:8e:f6:e8:48:f4:16:75:08:61:e7:ac:b3:4d:9b:ae:
90:bc:03:e5:da:2b:39:4b:0e:55:62:13:71:74:f7:bc:f6:6c:
c5:1b:f4:79:ec:db:d2:4f:bd:d4:6d:92:44:47:9f:ce:76:ae:
2b:8d:3e:d6:84:79:ca:c8:8a:b5:cc:9d:33:12:12:36:f5:4e:
01:a5:cf:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxUgmQJkfzx2Fn5rOZaXJzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMTYxNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTBiYzVjYzczOWQ2NDhiNzc3MTFjZjY0MTNmYzMyMzgwZjVhNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LLg00/IQF8JigC/uHLmr6j/AauT
hPtWPLXP5aDthUvzIpHAn31xg1OpJxdXfSzPXp7alZCC+cpYOCqc1C/aunJLwLBh
+7inzgjzJHZ+nPfDcXPeozKJc7KZi49tCnxqVcWCI/O33bpwevMwoHVs3UkalKXH
vaah074Cz6MJpzMW4dsUSmP4MkQ1clCN2LsqaYav8VbQwf/FNhn1hrs3kzCBybi2
gKUTBfIc10vlWbmUv/5luhb5qzL6+vpisizgxHKYmuKtI6stu6FJArC6qZ9CbYQk
bhLr2GWiY/ZkGzYnHwR9JrXfsP7Th/8jDi32g1FHmVBe3JnlDY7kxeamEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNkLxcxznWSLd3Ec9kE/wyOA9aTRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMlF2RnpIT2RaSXQzY1J6MlFUX0RJNEQxcE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAoR3XDHpZjU5RxASGF1
Kr5ICOui2kNW0PSTu3Veo2H0J6FMun5HtW79P5SoZNqYAtU5hPLmIgT2OKfrTT/7
WgmxUdALIc2RmWANtsV4ntCrt2qUMkPpye4sf1lylqColVfAYfU/W6sJyy1fmTHR
17ZcEK9VpGpgsRvXl4HDlMvAbC72pdmOvNv+1ErJNwg+KQeWsGM8xGe408LxsqRn
9A3V+eMvcMidp+CtWi/Ti9sXPdaN2sIPoI726Ej0FnUIYeess02brpC8A+XaKzlL
DlViE3F097z2bMUb9Hns29JPvdRtkkRHn852riuNPtaEecrIirXMnTMSEjb1TgGl
z3k=
-----END CERTIFICATE-----
Generated at Sun May 11 15:57:53 2025 by rpki-client