Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ALQN7mrQs3VVlOZECcNTWH2r3HQ.roa
File: ALQN7mrQs3VVlOZECcNTWH2r3HQ.roa (raw, json)
Hash identifier: CCq1YmaQ80LB9N5QWAgi6CedaCupGc23SCdcu+AEmR8=
Subject key identifier: 00:B4:0D:EE:6A:D0:B3:75:55:94:E6:44:09:C3:53:58:7D:AB:DC:74
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC8D053FBA18A17C027022454DBB214C0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ALQN7mrQs3VVlOZECcNTWH2r3HQ.roa
Signing time: Mon 13 Nov 2023 13:12:57 +0000
ROA not before: Mon 13 Nov 2023 13:12:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c8:d0:53:fb:a1:8a:17:c0:27:02:24:54:db:b2:14:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 13:12:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00b40dee6ad0b3755594e64409c353587dabdc74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:53:97:e2:e7:8a:60:02:6c:f9:f5:29:5b:cf:
66:a9:03:2f:87:f8:90:d9:37:e6:c5:a3:4d:fb:e0:
39:ab:39:72:8e:17:7a:cf:ec:7b:64:10:66:d5:f9:
c9:4c:f9:f0:7b:15:a9:93:a9:be:17:7d:68:3f:71:
b2:16:9f:1a:49:be:b3:42:a4:f1:3c:43:b6:36:36:
db:9e:d9:fe:47:96:f2:62:27:d0:20:f0:8f:9f:a6:
d7:eb:a9:78:71:67:4a:86:c9:73:45:32:53:71:07:
25:c0:8f:22:42:ed:12:6f:a3:ed:f1:e7:ea:4b:26:
f2:a1:d9:cc:9f:14:6a:53:6b:14:54:43:7f:23:5c:
75:8f:60:29:0d:78:5a:e6:cf:cb:02:89:12:54:e5:
95:e4:db:98:2a:41:fe:30:00:7a:57:4e:b9:00:b6:
a6:b8:e3:f0:40:c9:d4:36:34:12:89:83:d9:20:9a:
64:54:a5:91:b7:1c:f8:46:d2:30:1f:a4:70:63:46:
57:cb:51:41:86:31:3c:9d:ef:1d:d4:a1:3d:af:f8:
8b:52:4f:3a:71:a1:21:40:f6:2d:4d:a9:1d:da:0d:
04:ed:5d:e4:7b:35:3d:15:61:df:06:7c:7a:cf:3a:
4b:d3:d5:40:85:9f:99:f2:15:43:ce:0b:01:a1:47:
ca:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B4:0D:EE:6A:D0:B3:75:55:94:E6:44:09:C3:53:58:7D:AB:DC:74
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/ALQN7mrQs3VVlOZECcNTWH2r3HQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:68:4f:92:b7:ec:2a:c6:d9:a5:c3:f5:4e:7f:7c:08:f1:d1:
f3:7d:d6:f8:06:91:2d:7c:d6:21:bd:4a:52:4a:f3:e6:69:b9:
38:0c:a1:f3:b0:66:21:41:5f:ca:13:35:18:f3:88:fb:6d:b5:
76:c0:c3:c3:02:2c:38:76:88:27:bd:c5:d5:cb:04:dc:ba:50:
90:7a:f5:21:72:57:63:21:c5:b3:5a:52:52:a7:b3:af:c7:7b:
82:77:b8:54:c4:06:fe:fd:80:1c:b7:21:7f:5f:70:87:25:e5:
4e:92:c7:6c:3f:b1:46:7d:ea:92:98:60:e3:0a:3b:ef:fb:3c:
4d:c4:77:e2:48:07:32:6e:9c:59:fd:d2:fa:a0:09:9f:44:d9:
e0:df:5d:97:b5:51:3a:5c:cf:0f:73:92:40:05:1f:0f:fd:15:
f3:8d:5c:b1:83:d1:20:7b:35:b4:3b:e1:6f:95:ba:a6:60:d1:
66:7f:58:c6:a4:62:bc:fd:e3:8e:fd:c1:8d:0e:4b:0d:3d:d5:
ae:75:a6:4c:39:c1:40:ce:5d:da:28:db:08:4f:03:1e:3d:f7:
e2:4e:36:1e:a3:ff:39:88:95:e3:3b:66:9f:ab:86:20:02:45:
8c:ea:a3:a0:b0:19:1a:2d:13:25:db:f7:7e:c8:98:a4:5b:6c:
65:36:4b:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvI0FP7oYoXwCcCJFTbshTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMTMxMjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI0MGRlZTZhZDBiMzc1NTU5NGU2NDQwOWMzNTM1ODdkYWJkYzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91OX4ueKYAJs+fUpW89mqQMvh/iQ
2TfmxaNN++A5qzlyjhd6z+x7ZBBm1fnJTPnwexWpk6m+F31oP3GyFp8aSb6zQqTx
PEO2Njbbntn+R5byYifQIPCPn6bX66l4cWdKhslzRTJTcQclwI8iQu0Sb6Pt8efq
SybyodnMnxRqU2sUVEN/I1x1j2ApDXha5s/LAokSVOWV5NuYKkH+MAB6V065ALam
uOPwQMnUNjQSiYPZIJpkVKWRtxz4RtIwH6RwY0ZXy1FBhjE8ne8d1KE9r/iLUk86
caEhQPYtTakd2g0E7V3kezU9FWHfBnx6zzpL09VAhZ+Z8hVDzgsBoUfKtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAC0De5q0LN1VZTmRAnDU1h9q9x0MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQUxRTjdtclFzM1ZWbE9aRUNjTlRXSDJyM0hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNoT5K37CrG2aXD9U5/
fAjx0fN91vgGkS181iG9SlJK8+ZpuTgMofOwZiFBX8oTNRjziPtttXbAw8MCLDh2
iCe9xdXLBNy6UJB69SFyV2MhxbNaUlKns6/He4J3uFTEBv79gBy3IX9fcIcl5U6S
x2w/sUZ96pKYYOMKO+/7PE3Ed+JIBzJunFn90vqgCZ9E2eDfXZe1UTpczw9zkkAF
Hw/9FfONXLGD0SB7NbQ74W+VuqZg0WZ/WMakYrz94479wY0OSw091a51pkw5wUDO
Xdoo2whPAx499+JONh6j/zmIleM7Zp+rhiACRYzqo6CwGRotEyXb937ImKRbbGU2
S+E=
-----END CERTIFICATE-----
Generated at Sat May 10 17:09:07 2025 by rpki-client