Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KWQg2gD7wlbebo5xYiELqXxDV7g.roa
File: KWQg2gD7wlbebo5xYiELqXxDV7g.roa (raw, json)
Hash identifier: QrqMBbfyc/u2WOFjdtsAwDjqQEjE/W27n9fW2sc53hA=
Subject key identifier: 29:64:20:DA:00:FB:C2:56:DE:6E:8E:71:62:21:0B:A9:7C:43:57:B8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8DCE668FF7A466734CB97A9EBC556039
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KWQg2gD7wlbebo5xYiELqXxDV7g.roa
Signing time: Thu 02 Nov 2023 02:13:15 +0000
ROA not before: Thu 02 Nov 2023 02:13:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8d:ce:66:8f:f7:a4:66:73:4c:b9:7a:9e:bc:55:60:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 2 02:13:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=296420da00fbc256de6e8e7162210ba97c4357b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:8c:b3:19:17:3e:4c:71:bf:d5:74:b0:0f:bf:
15:57:92:69:5c:ae:27:35:c8:cd:da:f0:96:61:57:
60:c6:62:4e:86:01:cb:2f:69:5c:20:f1:32:06:31:
2c:bc:a9:d5:9a:1a:90:ea:d9:ad:c2:72:79:d0:97:
7b:95:3b:8b:94:ce:a7:2e:de:4c:34:02:d4:bc:cc:
b9:d1:8d:44:5e:c5:9b:fc:c4:f8:b2:30:5d:2e:70:
9d:f8:79:43:97:9d:12:dc:0d:d5:57:df:17:53:df:
1f:c8:9c:b1:3e:52:e4:03:47:75:2e:4d:28:d8:75:
d6:20:76:73:f1:69:3f:eb:09:57:9a:85:21:91:2c:
10:86:bc:6e:2e:ed:ff:9c:33:f9:17:c8:bd:4a:8b:
86:76:db:59:8d:84:e2:5d:d0:dd:bd:82:66:ff:d3:
bf:70:28:9c:fa:22:50:e8:37:86:40:3c:51:b0:e7:
0a:94:1b:ca:82:22:5c:3d:71:ae:31:09:6c:65:6e:
00:ba:fb:af:06:02:3b:f0:02:92:c2:80:fa:01:54:
2f:83:b0:5b:6e:d8:ea:c8:f8:47:09:ea:00:32:24:
d5:69:bc:49:4c:ef:4c:c8:34:13:1b:19:c8:91:06:
32:1c:fb:16:74:95:22:78:65:7e:5a:7e:33:fb:a6:
28:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:64:20:DA:00:FB:C2:56:DE:6E:8E:71:62:21:0B:A9:7C:43:57:B8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/KWQg2gD7wlbebo5xYiELqXxDV7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ad:2c:fa:18:b8:93:c6:3c:72:f6:bf:c8:93:a0:3d:9d:6f:6b:
29:09:e8:d9:0c:f2:e7:01:5e:1e:49:27:88:d4:2a:0e:31:7c:
a2:1f:9e:02:81:5e:16:69:d7:92:c6:89:0c:7f:ce:25:0c:41:
2e:08:8d:e0:7d:a7:a7:77:c7:d7:d9:62:b3:dc:ef:56:62:04:
33:87:a6:3a:10:73:05:82:8b:10:7a:23:45:70:00:ac:96:ca:
d8:fd:bf:23:94:ae:05:50:73:bd:26:17:50:0f:d3:25:79:9f:
9d:eb:dd:bf:32:77:c6:7d:da:18:8f:e4:14:0f:49:91:00:be:
24:c9:5b:60:4b:35:f5:30:54:9a:23:7e:b7:59:62:43:41:15:
b9:0d:a6:cf:a0:5b:d6:fe:8d:e8:15:b5:8b:9c:32:36:00:87:
f9:ec:e6:94:d8:a2:0e:ec:8e:de:c9:22:8b:87:02:bc:ba:8f:
36:ce:08:f6:0e:e0:ee:10:6c:cc:6d:c9:ba:6a:13:37:0f:cd:
fc:8c:59:01:f6:bc:29:0f:a8:d8:47:4a:83:11:66:ff:f6:92:
58:5b:97:e0:0d:64:87:66:9b:17:b2:86:2f:d5:ca:fb:c5:12:
d7:0a:ce:0b:a3:bd:d2:82:85:21:3c:cc:12:37:f0:78:8d:4e:
33:eb:88:b9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuNzmaP96Rmc0y5ep68VWA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTAyMDIxMzE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY0MjBkYTAwZmJjMjU2ZGU2ZThlNzE2MjIxMGJhOTdjNDM1N2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIyzGRc+THG/1XSwD78VV5JpXK4n
NcjN2vCWYVdgxmJOhgHLL2lcIPEyBjEsvKnVmhqQ6tmtwnJ50Jd7lTuLlM6nLt5M
NALUvMy50Y1EXsWb/MT4sjBdLnCd+HlDl50S3A3VV98XU98fyJyxPlLkA0d1Lk0o
2HXWIHZz8Wk/6wlXmoUhkSwQhrxuLu3/nDP5F8i9SouGdttZjYTiXdDdvYJm/9O/
cCic+iJQ6DeGQDxRsOcKlBvKgiJcPXGuMQlsZW4AuvuvBgI78AKSwoD6AVQvg7Bb
btjqyPhHCeoAMiTVabxJTO9MyDQTGxnIkQYyHPsWdJUieGV+Wn4z+6YoWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFClkINoA+8JW3m6OcWIhC6l8Q1e4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS1dRZzJnRDd3bGJlYm81eFlpRUxxWHhEVjdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK0s+hi4k8Y8cva/yJOg
PZ1vaykJ6NkM8ucBXh5JJ4jUKg4xfKIfngKBXhZp15LGiQx/ziUMQS4IjeB9p6d3
x9fZYrPc71ZiBDOHpjoQcwWCixB6I0VwAKyWytj9vyOUrgVQc70mF1AP0yV5n53r
3b8yd8Z92hiP5BQPSZEAviTJW2BLNfUwVJojfrdZYkNBFbkNps+gW9b+jegVtYuc
MjYAh/ns5pTYog7sjt7JIouHAry6jzbOCPYO4O4QbMxtybpqEzcPzfyMWQH2vCkP
qNhHSoMRZv/2klhbl+ANZIdmmxeyhi/VyvvFEtcKzgujvdKChSE8zBI38HiNTjPr
iLk=
-----END CERTIFICATE-----
Generated at Mon May 12 23:04:49 2025 by rpki-client