Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K_PQVHyl_q2kjBxkNQYItQjL_lU.roa
File: K_PQVHyl_q2kjBxkNQYItQjL_lU.roa (raw, json)
Hash identifier: khF6tDQwB28KO74P64fDNRndAsH8SpefJkFA8a0anOw=
Subject key identifier: 2B:F3:D0:54:7C:A5:FE:AD:A4:8C:1C:64:35:06:08:B5:08:CB:FE:55
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC9E03A2899207627FE7AB6EBEC94CB74
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K_PQVHyl_q2kjBxkNQYItQjL_lU.roa
Signing time: Mon 13 Nov 2023 18:09:57 +0000
ROA not before: Mon 13 Nov 2023 18:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c9:e0:3a:28:99:20:76:27:fe:7a:b6:eb:ec:94:cb:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 18:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2bf3d0547ca5feada48c1c64350608b508cbfe55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7e:f6:ab:a4:2e:5c:04:e2:9c:3f:d1:8b:e4:
c7:01:d9:86:47:d5:7e:39:44:2f:96:91:79:3e:df:
0f:d7:42:86:89:ac:90:11:44:a8:ce:66:da:82:9a:
03:84:ca:02:59:85:1e:69:f8:21:07:e3:82:c6:30:
7e:8f:06:3d:72:ea:89:e3:8b:b7:49:6f:d4:63:fd:
ea:37:e9:83:d5:5c:a2:6a:6a:70:94:5c:5d:2d:71:
49:67:23:64:6c:80:13:ae:30:40:bb:01:bd:09:cf:
c5:db:7d:2e:a5:ba:96:82:89:86:20:97:ef:c2:66:
74:b4:df:2e:37:18:36:ec:29:f3:6a:29:2d:12:90:
5b:7d:d9:44:75:73:1d:f2:8e:51:2a:6e:1e:e1:2e:
df:93:de:f7:cd:60:74:65:b0:72:57:fa:84:99:72:
eb:91:38:dc:bf:f4:4b:c3:a9:0e:b7:e6:94:bc:a1:
24:f2:3a:0d:4e:87:db:f6:dc:80:8e:b8:58:04:3c:
d1:f7:25:43:b1:f5:0b:25:48:91:6e:9b:b7:d4:7a:
c0:61:32:92:ea:76:98:3f:e7:df:25:a8:94:5a:fc:
ee:49:ff:75:cc:63:57:4b:da:23:8b:04:cd:1d:f6:
23:ae:6b:98:67:a4:a2:da:63:bc:b0:d1:92:f4:90:
78:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F3:D0:54:7C:A5:FE:AD:A4:8C:1C:64:35:06:08:B5:08:CB:FE:55
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/K_PQVHyl_q2kjBxkNQYItQjL_lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:6e:59:91:84:ea:79:05:2b:78:1a:ee:81:1d:73:8a:46:d0:
cb:ce:ef:a2:04:66:37:75:9c:cd:5b:90:b3:21:ff:49:46:8e:
7a:3e:72:4f:9e:47:13:70:64:b4:60:54:3a:4c:ce:05:f1:90:
6c:ae:0f:d0:4d:5a:57:e2:b7:fd:2c:0f:01:d4:51:e4:a9:ab:
3a:5a:03:00:a3:d4:70:a8:b5:3f:3b:38:c2:66:b6:2b:a7:0b:
57:65:55:1c:c6:e2:63:5d:c9:d7:68:02:fb:de:b7:89:30:44:
e3:d5:cc:d3:b8:3b:b8:d5:0b:47:6b:09:e8:1b:d9:5e:da:5f:
08:6f:05:63:6f:e2:14:7d:b5:e8:e0:d8:48:51:1f:ba:06:c4:
17:dc:ae:8f:d1:64:76:59:51:4c:8d:67:80:db:6b:3a:08:64:
6a:61:69:c1:46:2a:36:da:28:07:66:09:26:36:b6:03:62:9c:
26:70:72:45:83:69:29:aa:a2:ff:f4:18:48:08:92:21:be:f5:
b4:fd:3b:4d:89:6d:5c:92:72:a2:63:81:50:76:70:4f:04:5e:
35:96:c3:d9:dc:f7:0c:c1:3b:11:26:63:b6:e7:f0:00:ee:85:
ec:66:57:e2:e7:39:2e:76:a6:22:b8:bf:d6:93:9d:f0:bb:a8:
59:aa:3d:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvJ4DoomSB2J/56tuvslMt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMTgwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmYzZDA1NDdjYTVmZWFkYTQ4YzFjNjQzNTA2MDhiNTA4Y2JmZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl372q6QuXATinD/Ri+THAdmGR9V+
OUQvlpF5Pt8P10KGiayQEUSozmbagpoDhMoCWYUeafghB+OCxjB+jwY9cuqJ44u3
SW/UY/3qN+mD1VyiampwlFxdLXFJZyNkbIATrjBAuwG9Cc/F230upbqWgomGIJfv
wmZ0tN8uNxg27CnzaiktEpBbfdlEdXMd8o5RKm4e4S7fk973zWB0ZbByV/qEmXLr
kTjcv/RLw6kOt+aUvKEk8joNTofb9tyAjrhYBDzR9yVDsfULJUiRbpu31HrAYTKS
6naYP+ffJaiUWvzuSf91zGNXS9ojiwTNHfYjrmuYZ6Si2mO8sNGS9JB45wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCvz0FR8pf6tpIwcZDUGCLUIy/5VMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvS19QUVZIeWxfcTJrakJ4a05RWUl0UWpMX2xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKtuWZGE6nkFK3ga7oEd
c4pG0MvO76IEZjd1nM1bkLMh/0lGjno+ck+eRxNwZLRgVDpMzgXxkGyuD9BNWlfi
t/0sDwHUUeSpqzpaAwCj1HCotT87OMJmtiunC1dlVRzG4mNdyddoAvvet4kwROPV
zNO4O7jVC0drCegb2V7aXwhvBWNv4hR9tejg2EhRH7oGxBfcro/RZHZZUUyNZ4Db
azoIZGphacFGKjbaKAdmCSY2tgNinCZwckWDaSmqov/0GEgIkiG+9bT9O02JbVyS
cqJjgVB2cE8EXjWWw9nc9wzBOxEmY7bn8ADuhexmV+LnOS52piK4v9aTnfC7qFmq
PWo=
-----END CERTIFICATE-----
Generated at Mon May 12 16:09:47 2025 by rpki-client