Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QPWj2BzC-mocI10qoDKUs8WiLpg.roa
File: QPWj2BzC-mocI10qoDKUs8WiLpg.roa (raw, json)
Hash identifier: pCYMPAoFXd7fz7VFLaWeG7h8QZmxWb3/NLPh3qA+7p0=
Subject key identifier: 40:F5:A3:D8:1C:C2:FA:6A:1C:23:5D:2A:A0:32:94:B3:C5:A2:2E:98
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF37FC5C6A0025209927411405A2AB58B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QPWj2BzC-mocI10qoDKUs8WiLpg.roa
Signing time: Tue 03 Oct 2023 03:05:51 +0000
ROA not before: Tue 03 Oct 2023 03:05:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:f37f:7948/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f3:7f:c5:c6:a0:02:52:09:92:74:11:40:5a:2a:b5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 03:05:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40f5a3d81cc2fa6a1c235d2aa03294b3c5a22e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:21:88:b9:26:62:0c:8d:5d:1a:2a:83:ad:6a:
f9:07:6f:fa:d6:6c:cc:39:8e:03:79:2e:45:ad:2e:
45:d5:25:f7:3d:a2:81:8f:95:f3:fe:5b:44:11:e1:
47:43:36:4c:73:9f:e7:6d:c1:23:15:03:87:6e:3d:
44:d9:4b:6f:32:2a:7d:e0:75:d1:83:72:77:72:16:
86:da:75:f7:ee:9b:46:7c:04:af:bb:d6:e4:69:40:
a6:ae:73:ab:67:e3:ee:64:ea:1e:39:a7:65:4f:b1:
25:83:3e:31:8a:ca:02:f1:8a:ca:5b:f7:4b:20:64:
28:de:54:e4:bc:0b:2a:30:31:11:65:1a:2c:55:49:
f2:2b:22:4b:94:24:ed:31:66:ed:99:36:a2:dc:fe:
02:ae:a0:1b:c8:e8:da:05:3c:e1:40:11:c9:e7:85:
b7:ba:2e:b3:ab:5c:48:27:8d:6b:7b:01:c5:be:c7:
67:28:01:8a:a2:eb:cc:58:8a:1d:d0:4a:15:90:f9:
82:f6:e3:ab:eb:6f:11:ef:72:28:7a:5f:19:cc:98:
bb:b7:4a:07:7d:1d:47:5a:08:0a:36:81:c8:df:e6:
0a:08:51:11:32:e6:41:ca:74:13:a3:d5:61:71:14:
31:79:e2:52:97:40:c2:d2:50:71:7a:13:f8:90:a5:
21:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F5:A3:D8:1C:C2:FA:6A:1C:23:5D:2A:A0:32:94:B3:C5:A2:2E:98
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QPWj2BzC-mocI10qoDKUs8WiLpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:c5:fc:7f:b8:f5:84:0f:e6:48:35:d9:e5:64:fe:e5:11:60:
21:86:2d:9a:d5:f4:3b:bc:67:4a:b4:52:82:d4:19:25:88:8c:
98:d1:71:9c:f0:e3:af:85:6e:b3:0d:df:10:a9:0b:a5:40:b8:
97:89:aa:be:e0:b5:f0:74:e1:25:75:7f:a4:e7:3f:45:da:6f:
6c:7b:32:ef:f8:9e:99:19:14:19:71:92:38:13:e4:a2:63:c4:
83:5a:ea:8b:09:dc:f7:7a:bf:20:65:48:33:1c:e9:c3:02:de:
3e:c2:64:12:53:83:c9:02:a1:31:38:9d:d0:26:96:e2:08:66:
55:9d:88:ff:65:8a:1f:48:e6:65:80:82:5c:dd:58:69:fc:9b:
eb:df:69:ef:56:ce:4e:f3:bf:ce:d1:12:f2:27:10:e3:15:0a:
f2:ee:10:88:80:9f:5d:a3:f2:08:e1:3f:61:28:53:18:94:ad:
89:4a:50:20:e2:87:28:19:9f:51:91:79:9f:5b:9c:47:4b:8b:
8c:79:1f:9c:6d:82:81:92:d5:30:f4:9d:a0:a4:53:4b:2d:f5:
8c:45:e2:83:dd:09:d1:82:a6:af:01:f7:cf:4e:af:ab:da:07:
e0:7c:de:53:0b:d4:4e:85:dc:0b:13:69:c1:97:72:4d:27:1f:
0c:b4:f1:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrzf8XGoAJSCZJ0EUBaKrWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMDMwNTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGY1YTNkODFjYzJmYTZhMWMyMzVkMmFhMDMyOTRiM2M1YTIyZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSGIuSZiDI1dGiqDrWr5B2/61mzM
OY4DeS5FrS5F1SX3PaKBj5Xz/ltEEeFHQzZMc5/nbcEjFQOHbj1E2UtvMip94HXR
g3J3chaG2nX37ptGfASvu9bkaUCmrnOrZ+PuZOoeOadlT7Elgz4xisoC8YrKW/dL
IGQo3lTkvAsqMDERZRosVUnyKyJLlCTtMWbtmTai3P4CrqAbyOjaBTzhQBHJ54W3
ui6zq1xIJ41rewHFvsdnKAGKouvMWIod0EoVkPmC9uOr628R73Ioel8ZzJi7t0oH
fR1HWggKNoHI3+YKCFERMuZBynQTo9VhcRQxeeJSl0DC0lBxehP4kKUhBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFED1o9gcwvpqHCNdKqAylLPFoi6YMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUVBXajJCekMtbW9jSTEwcW9ES1VzOFdpTHBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGPF/H+49YQP5kg12eVk
/uURYCGGLZrV9Du8Z0q0UoLUGSWIjJjRcZzw46+FbrMN3xCpC6VAuJeJqr7gtfB0
4SV1f6TnP0Xab2x7Mu/4npkZFBlxkjgT5KJjxINa6osJ3Pd6vyBlSDMc6cMC3j7C
ZBJTg8kCoTE4ndAmluIIZlWdiP9lih9I5mWAglzdWGn8m+vfae9Wzk7zv87REvIn
EOMVCvLuEIiAn12j8gjhP2EoUxiUrYlKUCDihygZn1GReZ9bnEdLi4x5H5xtgoGS
1TD0naCkU0st9YxF4oPdCdGCpq8B989Or6vaB+B83lML1E6F3AsTacGXck0nHwy0
8YQ=
-----END CERTIFICATE-----
Generated at Sat May 10 12:50:04 2025 by rpki-client