Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ql8DvC1q6WiTMKCv9D3qIIgoyas.roa
File: Ql8DvC1q6WiTMKCv9D3qIIgoyas.roa (raw, json)
Hash identifier: 1y8vDVU2wKehYdRfDGg5RonFUbAxh4DrrzGf/17U7dg=
Subject key identifier: 42:5F:03:BC:2D:6A:E9:68:93:30:A0:AF:F4:3D:EA:20:88:28:C9:AB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BEB92B20D45BB2B025D7AF72CCD6D902D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ql8DvC1q6WiTMKCv9D3qIIgoyas.roa
Signing time: Mon 20 Nov 2023 07:12:21 +0000
ROA not before: Mon 20 Nov 2023 07:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:eb:92:b2:0d:45:bb:2b:02:5d:7a:f7:2c:cd:6d:90:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 20 07:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=425f03bc2d6ae9689330a0aff43dea208828c9ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7f:6a:6f:56:88:2f:9b:ea:82:ad:10:0d:66:
0e:8c:12:89:0b:c4:5c:cf:db:ff:e4:b4:94:09:52:
c4:cf:9e:3f:0f:f3:74:94:23:c6:0d:e7:20:e0:d3:
3c:71:79:4b:31:b8:c9:26:ba:9d:e5:13:f8:d4:03:
9b:93:f2:de:9f:9a:36:0a:61:e7:9d:72:e9:e6:10:
65:07:b0:d6:02:e9:f6:53:f9:f5:94:18:c1:dc:54:
11:8d:9e:b8:a2:7c:79:d6:46:10:01:fb:0a:c4:4d:
63:20:f5:5b:57:47:99:12:f5:38:30:08:86:87:a2:
be:8e:b1:91:c5:ac:b7:15:a3:ec:b3:cc:57:44:73:
f2:39:10:8d:45:3d:54:97:d7:94:c4:30:7b:70:44:
89:98:d2:49:70:0c:9f:c7:7d:60:0b:38:b4:0b:c7:
8d:f2:b0:86:7a:5d:d6:0d:f7:6d:21:6a:bf:2d:5e:
2c:e3:d7:0f:c2:0c:7a:03:b9:92:f3:5d:da:7a:1e:
fc:7d:09:05:e3:60:9b:54:09:bb:06:43:a4:1a:bf:
dc:7e:b0:9b:49:c7:b6:3a:8c:cf:b3:bc:4b:5b:80:
48:16:a7:68:04:1c:05:e0:2c:02:87:6c:ac:66:65:
04:4e:db:b4:f6:20:84:86:f2:3e:83:29:ca:ef:fe:
b2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:5F:03:BC:2D:6A:E9:68:93:30:A0:AF:F4:3D:EA:20:88:28:C9:AB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Ql8DvC1q6WiTMKCv9D3qIIgoyas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:b0:aa:f7:98:a2:4a:e0:12:5d:1b:99:81:45:40:09:de:e3:
fe:10:c8:c2:47:1a:1c:4b:d9:02:31:9a:c8:af:76:6f:63:ae:
ac:e1:bf:1d:61:08:c4:ec:3d:5c:27:62:36:5f:04:2f:ff:df:
db:9e:dd:5f:87:43:0c:e1:5d:55:53:a9:60:b3:50:b5:97:ff:
6f:29:d7:74:73:b4:d2:91:17:3f:f8:30:87:10:48:e3:6f:cf:
43:c2:54:b2:da:67:18:6b:92:6c:08:37:f0:40:33:0d:6c:7a:
12:f8:2d:35:e1:af:28:7f:6c:1b:12:bc:7d:c5:14:ee:0f:2c:
0b:80:b2:8d:f5:d3:7b:48:5b:da:dc:c4:d6:b3:01:21:5a:24:
15:5d:e5:93:8b:1e:55:4c:3e:08:c6:1a:e8:c1:91:cd:e3:a9:
a6:06:54:59:19:95:6d:15:1d:0d:42:94:b2:c2:b7:eb:42:28:
54:63:3b:0d:b4:00:d0:c5:56:fb:96:68:c9:6c:24:a4:f1:5b:
c9:27:c1:93:32:05:8d:1a:65:c5:6f:16:90:d0:bd:5a:e6:95:
26:3a:54:ec:3c:fd:b0:6d:f6:a4:f4:40:a5:24:9a:b0:aa:ba:
ae:0b:09:75:37:c8:9d:dc:83:92:b9:fe:58:49:62:fc:ff:7b:
85:ed:b7:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvrkrINRbsrAl169yzNbZAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIwMDcxMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjVmMDNiYzJkNmFlOTY4OTMzMGEwYWZmNDNkZWEyMDg4MjhjOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw39qb1aIL5vqgq0QDWYOjBKJC8Rc
z9v/5LSUCVLEz54/D/N0lCPGDecg4NM8cXlLMbjJJrqd5RP41AObk/Len5o2CmHn
nXLp5hBlB7DWAun2U/n1lBjB3FQRjZ64onx51kYQAfsKxE1jIPVbV0eZEvU4MAiG
h6K+jrGRxay3FaPss8xXRHPyORCNRT1Ul9eUxDB7cESJmNJJcAyfx31gCzi0C8eN
8rCGel3WDfdtIWq/LV4s49cPwgx6A7mS813aeh78fQkF42CbVAm7BkOkGr/cfrCb
Sce2OozPs7xLW4BIFqdoBBwF4CwCh2ysZmUETtu09iCEhvI+gynK7/6yYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEJfA7wtaulokzCgr/Q96iCIKMmrMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUWw4RHZDMXE2V2lUTUtDdjlEM3FJSWdveWFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKOwqveYokrgEl0bmYFF
QAne4/4QyMJHGhxL2QIxmsivdm9jrqzhvx1hCMTsPVwnYjZfBC//39ue3V+HQwzh
XVVTqWCzULWX/28p13RztNKRFz/4MIcQSONvz0PCVLLaZxhrkmwIN/BAMw1sehL4
LTXhryh/bBsSvH3FFO4PLAuAso3103tIW9rcxNazASFaJBVd5ZOLHlVMPgjGGujB
kc3jqaYGVFkZlW0VHQ1ClLLCt+tCKFRjOw20ANDFVvuWaMlsJKTxW8knwZMyBY0a
ZcVvFpDQvVrmlSY6VOw8/bBt9qT0QKUkmrCquq4LCXU3yJ3cg5K5/lhJYvz/e4Xt
t4k=
-----END CERTIFICATE-----
Generated at Tue May 13 09:24:18 2025 by rpki-client