Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QpaRt9oNioLg4eYaYePBu4tdOZA.roa
File: QpaRt9oNioLg4eYaYePBu4tdOZA.roa (raw, json)
Hash identifier: 3d+OPWYzX6fNEB2UmS+q9NFgJfYrraVWQ9AMoh7eZDo=
Subject key identifier: 42:96:91:B7:DA:0D:8A:82:E0:E1:E6:1A:61:E3:C1:BB:8B:5D:39:90
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C021331D018485D96D3552BCEFEE22270
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QpaRt9oNioLg4eYaYePBu4tdOZA.roa
Signing time: Fri 24 Nov 2023 16:04:21 +0000
ROA not before: Fri 24 Nov 2023 16:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:213:2100/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:13:31:d0:18:48:5d:96:d3:55:2b:ce:fe:e2:22:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 24 16:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=429691b7da0d8a82e0e1e61a61e3c1bb8b5d3990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fb:ff:0d:bc:2d:fd:c9:61:aa:c7:54:4b:57:
86:af:f4:e1:f9:a5:fe:2c:6f:8a:34:6f:b2:c6:a0:
51:72:25:64:4c:da:27:45:3b:74:ff:93:9e:23:92:
e0:8a:e3:c3:c2:82:29:ad:2e:0e:7b:cd:f1:ce:a5:
e3:64:67:7f:90:28:fd:7e:27:44:36:7c:f5:3d:05:
73:88:6b:91:20:45:03:b5:eb:49:30:9b:f7:93:5d:
85:57:ca:ae:6e:b2:0e:37:94:63:b6:44:e3:71:11:
f5:ee:30:59:03:d2:38:18:a8:0f:e8:31:2b:3b:24:
d6:72:98:bf:33:74:2a:1c:d1:22:6f:08:68:ed:22:
a7:16:0e:c9:65:d3:59:13:2d:6d:74:69:a1:75:c9:
f2:e9:c6:4c:1d:63:77:09:51:14:d0:da:f4:9a:b6:
8f:db:15:5f:0f:68:72:15:ec:03:8f:af:9f:62:9c:
fd:13:2f:5e:ff:52:15:2d:ab:f4:ca:fe:64:6a:cd:
11:8b:84:3a:1d:7c:13:cf:3f:02:41:17:fb:da:58:
a7:3a:12:95:ba:6a:4d:2b:1a:67:04:45:4a:64:20:
2f:e7:b6:ab:10:f6:b4:5a:65:d1:e1:75:d3:c0:dd:
f8:8a:43:2d:f8:e4:3a:e8:77:03:98:9b:23:0d:5e:
7f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:96:91:B7:DA:0D:8A:82:E0:E1:E6:1A:61:E3:C1:BB:8B:5D:39:90
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QpaRt9oNioLg4eYaYePBu4tdOZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d4:f5:3c:e2:4a:01:b4:6b:c2:5f:bc:a1:df:5c:29:72:6b:41:
d4:2e:01:9d:a6:3d:4f:87:91:21:15:42:d2:a0:e2:2b:a8:f2:
5e:5a:33:c9:ce:fb:d3:a2:f6:62:56:3a:4d:c9:e9:fd:7c:1e:
25:c3:e8:93:e7:18:77:e5:13:07:d2:f1:be:90:34:0b:8b:b2:
f2:e5:c8:ea:86:d8:e6:44:d4:89:bc:1c:9d:d2:0b:79:4b:28:
9b:7f:d4:1f:ee:a8:70:d1:14:25:81:2d:91:46:6b:ea:77:1f:
54:68:ea:61:51:b3:dd:43:f0:63:12:e9:4e:4d:78:fe:53:9f:
5f:85:33:e3:80:6d:15:16:8c:20:72:95:98:5a:6b:84:64:68:
92:0c:0d:c0:23:17:6f:32:ce:a4:24:06:80:80:2e:83:af:0a:
c2:81:68:65:a5:97:53:38:61:d2:9a:62:33:b6:78:b0:df:5c:
5e:f7:0e:73:d8:7a:d5:19:92:4d:60:a3:76:f5:bf:e9:d6:96:
38:8f:23:72:9b:1f:54:d4:d4:4c:2a:db:9c:fb:21:78:db:e6:
2e:2a:7c:8f:77:55:79:a1:72:30:81:5c:81:7c:87:95:5d:4d:
3e:2b:e8:b7:fa:e0:ca:f2:dc:b2:1c:11:7e:e0:54:13:c4:05:
da:be:8e:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwCEzHQGEhdltNVK87+4iJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI0MTYwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk2OTFiN2RhMGQ4YTgyZTBlMWU2MWE2MWUzYzFiYjhiNWQzOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Pv/Dbwt/clhqsdUS1eGr/Th+aX+
LG+KNG+yxqBRciVkTNonRTt0/5OeI5LgiuPDwoIprS4Oe83xzqXjZGd/kCj9fidE
Nnz1PQVziGuRIEUDtetJMJv3k12FV8qubrION5RjtkTjcRH17jBZA9I4GKgP6DEr
OyTWcpi/M3QqHNEibwho7SKnFg7JZdNZEy1tdGmhdcny6cZMHWN3CVEU0Nr0mraP
2xVfD2hyFewDj6+fYpz9Ey9e/1IVLav0yv5kas0Ri4Q6HXwTzz8CQRf72linOhKV
umpNKxpnBEVKZCAv57arEPa0WmXR4XXTwN34ikMt+OQ66HcDmJsjDV5/zQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEKWkbfaDYqC4OHmGmHjwbuLXTmQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUXBhUnQ5b05pb0xnNGVZYVllUEJ1NHRkT1pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANT1POJKAbRrwl+8od9c
KXJrQdQuAZ2mPU+HkSEVQtKg4iuo8l5aM8nO+9Oi9mJWOk3J6f18HiXD6JPnGHfl
EwfS8b6QNAuLsvLlyOqG2OZE1Im8HJ3SC3lLKJt/1B/uqHDRFCWBLZFGa+p3H1Ro
6mFRs91D8GMS6U5NeP5Tn1+FM+OAbRUWjCBylZhaa4RkaJIMDcAjF28yzqQkBoCA
LoOvCsKBaGWll1M4YdKaYjO2eLDfXF73DnPYetUZkk1go3b1v+nWljiPI3KbH1TU
1Ewq25z7IXjb5i4qfI93VXmhcjCBXIF8h5VdTT4r6Lf64Mry3LIcEX7gVBPEBdq+
jlg=
-----END CERTIFICATE-----
Generated at Mon May 12 23:23:25 2025 by rpki-client