Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QujfUbFzEppa7_PCPTe8nhmZrGs.roa
File: QujfUbFzEppa7_PCPTe8nhmZrGs.roa (raw, json)
Hash identifier: FtZwIMAHZB21OUa7cbDDHSSAG/NvLGWfXUfUp3GPLnQ=
Subject key identifier: 42:E8:DF:51:B1:73:12:9A:5A:EF:F3:C2:3D:37:BC:9E:19:99:AC:6B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFC887DB8A33CBB68E376AD93374259D7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QujfUbFzEppa7_PCPTe8nhmZrGs.roa
Signing time: Wed 04 Oct 2023 21:11:57 +0000
ROA not before: Wed 04 Oct 2023 21:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:88:7d:b8:a3:3c:bb:68:e3:76:ad:93:37:42:59:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 21:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=42e8df51b173129a5aeff3c23d37bc9e1999ac6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cc:d0:ec:29:a2:44:6f:8f:4f:89:18:98:11:
b9:c2:d3:40:32:1d:fa:4a:cf:2a:a9:4a:96:8b:13:
93:ed:18:f7:45:05:93:b9:88:e7:59:d3:d4:94:7f:
3b:ed:90:d9:5d:f5:72:80:12:27:7e:2e:e6:d7:92:
fb:52:74:f8:3b:96:82:a3:dc:72:3e:17:82:b9:ce:
4c:c3:d9:26:a4:91:a5:d1:85:7f:24:4e:a8:46:de:
9b:1f:8e:ee:74:7f:ce:6c:b8:b5:72:49:31:59:59:
78:f8:55:e3:1a:2e:2c:42:37:bc:5e:c7:a2:a8:a9:
2f:b8:12:5e:26:87:f2:58:8a:17:a5:93:13:89:bd:
8a:73:a2:b2:cd:95:a9:02:71:d4:d0:79:59:69:31:
82:af:a5:1e:1e:e9:be:94:9e:55:82:77:41:86:4a:
81:02:b2:da:c1:fe:49:d7:a1:58:15:c8:54:ac:ee:
03:9b:58:4e:ff:4a:30:42:6c:8b:8e:d9:f0:a4:e0:
1d:d1:6a:b0:85:49:70:a7:27:63:cd:a8:2c:d9:d9:
89:c5:95:b5:6f:7e:72:56:27:2c:70:98:24:07:d3:
3f:cc:a9:5d:cc:ed:63:74:7a:69:38:5a:c7:e2:5d:
a3:78:1a:33:3c:fe:37:05:79:81:24:5d:50:34:5e:
63:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E8:DF:51:B1:73:12:9A:5A:EF:F3:C2:3D:37:BC:9E:19:99:AC:6B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QujfUbFzEppa7_PCPTe8nhmZrGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4a:f2:75:0a:28:60:51:55:78:5f:b7:09:eb:58:60:dd:4d:ed:
86:2a:e9:01:f8:1d:c6:50:66:9d:02:b0:b0:00:e5:66:9c:9c:
b7:ff:95:a1:c6:0d:95:42:27:56:0c:ea:7c:b1:f5:70:0f:26:
ba:5d:ef:69:ba:5a:83:46:6d:73:ba:2d:3a:e9:ed:0a:4a:b5:
c5:1f:66:00:7c:e6:b4:19:64:6a:ee:e3:b9:58:4e:5a:aa:ba:
2c:b8:4e:aa:81:77:de:50:aa:b4:09:fe:5f:8b:56:c9:ba:44:
a6:af:e8:3d:7b:2f:d1:c9:d6:d4:52:58:3b:37:a9:52:1e:20:
f0:0b:08:4d:b8:79:fc:67:28:44:1d:6d:8d:69:37:59:53:fe:
27:88:c7:9b:12:60:14:fb:eb:fd:de:91:11:7c:88:01:ae:16:
b7:1d:d1:31:fb:4a:19:2e:7d:76:32:90:c6:5d:70:ac:23:92:
ad:92:61:82:74:fc:6d:47:ac:e7:44:b8:69:8d:13:36:2c:19:
ae:78:54:2e:3e:98:08:6f:53:19:82:4c:db:04:ac:94:19:33:
93:21:bc:e6:1b:0f:83:db:c1:1b:55:39:f5:7d:4a:50:6f:33:
ec:8a:26:14:00:a0:12:e7:1f:64:10:19:5b:6d:95:4c:ee:f0:
b2:98:2a:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr8iH24ozy7aON2rZM3QlnXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MjExMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmU4ZGY1MWIxNzMxMjlhNWFlZmYzYzIzZDM3YmM5ZTE5OTlhYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMzQ7CmiRG+PT4kYmBG5wtNAMh36
Ss8qqUqWixOT7Rj3RQWTuYjnWdPUlH877ZDZXfVygBInfi7m15L7UnT4O5aCo9xy
PheCuc5Mw9kmpJGl0YV/JE6oRt6bH47udH/ObLi1ckkxWVl4+FXjGi4sQje8Xsei
qKkvuBJeJofyWIoXpZMTib2Kc6KyzZWpAnHU0HlZaTGCr6UeHum+lJ5VgndBhkqB
ArLawf5J16FYFchUrO4Dm1hO/0owQmyLjtnwpOAd0WqwhUlwpydjzags2dmJxZW1
b35yVicscJgkB9M/zKldzO1jdHppOFrH4l2jeBozPP43BXmBJF1QNF5jvQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFELo31GxcxKaWu/zwj03vJ4ZmaxrMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvUXVqZlViRnpFcHBhN19QQ1BUZThuaG1ackdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAErydQooYFFVeF+3CetY
YN1N7YYq6QH4HcZQZp0CsLAA5WacnLf/laHGDZVCJ1YM6nyx9XAPJrpd72m6WoNG
bXO6LTrp7QpKtcUfZgB85rQZZGru47lYTlqquiy4TqqBd95QqrQJ/l+LVsm6RKav
6D17L9HJ1tRSWDs3qVIeIPALCE24efxnKEQdbY1pN1lT/ieIx5sSYBT76/3ekRF8
iAGuFrcd0TH7ShkufXYykMZdcKwjkq2SYYJ0/G1HrOdEuGmNEzYsGa54VC4+mAhv
UxmCTNsErJQZM5MhvOYbD4PbwRtVOfV9SlBvM+yKJhQAoBLnH2QQGVttlUzu8LKY
Klg=
-----END CERTIFICATE-----
Generated at Sat May 10 11:46:49 2025 by rpki-client