Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UQhISSdm9lJU7I1_tCzkSEQve5A.roa
File: UQhISSdm9lJU7I1_tCzkSEQve5A.roa (raw, json)
Hash identifier: 9nkjLwgK1os0lqm96iUsu+qL5AXUdIN3msprDYtNItE=
Subject key identifier: 51:08:48:49:27:66:F6:52:54:EC:8D:7F:B4:2C:E4:48:44:2F:7B:90
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B593A1704DDA0201BB19FF72E03721B7C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UQhISSdm9lJU7I1_tCzkSEQve5A.roa
Signing time: Sun 22 Oct 2023 21:11:01 +0000
ROA not before: Sun 22 Oct 2023 21:11:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:59:3a:17:04:dd:a0:20:1b:b1:9f:f7:2e:03:72:1b:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 22 21:11:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=510848492766f65254ec8d7fb42ce448442f7b90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7f:bf:49:b2:92:4d:ec:23:7f:6b:19:60:32:
b2:e1:5c:1d:ae:c9:c8:f8:7a:08:8c:c5:93:c4:4d:
0f:26:c1:f8:5d:39:20:f0:b4:92:2f:66:79:c4:b7:
90:78:3a:8f:03:2a:e5:bd:4d:16:73:92:7a:e1:d0:
16:e7:26:50:60:3a:f9:9a:01:8d:8d:03:8a:5d:cd:
1e:c1:6d:35:e7:69:ee:45:5a:a1:8a:37:ee:b4:d5:
32:41:64:31:42:d4:cf:c6:bf:34:c6:de:52:95:9f:
6c:7f:b0:c5:02:2f:b3:11:c3:b7:3c:d7:d3:74:6f:
55:2c:2c:71:5e:bf:e3:bb:af:5d:3e:b8:2b:d3:f8:
c7:34:07:2f:bc:dc:bc:4c:a4:04:87:7e:40:3e:4d:
c6:6c:72:14:a8:76:ac:02:fc:57:d0:42:f9:73:03:
d6:f6:65:1d:a9:2c:70:99:36:d9:12:47:75:d5:e2:
15:fb:44:cd:47:e8:98:83:93:91:88:2f:30:78:64:
13:f3:af:fc:cd:7c:f4:e8:fe:8f:a5:aa:c3:ea:09:
72:17:ac:71:3f:ff:c5:02:24:52:18:e2:3f:98:16:
7c:91:bc:8e:4c:99:51:36:28:63:ab:34:f0:1a:f4:
27:8d:2c:19:71:3d:1d:06:03:80:b4:ef:87:78:13:
34:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:08:48:49:27:66:F6:52:54:EC:8D:7F:B4:2C:E4:48:44:2F:7B:90
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/UQhISSdm9lJU7I1_tCzkSEQve5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ab:2b:eb:0d:aa:1e:ca:1b:85:d4:c3:3e:f7:91:b3:ec:54:19:
74:6d:87:e9:3d:6c:81:33:12:d5:b9:31:f9:ef:8a:5b:2f:14:
0b:7e:59:cb:bd:80:83:f6:a1:e5:69:0f:35:1a:dc:21:53:fb:
74:97:ab:38:e9:f3:b4:59:04:e0:0b:3a:63:08:ee:12:40:15:
8b:34:1f:08:75:9a:3a:5b:e0:ec:07:1c:85:0d:d0:da:7f:15:
1d:65:b4:4b:a5:63:c0:a4:0c:65:ac:be:db:ee:d0:a5:d3:cb:
a8:19:f6:06:f5:e3:9b:8a:96:fc:a9:f0:c5:e8:74:f7:cf:0a:
ca:58:c5:fd:bc:80:e3:08:25:48:15:92:70:7c:ce:87:61:c3:
8b:ba:ac:f2:ce:54:65:55:a3:ca:bb:96:3e:c6:4b:f4:0c:40:
2b:46:25:d2:63:95:bf:f6:89:c6:91:e2:1f:69:8f:d6:9d:6e:
3e:9b:20:df:28:4f:4a:af:89:34:40:94:0c:bf:3d:8b:74:bf:
b2:8f:3b:82:08:9f:79:8f:29:d0:a6:ba:63:bc:36:cd:63:0a:
40:bb:d4:8b:b2:e2:e5:0a:72:c7:4e:3f:94:c9:f9:0d:dd:44:
00:e6:ce:9b:d9:59:d3:94:94:31:b9:29:5c:67:97:52:5e:66:
4d:db:93:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtZOhcE3aAgG7Gf9y4Dcht8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIyMjExMTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTA4NDg0OTI3NjZmNjUyNTRlYzhkN2ZiNDJjZTQ0ODQ0MmY3YjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3+/SbKSTewjf2sZYDKy4VwdrsnI
+HoIjMWTxE0PJsH4XTkg8LSSL2Z5xLeQeDqPAyrlvU0Wc5J64dAW5yZQYDr5mgGN
jQOKXc0ewW0152nuRVqhijfutNUyQWQxQtTPxr80xt5SlZ9sf7DFAi+zEcO3PNfT
dG9VLCxxXr/ju69dPrgr0/jHNAcvvNy8TKQEh35APk3GbHIUqHasAvxX0EL5cwPW
9mUdqSxwmTbZEkd11eIV+0TNR+iYg5ORiC8weGQT86/8zXz06P6PparD6glyF6xx
P//FAiRSGOI/mBZ8kbyOTJlRNihjqzTwGvQnjSwZcT0dBgOAtO+HeBM0UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFEISEknZvZSVOyNf7Qs5EhEL3uQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVVFoSVNTZG05bEpVN0kxX3RDemtTRVF2ZTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKsr6w2qHsobhdTDPveR
s+xUGXRth+k9bIEzEtW5MfnvilsvFAt+Wcu9gIP2oeVpDzUa3CFT+3SXqzjp87RZ
BOALOmMI7hJAFYs0Hwh1mjpb4OwHHIUN0Np/FR1ltEulY8CkDGWsvtvu0KXTy6gZ
9gb145uKlvyp8MXodPfPCspYxf28gOMIJUgVknB8zodhw4u6rPLOVGVVo8q7lj7G
S/QMQCtGJdJjlb/2icaR4h9pj9adbj6bIN8oT0qviTRAlAy/PYt0v7KPO4IIn3mP
KdCmumO8Ns1jCkC71Iuy4uUKcsdOP5TJ+Q3dRADmzpvZWdOUlDG5KVxnl1JeZk3b
k+o=
-----END CERTIFICATE-----
Generated at Tue May 13 11:43:48 2025 by rpki-client