Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fqR-vjTg_dCyjjAA95EFLFUDQrU.roa
File: fqR-vjTg_dCyjjAA95EFLFUDQrU.roa (raw, json)
Hash identifier: 1AzaAitC9yuLRs7XSNNbZjotu5JOeGk8dvuU0QS4BZI=
Subject key identifier: 7E:A4:7E:BE:34:E0:FD:D0:B2:8E:30:00:F7:91:05:2C:55:03:42:B5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B070CD6AE1EEE39AEDC5334CA904B164F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fqR-vjTg_dCyjjAA95EFLFUDQrU.roa
Signing time: Fri 06 Oct 2023 22:12:43 +0000
ROA not before: Fri 06 Oct 2023 22:12:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:07:0c:d6:ae:1e:ee:39:ae:dc:53:34:ca:90:4b:16:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 22:12:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ea47ebe34e0fdd0b28e3000f791052c550342b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:74:06:b5:d1:4c:35:b1:b9:33:19:02:81:c0:
be:03:6f:11:ae:69:48:e0:75:f6:06:e4:28:49:76:
e4:15:83:17:77:83:46:d5:88:94:46:2f:5a:5f:c4:
07:36:40:ca:4f:e0:0a:66:36:67:e0:eb:bf:cf:12:
40:19:93:80:bb:b5:0f:e2:8d:fe:52:dd:3f:51:50:
70:61:99:d0:36:bc:8b:e0:47:70:8c:26:21:89:42:
ab:c1:5f:40:63:f9:1d:bd:a0:bc:88:88:13:b5:55:
b9:38:bf:1a:36:d4:18:ef:53:55:43:e5:f2:d6:6e:
14:03:1a:a4:3f:80:02:48:0f:91:03:fd:bf:04:89:
1a:46:28:c6:60:aa:79:ba:d8:68:b0:d2:21:99:23:
96:a3:59:ee:69:94:2a:ec:6a:6d:fd:ba:45:65:64:
48:ff:2b:16:35:8f:79:92:e6:70:40:81:a1:08:4d:
b1:51:5c:23:ef:0d:e2:e1:28:1f:ff:9e:33:c1:d7:
1d:de:0a:9d:e7:2f:f0:b8:b2:c9:b6:aa:82:a2:19:
8a:60:1e:f7:18:85:0b:8a:d4:26:77:d1:5d:3a:86:
88:ca:35:98:cc:d3:6a:2c:9b:f9:dd:11:3c:1a:07:
98:44:65:0f:06:f6:a7:5a:1c:2b:84:e3:c8:7e:e7:
3f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:A4:7E:BE:34:E0:FD:D0:B2:8E:30:00:F7:91:05:2C:55:03:42:B5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fqR-vjTg_dCyjjAA95EFLFUDQrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bd:61:1d:9c:c7:49:37:29:9e:59:b7:60:c7:a8:40:29:96:f8:
af:07:97:7f:e3:e6:8d:1b:c0:1e:7f:3a:98:e2:e9:28:f7:06:
73:b7:9b:dc:7e:26:b8:21:16:99:fd:e5:c1:a2:9f:51:d9:f2:
e8:83:e1:dd:b9:9a:cd:39:88:8e:fc:27:48:da:f4:9c:02:77:
c3:a9:a2:87:fd:0d:18:c6:3f:86:00:e2:03:0c:a2:cb:b1:4d:
53:4b:dc:4b:a1:df:29:b9:49:c3:a6:e6:7d:46:9b:d4:db:0a:
32:15:45:e7:f9:8b:fd:fc:dc:b6:28:1a:90:69:0c:7a:34:f4:
f0:27:02:ff:91:50:3c:c6:54:dc:61:0e:b9:1f:b9:2c:6a:96:
7a:74:b2:82:70:a8:3b:59:69:53:91:f3:c9:65:1c:19:7d:e1:
cd:ad:fc:1a:35:04:07:e2:82:11:51:b8:34:c3:14:26:28:c8:
fd:f2:91:31:67:b5:d1:72:e8:07:f6:77:35:4d:57:0a:1d:db:
c9:82:5c:a0:d4:d3:cc:37:d5:3c:15:a4:70:2f:ca:3d:80:28:
aa:45:9c:77:a6:9f:5e:aa:53:c5:27:8e:40:54:17:80:df:d3:
12:e0:da:22:87:f6:fa:01:33:43:ed:65:1b:d4:e6:2e:3e:33:
05:74:10:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsHDNauHu45rtxTNMqQSxZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MjIxMjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWE0N2ViZTM0ZTBmZGQwYjI4ZTMwMDBmNzkxMDUyYzU1MDM0MmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XQGtdFMNbG5MxkCgcC+A28RrmlI
4HX2BuQoSXbkFYMXd4NG1YiURi9aX8QHNkDKT+AKZjZn4Ou/zxJAGZOAu7UP4o3+
Ut0/UVBwYZnQNryL4EdwjCYhiUKrwV9AY/kdvaC8iIgTtVW5OL8aNtQY71NVQ+Xy
1m4UAxqkP4ACSA+RA/2/BIkaRijGYKp5uthosNIhmSOWo1nuaZQq7Gpt/bpFZWRI
/ysWNY95kuZwQIGhCE2xUVwj7w3i4Sgf/54zwdcd3gqd5y/wuLLJtqqCohmKYB73
GIULitQmd9FdOoaIyjWYzNNqLJv53RE8GgeYRGUPBvanWhwrhOPIfuc/swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH6kfr404P3Qso4wAPeRBSxVA0K1MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZnFSLXZqVGdfZEN5ampBQTk1RUZMRlVEUXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL1hHZzHSTcpnlm3YMeo
QCmW+K8Hl3/j5o0bwB5/Opji6Sj3BnO3m9x+JrghFpn95cGin1HZ8uiD4d25ms05
iI78J0ja9JwCd8Opoof9DRjGP4YA4gMMosuxTVNL3Euh3ym5ScOm5n1Gm9TbCjIV
Ref5i/383LYoGpBpDHo09PAnAv+RUDzGVNxhDrkfuSxqlnp0soJwqDtZaVOR88ll
HBl94c2t/Bo1BAfighFRuDTDFCYoyP3ykTFntdFy6Af2dzVNVwod28mCXKDU08w3
1TwVpHAvyj2AKKpFnHemn16qU8UnjkBUF4Df0xLg2iKH9voBM0PtZRvU5i4+MwV0
EHs=
-----END CERTIFICATE-----
Generated at Mon May 12 13:33:17 2025 by rpki-client