Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/k_Q3gFemGROvgwVQ4Q90BqebBQk.roa
File: k_Q3gFemGROvgwVQ4Q90BqebBQk.roa (raw, json)
Hash identifier: +zt8H1bCBFkyanTswYrfCN2VoNkpGzLP04cES0HTNHc=
Subject key identifier: 93:F4:37:80:57:A6:19:13:AF:83:05:50:E1:0F:74:06:A7:9B:05:09
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0441CFDE50F3FD63278195B460392ACE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/k_Q3gFemGROvgwVQ4Q90BqebBQk.roa
Signing time: Fri 06 Oct 2023 09:11:43 +0000
ROA not before: Fri 06 Oct 2023 09:11:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:41:cf:de:50:f3:fd:63:27:81:95:b4:60:39:2a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 09:11:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93f4378057a61913af830550e10f7406a79b0509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4f:49:e0:51:1b:57:9a:9b:34:5e:28:fb:fc:
9b:df:a5:2e:6a:aa:e4:36:9f:a3:23:a0:d3:e6:f5:
8f:e1:b0:9e:2a:ec:a6:e5:56:c3:2d:5e:49:80:c3:
b1:ee:97:c1:50:17:2c:9a:a9:d7:68:c7:d1:d8:32:
15:81:91:4a:81:e9:31:f9:c1:b7:3f:d3:3d:8f:1c:
49:a4:4e:c4:30:33:52:f7:2d:3a:00:ac:ed:dd:5e:
11:9f:51:61:2b:9a:d9:af:56:55:ba:84:88:36:9e:
46:de:14:3c:81:fb:5e:f6:4a:68:bd:72:ef:b9:15:
cf:b6:1d:07:24:80:e2:0d:f2:db:38:e2:a7:e4:30:
1b:a2:cb:85:b6:d7:0f:c9:2f:dc:ff:db:43:e9:85:
a8:73:12:be:fa:58:d8:ce:a0:3b:b7:d3:27:5c:fa:
1b:bf:3e:8f:95:6c:20:93:d3:c7:e1:95:aa:95:cc:
31:3d:fb:48:49:6c:32:2c:64:42:81:9f:aa:81:97:
ff:61:ef:37:25:06:fa:0a:ec:de:40:92:c5:53:6a:
96:1d:d6:4f:3b:14:ed:52:c1:cb:6e:ca:ef:1f:a7:
41:c5:52:12:40:7c:c6:c9:8b:9a:e2:f0:2c:46:63:
aa:e4:27:dd:ab:bb:4d:7e:b6:34:2f:87:3e:55:3d:
44:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F4:37:80:57:A6:19:13:AF:83:05:50:E1:0F:74:06:A7:9B:05:09
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/k_Q3gFemGROvgwVQ4Q90BqebBQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:c8:a2:30:13:8b:bb:40:ef:f8:13:a6:4f:9a:ed:1c:f5:dc:
bf:bb:90:a5:86:01:e9:e8:a1:3e:f9:4d:8b:5c:38:13:79:b8:
5d:fb:ce:98:14:28:3d:9d:40:dc:2f:30:fd:ff:92:13:9a:5e:
06:66:7a:2b:ee:df:b2:5f:55:d6:a8:5b:77:7b:cb:3f:0a:d1:
d6:ff:67:fe:43:64:75:92:a0:60:b0:2f:1e:8d:1d:9b:f5:81:
56:a3:5a:8f:d6:02:05:19:53:c8:7c:49:32:a9:1f:67:24:85:
72:20:cd:30:4d:3a:2d:e9:7c:42:5a:87:ac:76:9e:fd:fc:67:
35:b0:8e:03:83:99:22:5d:5a:a2:cf:b7:0b:27:3a:c9:37:22:
8e:85:ca:63:bb:8a:da:b8:ab:48:67:9e:0c:b5:e1:bc:79:d9:
68:9c:97:cd:bd:ed:fd:45:85:e6:ba:d0:04:6b:a9:d5:7b:23:
e3:71:72:02:a0:3a:13:96:54:63:65:7d:44:ea:0e:a1:8c:08:
b1:e4:57:38:5a:d3:21:f9:bb:78:d1:df:38:e3:c7:21:64:c1:
60:ba:c9:b3:90:b4:2d:72:5c:fc:fc:20:a1:c1:3c:5f:1c:2a:
95:77:55:e3:26:7f:bd:54:6e:38:36:53:28:84:3c:93:aa:89:
16:54:19:cf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsEQc/eUPP9YyeBlbRgOSrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MDkxMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Y0Mzc4MDU3YTYxOTEzYWY4MzA1NTBlMTBmNzQwNmE3OWIwNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU9J4FEbV5qbNF4o+/yb36Uuaqrk
Np+jI6DT5vWP4bCeKuym5VbDLV5JgMOx7pfBUBcsmqnXaMfR2DIVgZFKgekx+cG3
P9M9jxxJpE7EMDNS9y06AKzt3V4Rn1FhK5rZr1ZVuoSINp5G3hQ8gfte9kpovXLv
uRXPth0HJIDiDfLbOOKn5DAbosuFttcPyS/c/9tD6YWocxK++ljYzqA7t9MnXPob
vz6PlWwgk9PH4ZWqlcwxPftISWwyLGRCgZ+qgZf/Ye83JQb6CuzeQJLFU2qWHdZP
OxTtUsHLbsrvH6dBxVISQHzGyYua4vAsRmOq5Cfdq7tNfrY0L4c+VT1E1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJP0N4BXphkTr4MFUOEPdAanmwUJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEva19RM2dGZW1HUk92Z3dWUTRROTBCcWViQlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANLIojATi7tA7/gTpk+a
7Rz13L+7kKWGAenooT75TYtcOBN5uF37zpgUKD2dQNwvMP3/khOaXgZmeivu37Jf
VdaoW3d7yz8K0db/Z/5DZHWSoGCwLx6NHZv1gVajWo/WAgUZU8h8STKpH2ckhXIg
zTBNOi3pfEJah6x2nv38ZzWwjgODmSJdWqLPtwsnOsk3Io6FymO7itq4q0hnngy1
4bx52Wicl8297f1Fhea60ARrqdV7I+NxcgKgOhOWVGNlfUTqDqGMCLHkVzha0yH5
u3jR3zjjxyFkwWC6ybOQtC1yXPz8IKHBPF8cKpV3VeMmf71Ubjg2UyiEPJOqiRZU
Gc8=
-----END CERTIFICATE-----
Generated at Mon May 12 04:29:19 2025 by rpki-client