Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n6QzcJZcNUFRajkOrBwp0Dba7jk.roa
File: n6QzcJZcNUFRajkOrBwp0Dba7jk.roa (raw, json)
Hash identifier: gQM9JiAbhFD4Z8XteHYYU3GMgBmtj9QsbYkLrhB+bs8=
Subject key identifier: 9F:A4:33:70:96:5C:35:41:51:6A:39:0E:AC:1C:29:D0:36:DA:EE:39
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD65630181CD232006C6AE7CED6264A3C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n6QzcJZcNUFRajkOrBwp0Dba7jk.roa
Signing time: Wed 27 Sep 2023 11:11:27 +0000
ROA not before: Wed 27 Sep 2023 11:11:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:56:30:18:1c:d2:32:00:6c:6a:e7:ce:d6:26:4a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 27 11:11:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fa43370965c3541516a390eac1c29d036daee39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:51:2a:75:9a:58:91:77:8e:ba:df:86:8f:ef:
03:d2:c6:42:e8:2a:88:3b:2b:5d:de:9f:7e:c3:d6:
bf:c8:04:0f:66:4f:d2:94:20:7e:b2:58:81:9d:62:
79:74:c1:c7:3c:32:8c:22:d1:79:98:37:d2:10:43:
3f:9a:27:7c:05:2c:8b:e6:9f:3f:6a:bb:fd:6c:f9:
10:5a:10:ff:d6:ec:5d:c0:28:60:d3:5a:33:36:0f:
93:2e:67:dd:9a:60:d1:f2:bf:cc:d7:50:d6:a5:4c:
1d:1a:e0:0a:63:0e:cc:2e:f1:60:83:10:87:3b:1f:
6f:92:05:19:98:17:32:67:8b:7b:a5:e5:8a:9d:a5:
3d:ff:bc:38:f5:e9:e0:5b:05:8c:16:2a:04:4b:e0:
49:50:e1:72:89:fe:b0:c1:6f:bb:09:89:f7:ca:ad:
d1:a1:c6:90:34:86:04:e5:a8:54:8c:31:a4:3b:e5:
31:6e:03:89:73:57:2d:8f:5e:e4:26:10:f7:04:5b:
1a:c3:cc:10:42:c3:01:c7:03:9f:9d:21:7d:89:4e:
b3:dd:9b:4f:88:ab:d4:a7:ac:9f:5f:2b:57:3e:2a:
03:9e:79:3f:77:3e:ad:96:4f:83:6a:94:3e:8d:48:
11:ee:a7:2c:5b:67:f9:04:5e:3c:dc:03:68:9a:8d:
0b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A4:33:70:96:5C:35:41:51:6A:39:0E:AC:1C:29:D0:36:DA:EE:39
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/n6QzcJZcNUFRajkOrBwp0Dba7jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
02:2e:3c:55:88:c7:d2:86:d0:fa:f9:2a:44:93:96:12:15:6d:
7e:b8:89:54:8b:d9:63:11:d1:6e:08:12:5e:3f:8d:4d:3a:94:
fa:d8:f7:c3:72:58:cb:6d:2c:2d:10:3e:27:04:c8:10:b0:6a:
42:73:bf:3e:ba:23:6c:7e:13:7d:7b:19:32:6a:87:74:23:f7:
45:c6:3c:2e:46:72:e9:27:04:a4:cd:15:56:01:e5:22:a4:00:
c0:a1:35:37:74:97:f6:d1:f4:27:4d:b5:45:b0:94:b7:40:55:
45:03:8e:ca:06:16:3a:fb:8a:4e:08:c9:e6:f5:b7:c6:01:8c:
e2:63:88:27:06:25:5c:ac:2f:be:cd:b3:ce:5b:b1:fc:67:fa:
f8:02:0e:5c:4c:b1:00:67:0a:fd:46:c2:67:73:ec:0b:e4:ff:
55:50:41:ba:2a:62:8f:a1:7b:1e:f3:2c:80:92:2a:2d:1a:35:
44:4d:d2:2d:1f:a1:83:87:17:68:bd:19:ac:bf:af:79:bc:7c:
83:26:b1:60:bf:34:7d:fa:40:0d:ee:70:18:f1:f7:df:23:f5:
30:a6:51:0a:7f:fa:0a:43:29:81:26:21:21:f2:58:2d:ae:b7:
fc:91:93:9e:e3:51:c3:50:46:4f:79:4c:2f:81:17:c7:e3:22:
41:68:1d:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrWVjAYHNIyAGxq587WJko8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI3MTExMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmE0MzM3MDk2NWMzNTQxNTE2YTM5MGVhYzFjMjlkMDM2ZGFlZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllEqdZpYkXeOut+Gj+8D0sZC6CqI
Oytd3p9+w9a/yAQPZk/SlCB+sliBnWJ5dMHHPDKMItF5mDfSEEM/mid8BSyL5p8/
arv9bPkQWhD/1uxdwChg01ozNg+TLmfdmmDR8r/M11DWpUwdGuAKYw7MLvFggxCH
Ox9vkgUZmBcyZ4t7peWKnaU9/7w49engWwWMFioES+BJUOFyif6wwW+7CYn3yq3R
ocaQNIYE5ahUjDGkO+UxbgOJc1ctj17kJhD3BFsaw8wQQsMBxwOfnSF9iU6z3ZtP
iKvUp6yfXytXPioDnnk/dz6tlk+DapQ+jUgR7qcsW2f5BF483ANomo0L4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ+kM3CWXDVBUWo5DqwcKdA22u45MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbjZRemNKWmNOVUZSYWprT3JCd3AwRGJhN2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAIuPFWIx9KG0Pr5KkST
lhIVbX64iVSL2WMR0W4IEl4/jU06lPrY98NyWMttLC0QPicEyBCwakJzvz66I2x+
E317GTJqh3Qj90XGPC5GcuknBKTNFVYB5SKkAMChNTd0l/bR9CdNtUWwlLdAVUUD
jsoGFjr7ik4Iyeb1t8YBjOJjiCcGJVysL77Ns85bsfxn+vgCDlxMsQBnCv1Gwmdz
7Avk/1VQQboqYo+hex7zLICSKi0aNURN0i0foYOHF2i9Gay/r3m8fIMmsWC/NH36
QA3ucBjx998j9TCmUQp/+gpDKYEmISHyWC2ut/yRk57jUcNQRk95TC+BF8fjIkFo
HZI=
-----END CERTIFICATE-----
Generated at Sun May 11 14:53:29 2025 by rpki-client