Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qzC-emv2OuXVPkhV8CYk0etm8ng.roa
File: qzC-emv2OuXVPkhV8CYk0etm8ng.roa (raw, json)
Hash identifier: dmIQpPN7os3iToeU93nxdmL+7sdAKjU5GnR3dJG1Zk4=
Subject key identifier: AB:30:BE:7A:6B:F6:3A:E5:D5:3E:48:55:F0:26:24:D1:EB:66:F2:78
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B86EEC1A793D552E32FD241BDED83F38E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qzC-emv2OuXVPkhV8CYk0etm8ng.roa
Signing time: Tue 31 Oct 2023 18:11:15 +0000
ROA not before: Tue 31 Oct 2023 18:11:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:86:ee:c1:a7:93:d5:52:e3:2f:d2:41:bd:ed:83:f3:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 18:11:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab30be7a6bf63ae5d53e4855f02624d1eb66f278
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:4c:47:48:61:b2:60:87:e4:1c:60:99:92:27:
8c:de:be:17:0e:73:89:82:4a:cf:7f:63:4f:cf:8b:
d8:fa:c6:b2:5a:97:b2:d4:c8:57:ac:00:f3:0c:b3:
f1:75:24:83:60:34:ef:fc:f3:0d:22:e7:29:0a:76:
c3:0c:95:dc:29:ab:50:56:51:d9:e1:a1:b2:fd:d3:
b4:f4:06:86:50:04:c8:c4:36:41:17:1a:a7:d0:83:
39:b0:6e:3c:48:fa:b3:ad:87:f0:56:bf:5b:f6:bf:
66:a5:f4:5c:b2:b3:00:73:dc:a5:79:06:33:03:7e:
21:02:4a:28:97:b7:14:7b:e8:83:09:2b:2d:4c:c3:
cf:09:2d:01:49:dc:7e:35:d8:24:9c:56:e8:d2:d8:
d9:6f:32:0e:56:9d:bd:22:08:98:66:36:6b:3f:3d:
be:02:fd:2f:b9:00:4c:51:fb:97:a6:a4:27:14:b2:
21:f7:5d:fe:23:7c:9c:59:b1:fe:ed:82:75:39:1c:
08:5d:71:9b:6a:84:63:d4:84:53:c1:f6:38:32:28:
42:08:8e:ad:29:de:52:f2:3e:56:47:5a:46:51:4a:
bd:97:10:8d:85:10:74:a8:3a:b7:f9:fd:51:80:92:
ae:5c:ae:67:62:ff:c7:11:98:24:28:a7:62:07:49:
0b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:30:BE:7A:6B:F6:3A:E5:D5:3E:48:55:F0:26:24:D1:EB:66:F2:78
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qzC-emv2OuXVPkhV8CYk0etm8ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
70:60:18:a6:8d:01:16:e2:1a:e4:5b:aa:ea:44:cc:21:9a:71:
30:be:1a:b4:c9:66:fd:67:41:3d:39:de:5f:50:ba:ac:e4:c6:
e1:af:3f:2b:45:68:84:41:18:1b:4c:29:43:70:ff:cc:53:f4:
0f:a0:9e:99:dd:cf:0b:52:4b:08:55:c7:40:08:40:eb:83:c2:
51:b7:ca:af:c4:1f:9e:c0:33:e4:ec:16:cf:90:5c:3c:f5:7a:
3c:e0:86:08:6e:1e:8c:c5:b3:bc:bb:52:eb:90:ed:3a:2c:b5:
b8:22:07:38:22:eb:3c:2e:1c:a2:2e:a2:f0:af:1b:40:b6:e4:
96:24:a4:20:e5:4b:75:8e:72:bb:4e:08:c4:6d:90:3e:fb:c0:
9e:57:04:9b:35:d2:a7:fc:20:88:c8:ff:a7:ac:d8:49:66:72:
d6:d4:2e:1f:c2:d5:59:2d:1c:ea:a2:76:30:2d:40:43:5f:d7:
23:ce:1a:62:98:8c:a9:d1:00:8c:16:a9:8e:98:cc:9f:39:45:
e4:aa:2a:d0:0e:28:ba:7b:57:e5:f2:31:12:0e:0e:d0:46:70:
f8:86:51:ca:ba:bb:54:26:dc:13:16:98:69:e3:a6:6d:a0:1b:
58:09:42:4b:0c:81:fa:e9:8a:d8:96:76:33:de:cd:4b:26:18:
04:c7:aa:e2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuG7sGnk9VS4y/SQb3tg/OOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMTgxMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjMwYmU3YTZiZjYzYWU1ZDUzZTQ4NTVmMDI2MjRkMWViNjZmMjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0xHSGGyYIfkHGCZkieM3r4XDnOJ
gkrPf2NPz4vY+sayWpey1MhXrADzDLPxdSSDYDTv/PMNIucpCnbDDJXcKatQVlHZ
4aGy/dO09AaGUATIxDZBFxqn0IM5sG48SPqzrYfwVr9b9r9mpfRcsrMAc9yleQYz
A34hAkool7cUe+iDCSstTMPPCS0BSdx+NdgknFbo0tjZbzIOVp29IgiYZjZrPz2+
Av0vuQBMUfuXpqQnFLIh913+I3ycWbH+7YJ1ORwIXXGbaoRj1IRTwfY4MihCCI6t
Kd5S8j5WR1pGUUq9lxCNhRB0qDq3+f1RgJKuXK5nYv/HEZgkKKdiB0kL7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKswvnpr9jrl1T5IVfAmJNHrZvJ4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcXpDLWVtdjJPdVhWUGtoVjhDWWswZXRtOG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHBgGKaNARbiGuRbqupE
zCGacTC+GrTJZv1nQT053l9QuqzkxuGvPytFaIRBGBtMKUNw/8xT9A+gnpndzwtS
SwhVx0AIQOuDwlG3yq/EH57AM+TsFs+QXDz1ejzghghuHozFs7y7UuuQ7Tostbgi
Bzgi6zwuHKIuovCvG0C25JYkpCDlS3WOcrtOCMRtkD77wJ5XBJs10qf8IIjI/6es
2ElmctbULh/C1VktHOqidjAtQENf1yPOGmKYjKnRAIwWqY6YzJ85ReSqKtAOKLp7
V+XyMRIODtBGcPiGUcq6u1Qm3BMWmGnjpm2gG1gJQksMgfrpitiWdjPezUsmGATH
quI=
-----END CERTIFICATE-----
Generated at Sat May 10 20:02:00 2025 by rpki-client