Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TQUDPx3rPcAce1mMpjOlLuBLqns.roa
File: TQUDPx3rPcAce1mMpjOlLuBLqns.roa (raw, json)
Hash identifier: eC69sdi0HxX+zn2lHEVf+9m8Z2LUmDf3oPsmulA6yqA=
Subject key identifier: 4D:05:03:3F:1D:EB:3D:C0:1C:7B:59:8C:A6:33:A5:2E:E0:4B:AA:7B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B480F03C372B7959E2F2A0F7398BCE39E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TQUDPx3rPcAce1mMpjOlLuBLqns.roa
Signing time: Thu 19 Oct 2023 13:10:25 +0000
ROA not before: Thu 19 Oct 2023 13:10:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:4809:73c8/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:48:0f:03:c3:72:b7:95:9e:2f:2a:0f:73:98:bc:e3:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 19 13:10:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d05033f1deb3dc01c7b598ca633a52ee04baa7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:8a:37:67:6f:55:75:d9:2c:cb:91:3b:09:94:
6b:1f:30:52:87:90:a6:d8:48:fb:52:a1:47:82:bb:
f9:8f:a3:d5:07:53:d7:2a:62:a9:e6:98:16:24:f6:
f2:97:48:91:ef:b4:d2:4a:bf:75:8b:6a:02:59:34:
a0:d9:9f:da:65:31:98:66:69:d2:a2:09:a2:fc:48:
92:2f:a3:34:32:5c:11:25:1f:77:b8:1a:bb:67:36:
a9:59:d1:85:e9:67:99:3c:11:c9:6f:95:ae:2b:72:
86:ff:a8:ad:f9:cf:92:d6:a5:37:17:85:d0:2d:e6:
7a:27:5e:82:4c:a2:f9:b9:7c:e8:fe:d2:df:cb:09:
e6:24:b3:6f:a6:a8:2d:ce:1e:51:14:6d:91:d6:d5:
39:5e:15:fe:f9:16:f2:4f:76:84:e7:19:46:3d:66:
d6:80:c3:cd:f6:db:56:4d:20:43:40:fb:8d:d1:57:
5e:9e:aa:6c:f3:15:69:50:27:92:92:0c:ff:c9:09:
e5:94:ca:18:b7:4f:f7:27:1a:4b:33:2a:03:6a:31:
c2:a9:d0:9b:38:75:1e:3d:e6:9d:b2:2b:4a:6a:d7:
6a:1b:e6:b2:df:09:11:dd:e4:7c:8b:3c:b3:11:9e:
a5:11:54:ba:ab:c0:92:b0:0f:39:0f:2a:52:94:b9:
ec:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:05:03:3F:1D:EB:3D:C0:1C:7B:59:8C:A6:33:A5:2E:E0:4B:AA:7B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TQUDPx3rPcAce1mMpjOlLuBLqns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:e7:3f:74:52:49:28:07:e5:ee:f1:d3:28:c1:18:f1:f7:5c:
dd:97:23:05:c4:36:56:92:ef:da:7d:e5:71:54:b6:1e:91:73:
00:53:24:6c:cd:9f:8d:3e:df:23:f6:de:81:7d:4d:eb:86:65:
5c:5d:ca:9c:c0:04:7b:a3:e5:76:92:80:e3:4a:83:04:37:e7:
52:06:2b:af:b9:2c:e1:b1:0f:0f:6d:2b:97:83:24:29:5c:37:
b4:18:e3:9b:68:78:6f:7d:16:31:5f:42:91:b5:0d:9f:93:57:
fb:5b:50:a1:f1:fd:18:dc:2c:6c:45:48:46:00:7c:b5:e8:ae:
83:17:a0:ad:18:99:ca:6f:3d:83:4f:53:fc:ca:a5:3a:aa:81:
de:ab:09:0e:12:03:a1:34:0b:8b:98:13:d9:55:7c:d5:69:ac:
e3:a0:a7:2f:b8:2d:de:c3:f9:eb:69:67:a6:cd:b9:3c:cc:c8:
10:a6:f0:4d:23:fa:17:43:a1:92:88:77:ba:ea:9a:45:cf:4a:
23:78:d4:74:89:3c:ba:17:e4:9a:46:35:35:a1:cc:7b:b6:72:
ec:fa:74:33:5a:1a:25:f9:6b:9a:11:e1:24:3c:db:c7:e0:2d:
d8:5d:78:fe:5b:08:97:c9:db:bb:59:a0:d4:68:ec:f0:3c:f6:
7b:04:ff:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtIDwPDcreVni8qD3OYvOOeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE5MTMxMDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDA1MDMzZjFkZWIzZGMwMWM3YjU5OGNhNjMzYTUyZWUwNGJhYTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oo3Z29Vddksy5E7CZRrHzBSh5Cm
2Ej7UqFHgrv5j6PVB1PXKmKp5pgWJPbyl0iR77TSSr91i2oCWTSg2Z/aZTGYZmnS
ogmi/EiSL6M0MlwRJR93uBq7ZzapWdGF6WeZPBHJb5WuK3KG/6it+c+S1qU3F4XQ
LeZ6J16CTKL5uXzo/tLfywnmJLNvpqgtzh5RFG2R1tU5XhX++RbyT3aE5xlGPWbW
gMPN9ttWTSBDQPuN0Vdenqps8xVpUCeSkgz/yQnllMoYt0/3JxpLMyoDajHCqdCb
OHUePeadsitKatdqG+ay3wkR3eR8izyzEZ6lEVS6q8CSsA85DypSlLnsVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE0FAz8d6z3AHHtZjKYzpS7gS6p7MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVFFVRFB4M3JQY0FjZTFtTXBqT2xMdUJMcW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJnnP3RSSSgH5e7x0yjB
GPH3XN2XIwXENlaS79p95XFUth6RcwBTJGzNn40+3yP23oF9TeuGZVxdypzABHuj
5XaSgONKgwQ351IGK6+5LOGxDw9tK5eDJClcN7QY45toeG99FjFfQpG1DZ+TV/tb
UKHx/RjcLGxFSEYAfLXoroMXoK0YmcpvPYNPU/zKpTqqgd6rCQ4SA6E0C4uYE9lV
fNVprOOgpy+4Ld7D+etpZ6bNuTzMyBCm8E0j+hdDoZKId7rqmkXPSiN41HSJPLoX
5JpGNTWhzHu2cuz6dDNaGiX5a5oR4SQ828fgLdhdeP5bCJfJ27tZoNRo7PA89nsE
/yg=
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:07:25 2025 by rpki-client