Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fQIqhnWx0A3u-u-Pi3mTB4veg80.roa
File: fQIqhnWx0A3u-u-Pi3mTB4veg80.roa (raw, json)
Hash identifier: tztxl6kYNBksd6WPXKKnWp3FGzl7XGBWzCseoGxsLg4=
Subject key identifier: 7D:02:2A:86:75:B1:D0:0D:EE:FA:EF:8F:8B:79:93:07:8B:DE:83:CD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BEB555BCA8E92F072D813E8D790B9B287
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fQIqhnWx0A3u-u-Pi3mTB4veg80.roa
Signing time: Mon 20 Nov 2023 06:05:21 +0000
ROA not before: Mon 20 Nov 2023 06:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18b:eb54:7e3f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:eb:55:5b:ca:8e:92:f0:72:d8:13:e8:d7:90:b9:b2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 20 06:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d022a8675b1d00deefaef8f8b7993078bde83cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:48:99:9a:a2:c3:e5:a7:a2:1c:e8:53:50:cf:
b4:f6:cc:34:97:2f:46:21:5f:04:9a:c2:c4:f1:32:
b0:1b:d9:a2:42:f0:96:cf:78:4c:13:14:a2:b4:ec:
c5:9b:aa:92:30:67:dd:29:90:2d:3f:91:9c:cf:67:
7d:26:b8:cd:6c:33:1e:97:78:1d:95:f7:78:81:71:
f2:b4:ad:dc:9b:7d:d0:21:ce:b5:29:07:52:29:8d:
b2:31:7a:8a:e6:80:e1:51:5a:10:57:65:18:7d:13:
c1:e1:d7:89:00:4f:a9:d5:00:84:a2:fd:d4:dd:ed:
07:f6:95:f2:cb:46:42:a8:7d:76:e0:9a:12:2b:01:
a2:5b:ff:1e:14:7d:cc:fc:a0:63:29:8b:97:79:57:
6e:08:c0:8f:b4:a9:49:a2:74:d2:28:40:a2:ee:5e:
2a:8c:3e:b3:9a:85:aa:bc:c1:99:b3:d3:42:23:ca:
37:5e:12:4f:03:81:b6:f4:32:27:e3:82:16:ab:71:
2b:f7:c8:a1:a7:1f:c9:78:42:a5:a9:bd:bb:e9:8c:
6a:72:c2:03:42:17:a1:92:cd:8b:0e:69:b2:a9:c3:
01:5c:9a:2c:a5:0b:a0:97:79:63:ba:34:b2:18:5d:
6c:0e:63:fb:a1:88:cb:d6:a6:ae:2b:20:dc:30:b1:
9f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:02:2A:86:75:B1:D0:0D:EE:FA:EF:8F:8B:79:93:07:8B:DE:83:CD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/fQIqhnWx0A3u-u-Pi3mTB4veg80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
83:79:e8:93:6a:1c:59:60:e4:be:31:a0:6c:af:4e:f5:4b:5e:
35:c2:a1:f2:f4:70:35:f3:37:27:61:64:9a:45:6e:ab:47:ac:
58:aa:4e:d4:39:5c:a0:b3:90:3a:14:f3:b7:0f:68:60:a7:33:
cc:a3:20:ce:97:41:a7:b0:fe:54:91:35:f1:ab:14:a0:74:51:
82:30:da:05:c4:e5:42:cc:cc:11:c8:ce:72:e1:cf:d2:65:e9:
e8:6f:4d:54:66:77:fa:a5:7b:0c:d5:2c:8e:07:71:73:1a:05:
06:2e:e2:18:d1:26:24:1c:65:48:92:55:45:30:2f:63:e5:1c:
20:aa:1b:fe:b8:2a:3a:ec:3d:2b:c4:50:11:31:3b:bf:1a:f7:
0f:c5:3c:73:43:ea:2a:45:dd:79:11:9b:f5:5f:46:ea:40:2a:
c2:68:43:30:a6:98:39:d9:76:15:18:54:07:ac:ff:64:88:94:
2d:0e:b0:ca:37:19:58:2f:ce:1d:6e:81:5d:83:da:f4:dc:6d:
6e:ad:e2:6d:37:f3:39:73:0d:c5:0b:38:cd:90:18:fe:d6:1a:
d9:b7:a0:ee:3f:92:aa:82:83:61:85:e6:2e:15:9a:10:7b:cc:
2f:da:0c:30:e9:42:5f:44:6f:78:86:76:ef:ba:a8:73:eb:88:
a9:af:44:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvrVVvKjpLwctgT6NeQubKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIwMDYwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDAyMmE4Njc1YjFkMDBkZWVmYWVmOGY4Yjc5OTMwNzhiZGU4M2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0iZmqLD5aeiHOhTUM+09sw0ly9G
IV8EmsLE8TKwG9miQvCWz3hMExSitOzFm6qSMGfdKZAtP5Gcz2d9JrjNbDMel3gd
lfd4gXHytK3cm33QIc61KQdSKY2yMXqK5oDhUVoQV2UYfRPB4deJAE+p1QCEov3U
3e0H9pXyy0ZCqH124JoSKwGiW/8eFH3M/KBjKYuXeVduCMCPtKlJonTSKECi7l4q
jD6zmoWqvMGZs9NCI8o3XhJPA4G29DIn44IWq3Er98ihpx/JeEKlqb276YxqcsID
Qhehks2LDmmyqcMBXJospQugl3ljujSyGF1sDmP7oYjL1qauKyDcMLGfcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH0CKoZ1sdAN7vrvj4t5kweL3oPNMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvZlFJcWhuV3gwQTN1LXUtUGkzbVRCNHZlZzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIN56JNqHFlg5L4xoGyv
TvVLXjXCofL0cDXzNydhZJpFbqtHrFiqTtQ5XKCzkDoU87cPaGCnM8yjIM6XQaew
/lSRNfGrFKB0UYIw2gXE5ULMzBHIznLhz9Jl6ehvTVRmd/qlewzVLI4HcXMaBQYu
4hjRJiQcZUiSVUUwL2PlHCCqG/64KjrsPSvEUBExO78a9w/FPHND6ipF3XkRm/Vf
RupAKsJoQzCmmDnZdhUYVAes/2SIlC0OsMo3GVgvzh1ugV2D2vTcbW6t4m038zlz
DcULOM2QGP7WGtm3oO4/kqqCg2GF5i4VmhB7zC/aDDDpQl9Eb3iGdu+6qHPriKmv
RFU=
-----END CERTIFICATE-----
Generated at Thu Jun 19 14:00:39 2025 by rpki-client