Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qKSJwUV_092BrrxG7RPzkmwoMmk.roa
File: qKSJwUV_092BrrxG7RPzkmwoMmk.roa (raw, json)
Hash identifier: wr2noxgcTQ4Jy3Eq4OJ2CUyqAxhAgZYPKnSNcagrw98=
Subject key identifier: A8:A4:89:C1:45:7F:D3:DD:81:AE:BC:46:ED:13:F3:92:6C:28:32:69
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AAED4B4B7CEB4ACABF1597CACC2BC72B6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qKSJwUV_092BrrxG7RPzkmwoMmk.roa
Signing time: Tue 19 Sep 2023 19:04:50 +0000
ROA not before: Tue 19 Sep 2023 19:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:aed4:3fc4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ae:d4:b4:b7:ce:b4:ac:ab:f1:59:7c:ac:c2:bc:72:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 19 19:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8a489c1457fd3dd81aebc46ed13f3926c283269
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:9a:55:f8:b4:9c:8a:27:44:af:fb:fd:c0:a4:
ab:3e:d1:82:8a:3e:69:3e:82:b3:96:8b:55:8e:fe:
b7:cc:a5:7e:02:bd:f3:1e:df:0d:51:38:2e:00:d9:
f9:05:a0:22:4b:aa:eb:6a:a1:16:be:c2:e1:96:44:
2f:b7:11:cf:75:3a:63:b8:ea:6e:68:ce:ff:8d:45:
de:1a:57:e1:14:f3:2c:64:b7:49:ec:57:93:7b:95:
2a:04:f8:a6:78:99:a4:27:85:06:1c:75:76:14:69:
0f:cc:47:a7:bc:d7:38:7d:11:2f:2f:15:30:5a:71:
c4:b3:15:9a:e6:0f:c4:8d:e2:25:c2:92:fe:f1:a9:
11:96:95:bf:78:89:45:66:4f:c3:b5:58:76:05:18:
96:48:44:8a:3a:5c:33:06:53:64:97:0a:3d:91:dc:
c4:63:d4:f1:7e:2b:ce:96:11:42:d6:65:74:b2:d6:
79:10:62:10:2e:ae:7b:1c:e0:59:11:aa:75:6c:07:
8a:64:b3:93:8d:b1:35:04:0a:ff:aa:5d:9f:bc:ab:
64:35:8c:02:b8:5d:94:a6:e0:fb:b9:54:db:85:e7:
0f:f4:72:cc:fc:b6:3f:ca:ef:91:b1:ac:b1:77:d9:
dc:dc:ec:45:2a:0f:34:42:03:b8:bf:6a:7a:04:97:
ec:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A4:89:C1:45:7F:D3:DD:81:AE:BC:46:ED:13:F3:92:6C:28:32:69
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qKSJwUV_092BrrxG7RPzkmwoMmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:03:e5:ab:4a:56:0c:92:2c:8e:76:1b:3d:02:78:92:df:93:
e1:0c:b6:75:88:7a:60:9b:88:a7:15:eb:59:66:cb:fb:17:0e:
69:91:e1:c1:34:fd:35:ac:59:c6:d6:0d:43:e8:a2:f5:9c:a4:
4b:18:b3:8e:e1:82:d2:1c:36:ac:b7:9d:b1:4a:46:3f:ed:d7:
13:4a:71:b3:ae:2a:b7:2d:7d:bb:2c:4c:aa:0f:e7:9c:05:3b:
73:49:5b:09:6c:d3:cd:82:ee:35:f6:23:3b:d8:b5:77:36:49:
f9:0f:e5:ac:aa:fb:ce:3c:d7:3f:87:9f:f3:c7:98:eb:41:05:
8d:df:10:ce:89:4b:0c:e9:e4:a9:18:cc:16:01:56:4c:1b:97:
1d:f2:7c:59:7d:c5:e5:3d:a5:85:50:51:dd:a3:a8:ae:c7:3f:
a7:29:82:ce:02:88:1d:5d:72:54:77:83:d9:09:f7:26:63:c7:
fb:99:ea:52:9b:9d:45:5d:d9:9f:0d:86:91:42:0d:bc:87:d5:
2e:f4:77:2d:e1:6b:3f:e1:cd:34:e3:7f:43:2c:d3:59:e1:2d:
9a:35:cd:31:b8:01:95:3c:34:87:0d:1b:78:c9:97:90:52:47:
12:74:07:17:09:50:2e:0b:20:51:e5:10:b7:cf:61:65:04:9b:
7f:b5:e3:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqu1LS3zrSsq/FZfKzCvHK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTE5MTkwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGE0ODljMTQ1N2ZkM2RkODFhZWJjNDZlZDEzZjM5MjZjMjgzMjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5pV+LSciidEr/v9wKSrPtGCij5p
PoKzlotVjv63zKV+Ar3zHt8NUTguANn5BaAiS6rraqEWvsLhlkQvtxHPdTpjuOpu
aM7/jUXeGlfhFPMsZLdJ7FeTe5UqBPimeJmkJ4UGHHV2FGkPzEenvNc4fREvLxUw
WnHEsxWa5g/EjeIlwpL+8akRlpW/eIlFZk/DtVh2BRiWSESKOlwzBlNklwo9kdzE
Y9TxfivOlhFC1mV0stZ5EGIQLq57HOBZEap1bAeKZLOTjbE1BAr/ql2fvKtkNYwC
uF2UpuD7uVTbhecP9HLM/LY/yu+Rsayxd9nc3OxFKg80QgO4v2p6BJfsEQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKikicFFf9Pdga68Ru0T85JsKDJpMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcUtTSndVVl8wOTJCcnJ4RzdSUHprbXdvTW1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGAD5atKVgySLI52Gz0C
eJLfk+EMtnWIemCbiKcV61lmy/sXDmmR4cE0/TWsWcbWDUPoovWcpEsYs47hgtIc
Nqy3nbFKRj/t1xNKcbOuKrctfbssTKoP55wFO3NJWwls082C7jX2IzvYtXc2SfkP
5ayq+8481z+Hn/PHmOtBBY3fEM6JSwzp5KkYzBYBVkwblx3yfFl9xeU9pYVQUd2j
qK7HP6cpgs4CiB1dclR3g9kJ9yZjx/uZ6lKbnUVd2Z8NhpFCDbyH1S70dy3haz/h
zTTjf0Ms01nhLZo1zTG4AZU8NIcNG3jJl5BSRxJ0BxcJUC4LIFHlELfPYWUEm3+1
48U=
-----END CERTIFICATE-----
Generated at Thu Jun 19 20:11:16 2025 by rpki-client