Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qTlffzo44UiCAKACohI8tuwlcOg.roa
File: qTlffzo44UiCAKACohI8tuwlcOg.roa (raw, json)
Hash identifier: 3T/fieIXFisjPxdsfD4MYzp1Xncrn+/CxpiEzOWIgiQ=
Subject key identifier: A9:39:5F:7F:3A:38:E1:48:82:00:A0:02:A2:12:3C:B6:EC:25:70:E8
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C0EF401EED1AA3F34668796D2D8383C4E
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qTlffzo44UiCAKACohI8tuwlcOg.roa
Signing time: Mon 27 Nov 2023 04:05:21 +0000
ROA not before: Mon 27 Nov 2023 04:05:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:ef3:1627/128 maxlen: 128
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:0e:f4:01:ee:d1:aa:3f:34:66:87:96:d2:d8:38:3c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 04:05:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a9395f7f3a38e1488200a002a2123cb6ec2570e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2d:ea:54:79:41:c8:60:1d:3e:d8:fe:13:d0:
eb:47:a4:e0:08:73:44:e8:72:aa:30:26:20:9c:dd:
71:bf:3a:a4:d8:47:62:5f:ee:a2:a8:a2:99:62:5b:
ec:0e:60:9c:99:d5:91:3a:f2:99:76:2d:12:ee:9f:
8c:47:d0:10:88:11:57:6f:21:0d:74:ff:cd:a6:6d:
65:b4:43:de:5f:7c:c5:3c:c4:db:70:70:f5:a4:c0:
89:73:d6:ec:69:da:46:f1:ab:e3:f3:12:bf:20:ea:
38:43:78:91:dc:79:af:08:52:ec:79:f1:01:99:25:
09:9d:19:44:31:e8:fa:a8:58:3d:2b:f8:d0:a9:71:
a9:75:e2:b4:46:3e:bd:dc:d2:eb:e3:49:fb:79:da:
d7:b1:8a:ef:d1:55:fd:39:55:b4:09:55:36:95:1f:
21:29:15:bf:04:f8:2f:b5:1d:e2:5b:f1:7f:46:f8:
01:fb:3b:b6:0d:9b:70:d1:5f:d4:6c:64:43:69:4d:
fb:af:da:ee:3f:03:be:96:eb:b2:34:13:13:05:80:
b3:88:f6:dc:4b:d1:d3:f0:ba:75:c3:cd:70:63:c6:
c8:a3:c0:c6:57:a0:e6:1e:36:a9:dc:97:b1:de:e7:
65:cf:da:1c:bf:02:59:3a:bb:2b:fc:2a:25:e9:79:
78:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:39:5F:7F:3A:38:E1:48:82:00:A0:02:A2:12:3C:B6:EC:25:70:E8
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/qTlffzo44UiCAKACohI8tuwlcOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:f6:bd:e8:29:30:79:a7:f4:70:cf:de:9e:26:19:2a:d9:fb:
a2:66:22:42:4f:e8:4c:40:3f:55:33:08:ef:95:5a:3b:58:6c:
f7:99:59:1e:e9:93:60:e8:d8:da:bb:ab:de:a3:90:18:b9:96:
f5:88:d0:63:56:bf:e3:f2:60:dc:c2:a4:17:dd:0b:ae:05:61:
ce:57:ef:5b:8b:fe:4f:da:f5:76:6d:04:69:0f:2b:fc:e8:65:
f4:4b:28:fd:ac:7a:0d:db:6e:0f:1c:75:ae:29:f0:01:f5:e7:
d9:26:50:dd:e7:8f:ca:48:e6:fd:7b:60:7a:5c:9a:9a:05:14:
d3:7c:74:f1:97:da:a8:f5:4e:ed:9e:a1:43:52:ff:55:3c:2b:
48:00:93:ff:6a:98:ae:77:19:c5:8a:af:7b:ee:c6:7b:e7:02:
59:52:3e:61:60:e7:f1:d2:2f:4f:df:db:c8:0f:3e:e2:c5:69:
6e:89:23:27:a9:27:a1:f2:05:83:5a:09:c1:42:30:6e:12:4e:
a6:95:b5:bf:78:c4:a2:8d:49:c3:da:30:07:5b:14:a3:34:44:
25:19:82:83:c5:71:88:2d:e9:2d:a8:47:97:0a:c6:55:90:d8:
40:04:a2:73:0d:c2:b0:7b:d9:40:01:f6:5c:a1:af:b2:d4:e0:
dc:cf:c6:bc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwO9AHu0ao/NGaHltLYODxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MDQwNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM5NWY3ZjNhMzhlMTQ4ODIwMGEwMDJhMjEyM2NiNmVjMjU3MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy3qVHlByGAdPtj+E9DrR6TgCHNE
6HKqMCYgnN1xvzqk2EdiX+6iqKKZYlvsDmCcmdWROvKZdi0S7p+MR9AQiBFXbyEN
dP/Npm1ltEPeX3zFPMTbcHD1pMCJc9bsadpG8avj8xK/IOo4Q3iR3HmvCFLsefEB
mSUJnRlEMej6qFg9K/jQqXGpdeK0Rj693NLr40n7edrXsYrv0VX9OVW0CVU2lR8h
KRW/BPgvtR3iW/F/RvgB+zu2DZtw0V/UbGRDaU37r9ruPwO+luuyNBMTBYCziPbc
S9HT8Lp1w81wY8bIo8DGV6DmHjap3Jex3udlz9ocvwJZOrsr/Col6Xl47QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKk5X386OOFIggCgAqISPLbsJXDoMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvcVRsZmZ6bzQ0VWlDQUtBQ29oSTh0dXdsY09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG72vegpMHmn9HDP3p4m
GSrZ+6JmIkJP6ExAP1UzCO+VWjtYbPeZWR7pk2Do2Nq7q96jkBi5lvWI0GNWv+Py
YNzCpBfdC64FYc5X71uL/k/a9XZtBGkPK/zoZfRLKP2seg3bbg8cda4p8AH159km
UN3nj8pI5v17YHpcmpoFFNN8dPGX2qj1Tu2eoUNS/1U8K0gAk/9qmK53GcWKr3vu
xnvnAllSPmFg5/HSL0/f28gPPuLFaW6JIyepJ6HyBYNaCcFCMG4STqaVtb94xKKN
ScPaMAdbFKM0RCUZgoPFcYgt6S2oR5cKxlWQ2EAEonMNwrB72UAB9lyhr7LU4NzP
xrw=
-----END CERTIFICATE-----
Generated at Wed Jun 18 15:27:36 2025 by rpki-client