Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bJ6BTzT06eAJ8hn5x28A7bUhRc.roa
File: 1-bJ6BTzT06eAJ8hn5x28A7bUhRc.roa (raw, json)
Hash identifier: mJPelRN6s+BViWk6cOzPskSdVR8Y2e3sBr+HVckplbU=
Subject key identifier: F9:B2:7A:05:3C:D3:D3:A7:80:27:C8:67:E7:1D:BC:03:B6:D4:85:17
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BB5EAAB75A747482446669FC108FA5EB5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bJ6BTzT06eAJ8hn5x28A7bUhRc.roa
Signing time: Thu 09 Nov 2023 21:08:57 +0000
ROA not before: Thu 09 Nov 2023 21:08:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:ea:ab:75:a7:47:48:24:46:66:9f:c1:08:fa:5e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 9 21:08:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9b27a053cd3d3a78027c867e71dbc03b6d48517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d3:61:37:06:69:84:8f:eb:63:70:64:3e:ed:
82:27:be:c6:b6:d0:84:3b:04:9a:8c:ac:34:53:46:
d2:20:2b:74:92:dc:b6:0e:b9:26:aa:94:6d:f3:b2:
18:d5:d6:7b:ae:8b:01:bb:7b:48:d6:2d:92:64:b4:
c5:c1:52:76:3c:3a:9f:05:08:82:3c:05:00:5c:95:
fa:cf:82:5f:34:99:00:3d:a4:42:1b:65:d7:ec:d3:
61:1c:99:ff:6c:26:49:16:9e:73:ac:2b:03:c3:fd:
4f:b8:63:6c:13:ef:b2:3f:03:90:9d:bd:48:70:75:
8a:4d:28:c8:6b:d3:5a:3e:50:21:5b:69:27:66:72:
ea:d9:d1:dd:5d:7f:06:86:72:4a:84:f3:c9:8a:69:
ed:74:ad:a3:83:cd:3d:8c:2a:15:11:a1:23:b6:85:
b4:c2:9d:f6:a1:3b:e5:35:7e:11:2d:a1:92:41:cc:
98:95:70:6e:81:3c:0d:6b:ce:5d:f5:ac:f6:f3:57:
6c:84:30:ee:62:32:af:21:81:8d:cc:cd:61:81:1b:
8c:dd:38:6b:47:0f:ac:28:a5:90:d0:93:c4:5b:84:
8e:47:f8:24:0f:56:7b:18:e5:9c:1c:47:20:85:cf:
3e:5e:eb:f5:18:87:48:c1:d0:52:4d:f1:bd:3a:0b:
d9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B2:7A:05:3C:D3:D3:A7:80:27:C8:67:E7:1D:BC:03:B6:D4:85:17
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bJ6BTzT06eAJ8hn5x28A7bUhRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:b2:9e:a5:0e:3a:67:4c:e3:18:50:66:5f:24:2d:45:0a:6c:
9c:44:0d:9e:f0:9c:1b:43:81:f7:96:3d:55:58:21:52:1b:f6:
c7:ab:04:94:c8:3b:33:37:0e:58:af:e2:e2:77:2b:e1:fb:80:
6c:7d:11:1a:08:0d:6d:b0:a7:2e:39:46:6a:ab:b5:55:06:5e:
c5:56:85:92:da:93:22:e7:83:af:da:41:f5:e5:a5:b9:4f:75:
4e:10:bf:a0:35:98:8b:31:f8:64:d4:80:c4:f0:b6:84:52:e2:
99:d1:1c:72:a1:b7:ce:7f:4b:cf:f7:76:66:20:57:89:4e:1a:
ae:fe:59:09:63:dd:c7:ea:83:f9:4b:e7:bd:ef:4a:de:ce:e4:
12:38:51:80:34:f9:fc:43:80:eb:7e:fc:3d:77:51:8c:b6:19:
5e:ef:96:11:af:5e:6d:f1:94:05:cc:e1:2f:75:b7:9f:4c:67:
d4:33:93:07:6b:e0:cb:7c:42:b7:7f:b8:cf:a9:f6:52:9c:5a:
3b:20:b3:33:c8:1e:f4:12:b0:5f:f1:f3:83:ed:ff:44:bd:38:
19:38:4d:2f:d4:2e:b9:82:37:bd:dc:d5:11:e2:69:da:5d:ec:
c9:29:0c:14:fc:ef:5d:82:a3:02:6b:e2:da:73:47:e2:a3:df:
99:60:fc:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYu16qt1p0dIJEZmn8EI+l61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA5MjEwODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWIyN2EwNTNjZDNkM2E3ODAyN2M4NjdlNzFkYmMwM2I2ZDQ4NTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidNhNwZphI/rY3BkPu2CJ77GttCE
OwSajKw0U0bSICt0kty2DrkmqpRt87IY1dZ7rosBu3tI1i2SZLTFwVJ2PDqfBQiC
PAUAXJX6z4JfNJkAPaRCG2XX7NNhHJn/bCZJFp5zrCsDw/1PuGNsE++yPwOQnb1I
cHWKTSjIa9NaPlAhW2knZnLq2dHdXX8GhnJKhPPJimntdK2jg809jCoVEaEjtoW0
wp32oTvlNX4RLaGSQcyYlXBugTwNa85d9az281dshDDuYjKvIYGNzM1hgRuM3Thr
Rw+sKKWQ0JPEW4SOR/gkD1Z7GOWcHEcghc8+Xuv1GIdIwdBSTfG9OgvZJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPmyegU809OngCfIZ+cdvAO21IUXMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1iSjZCVHpUMDZlQUo4aG41eDI4QTdiVWhSYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQBXsp6lDjpnTOMYUGZf
JC1FCmycRA2e8JwbQ4H3lj1VWCFSG/bHqwSUyDszNw5Yr+Lidyvh+4BsfREaCA1t
sKcuOUZqq7VVBl7FVoWS2pMi54Ov2kH15aW5T3VOEL+gNZiLMfhk1IDE8LaEUuKZ
0RxyobfOf0vP93ZmIFeJThqu/lkJY93H6oP5S+e970rezuQSOFGANPn8Q4Drfvw9
d1GMthle75YRr15t8ZQFzOEvdbefTGfUM5MHa+DLfEK3f7jPqfZSnFo7ILMzyB70
ErBf8fOD7f9EvTgZOE0v1C65gje93NUR4mnaXezJKQwU/O9dgqMCa+Lac0fio9+Z
YPwf
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:53:32 2025 by rpki-client