Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9bz8cbkCeCFS3q9ar6-zTyoIyM8.roa
File: 9bz8cbkCeCFS3q9ar6-zTyoIyM8.roa (raw, json)
Hash identifier: tSLU/zqC+q0ECHRV6xdIYNtZjfFNnTniE9DBjiqAF/4=
Subject key identifier: F5:BC:FC:71:B9:02:78:21:52:DE:AF:5A:AF:AF:B3:4F:2A:08:C8:CF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C5C742AECA3E0E472643E37EC529BB5CC
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9bz8cbkCeCFS3q9ar6-zTyoIyM8.roa
Signing time: Tue 12 Dec 2023 05:16:06 +0000
ROA not before: Tue 12 Dec 2023 05:16:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5c:74:2a:ec:a3:e0:e4:72:64:3e:37:ec:52:9b:b5:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 12 05:16:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5bcfc71b902782152deaf5aafafb34f2a08c8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:37:18:7e:d0:e9:91:6d:ba:b3:22:c2:f8:82:
3f:c3:57:fb:00:2d:93:89:b2:3b:a3:6a:8e:64:19:
19:08:ef:b1:b5:5c:ef:cf:2e:33:a9:8e:71:a1:d6:
9c:42:f1:34:1c:43:4e:16:fd:1d:15:31:0c:65:41:
bc:83:18:31:35:e4:f2:38:8d:81:62:be:71:98:6c:
a9:94:2e:12:c3:49:d8:63:b0:84:91:cf:2f:98:6b:
f6:6d:03:94:c4:99:4e:a4:cc:a5:b4:2a:72:86:26:
44:73:ba:df:69:3c:04:78:54:2e:7c:36:0b:be:e0:
27:dd:43:42:83:9e:77:0e:d4:a1:59:46:22:51:07:
a0:72:43:dd:47:57:9f:24:7c:1d:95:3b:0e:39:ce:
3e:7c:69:c9:96:32:3a:bc:50:70:fe:6f:d9:2f:0a:
93:44:93:11:90:ea:b7:70:2c:e2:25:45:b3:70:b3:
ea:68:e9:bc:da:c4:a8:91:5f:53:35:89:82:c6:7a:
49:4b:c7:43:9e:04:4b:f5:67:87:9c:b5:8a:80:d6:
bf:59:fb:ed:99:75:e2:b1:ee:73:52:67:79:83:17:
6f:76:be:a9:30:d4:7e:e8:a6:bc:6a:5c:dd:f1:70:
13:1c:eb:db:ed:66:a2:c3:00:49:71:f8:46:d2:26:
7c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BC:FC:71:B9:02:78:21:52:DE:AF:5A:AF:AF:B3:4F:2A:08:C8:CF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/9bz8cbkCeCFS3q9ar6-zTyoIyM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:92:54:e1:ef:29:9c:14:b2:c9:c0:89:a1:95:1e:e8:40:e6:
06:1c:e4:3c:a2:af:54:10:17:7c:89:a2:90:40:93:eb:fd:3b:
9b:3c:06:6f:2e:bd:82:99:e7:29:5d:30:d6:3c:47:f1:98:cc:
8a:b0:6c:98:8a:d5:52:61:41:ed:bf:16:2e:ab:82:a1:b4:1c:
a0:ea:a5:6b:6c:3e:07:57:b5:22:5d:f5:80:23:a8:de:04:a8:
ee:cb:f6:11:57:ad:1c:76:cc:aa:48:42:b8:f1:4d:2a:29:0a:
a2:56:9e:0a:5e:20:67:25:e9:63:af:12:0a:4e:7c:1d:33:9b:
73:aa:3a:79:54:c5:05:8e:64:86:f3:8c:34:e4:19:04:42:f1:
93:74:ee:0c:0a:20:c6:72:03:d8:48:a6:b0:e2:63:fb:f1:0b:
64:05:97:ac:12:ec:5d:a0:f2:d1:a3:54:ea:b7:ae:e2:50:df:
d9:2e:03:d2:7d:6d:e0:f2:87:0f:b6:fe:fb:1c:5a:be:d7:f8:
75:8e:d8:e8:89:82:df:1c:ec:16:4f:34:ca:77:05:58:5f:cc:
b9:0c:fd:12:68:a3:96:18:a3:74:11:b7:6d:3d:2f:37:c4:b2:
f3:49:06:c4:bf:3b:59:56:19:69:ff:52:e0:2e:d0:47:db:ac:
b4:28:14:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxcdCrso+DkcmQ+N+xSm7XMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEyMDUxNjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWJjZmM3MWI5MDI3ODIxNTJkZWFmNWFhZmFmYjM0ZjJhMDhjOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTcYftDpkW26syLC+II/w1f7AC2T
ibI7o2qOZBkZCO+xtVzvzy4zqY5xodacQvE0HENOFv0dFTEMZUG8gxgxNeTyOI2B
Yr5xmGyplC4Sw0nYY7CEkc8vmGv2bQOUxJlOpMyltCpyhiZEc7rfaTwEeFQufDYL
vuAn3UNCg553DtShWUYiUQegckPdR1efJHwdlTsOOc4+fGnJljI6vFBw/m/ZLwqT
RJMRkOq3cCziJUWzcLPqaOm82sSokV9TNYmCxnpJS8dDngRL9WeHnLWKgNa/Wfvt
mXXise5zUmd5gxdvdr6pMNR+6Ka8alzd8XATHOvb7WaiwwBJcfhG0iZ8vwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPW8/HG5AnghUt6vWq+vs08qCMjPMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvOWJ6OGNia0NlQ0ZTM3E5YXI2LXpUeW9JeU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAeSVOHvKZwUssnAiaGV
HuhA5gYc5Dyir1QQF3yJopBAk+v9O5s8Bm8uvYKZ5yldMNY8R/GYzIqwbJiK1VJh
Qe2/Fi6rgqG0HKDqpWtsPgdXtSJd9YAjqN4EqO7L9hFXrRx2zKpIQrjxTSopCqJW
ngpeIGcl6WOvEgpOfB0zm3OqOnlUxQWOZIbzjDTkGQRC8ZN07gwKIMZyA9hIprDi
Y/vxC2QFl6wS7F2g8tGjVOq3ruJQ39kuA9J9beDyhw+2/vscWr7X+HWO2OiJgt8c
7BZPNMp3BVhfzLkM/RJoo5YYo3QRt209LzfEsvNJBsS/O1lWGWn/UuAu0EfbrLQo
FJI=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:07:09 2025 by rpki-client