Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BrPgqJhR0fS5PINb7omCdsJe8ck.roa
File: BrPgqJhR0fS5PINb7omCdsJe8ck.roa (raw, json)
Hash identifier: ttUJJkr4EYy5Y6N504eq2MdKKmD4lBIioGHhyKSbx1g=
Subject key identifier: 06:B3:E0:A8:98:51:D1:F4:B9:3C:83:5B:EE:89:82:76:C2:5E:F1:C9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE895B5420C4A0DCBC8306C38D253B4A2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BrPgqJhR0fS5PINb7omCdsJe8ck.roa
Signing time: Sun 01 Oct 2023 00:13:59 +0000
ROA not before: Sun 01 Oct 2023 00:13:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e8:95:b5:42:0c:4a:0d:cb:c8:30:6c:38:d2:53:b4:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 1 00:13:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06b3e0a89851d1f4b93c835bee898276c25ef1c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:65:15:0a:ac:2c:37:d1:e7:67:05:a2:2c:9c:
a0:18:18:ed:de:8b:eb:8e:1c:70:e6:27:5e:4f:9f:
03:85:6a:80:69:0b:ad:49:f2:bd:61:40:b0:ab:61:
3c:7a:2b:7b:3c:bb:20:24:0d:45:3b:00:b3:6e:cc:
96:5b:ea:0d:59:eb:8d:59:99:46:98:e2:80:60:3d:
90:e0:95:d4:5d:df:16:4e:dc:a4:b1:af:1f:fe:db:
e6:fd:49:c6:81:93:35:86:59:44:22:70:42:97:35:
49:c2:2d:ed:00:a1:c2:15:14:37:b0:2f:ab:d3:0c:
0a:39:18:e4:43:5b:05:50:b5:e5:4f:a1:f0:0a:b6:
8d:2c:c7:de:03:6d:e5:8d:87:86:30:2b:5c:23:b3:
af:e7:d0:8f:c0:55:f7:b9:0b:c1:5a:17:3a:ac:96:
ee:77:c5:30:75:9c:2a:00:a7:1b:6e:f2:2f:24:5f:
33:a9:48:58:65:78:61:31:15:37:32:73:c7:7b:38:
2b:df:d0:70:b4:b7:56:2d:3c:b8:73:e7:25:23:d9:
a8:53:21:a7:be:e6:89:d7:2a:e2:87:fd:5e:25:72:
65:4a:7c:66:9c:a5:b2:13:0f:9d:51:5c:a5:f3:52:
da:d9:e3:9e:87:4d:5d:bc:86:a4:bd:d6:8b:4d:30:
4f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B3:E0:A8:98:51:D1:F4:B9:3C:83:5B:EE:89:82:76:C2:5E:F1:C9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BrPgqJhR0fS5PINb7omCdsJe8ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:97:b1:e6:9e:3e:c9:2f:f2:f4:96:30:b8:00:ae:95:54:47:
87:a3:fc:60:53:40:a9:19:ce:36:c1:18:ec:74:86:ce:6f:63:
83:fe:45:9a:70:46:7a:eb:30:47:2f:ed:08:91:86:90:19:ce:
50:9b:c6:5d:79:8e:7e:09:70:fa:5a:b6:e8:39:71:6f:af:87:
28:37:ba:87:e0:64:a8:7e:ee:cf:35:64:71:c2:9e:71:1e:98:
de:ae:a8:22:d1:2c:ef:08:ca:d9:f5:65:77:6e:f0:cd:70:11:
69:6b:1d:c9:ed:ce:96:66:0a:d7:bf:5b:0a:49:25:9b:fb:12:
c7:de:ea:6f:06:ce:df:3f:6a:38:31:3c:2b:b8:22:59:3c:01:
0e:08:11:cf:34:57:7f:72:44:af:aa:dd:46:b6:bc:01:96:d7:
9b:63:f9:c5:64:5e:0e:2c:b8:02:e9:5d:e4:76:9d:52:6c:09:
33:7f:f8:f7:6c:09:de:d4:83:c0:30:a5:c7:2e:ca:93:f7:bd:
41:f7:1c:67:a1:3e:d4:29:1c:cb:d3:8e:37:c6:a5:5d:e4:1f:
67:4c:0f:af:c8:e6:11:8f:fd:35:ab:5a:92:09:37:72:a1:b9:
d2:ea:4c:8c:1c:9d:09:ef:e3:f9:b1:27:9d:ee:1a:8d:a9:65:
49:69:b3:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrolbVCDEoNy8gwbDjSU7SiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAxMDAxMzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmIzZTBhODk4NTFkMWY0YjkzYzgzNWJlZTg5ODI3NmMyNWVmMWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGUVCqwsN9HnZwWiLJygGBjt3ovr
jhxw5ideT58DhWqAaQutSfK9YUCwq2E8eit7PLsgJA1FOwCzbsyWW+oNWeuNWZlG
mOKAYD2Q4JXUXd8WTtyksa8f/tvm/UnGgZM1hllEInBClzVJwi3tAKHCFRQ3sC+r
0wwKORjkQ1sFULXlT6HwCraNLMfeA23ljYeGMCtcI7Ov59CPwFX3uQvBWhc6rJbu
d8UwdZwqAKcbbvIvJF8zqUhYZXhhMRU3MnPHezgr39BwtLdWLTy4c+clI9moUyGn
vuaJ1yrih/1eJXJlSnxmnKWyEw+dUVyl81La2eOeh01dvIakvdaLTTBPnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAaz4KiYUdH0uTyDW+6JgnbCXvHJMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQnJQZ3FKaFIwZlM1UElOYjdvbUNkc0plOGNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKiXseaePskv8vSWMLgA
rpVUR4ej/GBTQKkZzjbBGOx0hs5vY4P+RZpwRnrrMEcv7QiRhpAZzlCbxl15jn4J
cPpatug5cW+vhyg3uofgZKh+7s81ZHHCnnEemN6uqCLRLO8Iytn1ZXdu8M1wEWlr
HcntzpZmCte/WwpJJZv7Esfe6m8Gzt8/ajgxPCu4Ilk8AQ4IEc80V39yRK+q3Ua2
vAGW15tj+cVkXg4suALpXeR2nVJsCTN/+PdsCd7Ug8AwpccuypP3vUH3HGehPtQp
HMvTjjfGpV3kH2dMD6/I5hGP/TWrWpIJN3KhudLqTIwcnQnv4/mxJ53uGo2pZUlp
s34=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:00:28 2025 by rpki-client