Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TbJ6mz3bHKSv7gjs3UNdc1Cn2zg.roa
File: TbJ6mz3bHKSv7gjs3UNdc1Cn2zg.roa (raw, json)
Hash identifier: 1s5Iqw4yi15exR2m3ua8MAa4cym2dk34o3reDf8o/bc=
Subject key identifier: 4D:B2:7A:9B:3D:DB:1C:A4:AF:EE:08:EC:DD:43:5D:73:50:A7:DB:38
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C6496133F6CE22D04C96EAC87496975D4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TbJ6mz3bHKSv7gjs3UNdc1Cn2zg.roa
Signing time: Wed 13 Dec 2023 19:10:06 +0000
ROA not before: Wed 13 Dec 2023 19:10:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:96:13:3f:6c:e2:2d:04:c9:6e:ac:87:49:69:75:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 13 19:10:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4db27a9b3ddb1ca4afee08ecdd435d7350a7db38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:18:75:d2:3f:af:fe:20:7c:03:bd:c6:93:f8:
df:2a:21:56:d4:f2:01:a6:5b:a1:c3:7d:37:5d:35:
d2:c1:92:2c:4b:cd:51:25:c2:9c:b5:1b:38:ad:6a:
17:f2:fa:bc:42:aa:b9:3f:77:78:eb:07:94:c9:7e:
d0:45:16:c2:17:83:0a:e2:9f:68:72:f3:f9:32:2f:
ab:61:7f:cf:ee:71:d6:c8:b4:f9:99:92:33:01:f2:
ff:36:0a:e9:5b:ab:56:d2:05:99:aa:41:36:c1:c1:
58:f2:ae:85:5f:55:3b:ae:f1:d0:53:ec:58:03:43:
38:a4:94:84:ac:0a:c3:61:4b:d1:5c:cc:94:e6:ba:
39:7f:8d:f1:c2:77:a6:9a:9a:d3:b2:45:fb:65:ca:
88:55:40:67:e5:b0:e6:00:25:54:27:c7:05:fe:70:
67:00:f0:fa:ff:e6:46:6f:24:2d:1e:ce:9a:1f:c0:
31:15:83:6e:e4:15:14:f9:67:b8:b9:9e:61:14:83:
96:a8:3a:a4:71:1b:61:6d:b2:77:2f:62:a9:c7:46:
2c:25:d4:72:69:61:65:c8:24:d7:90:f8:02:75:10:
0f:1a:93:a2:fa:dd:15:4d:47:cc:95:0b:87:db:bd:
f0:92:43:06:fa:15:28:43:3f:7c:ba:4c:02:dc:c4:
df:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B2:7A:9B:3D:DB:1C:A4:AF:EE:08:EC:DD:43:5D:73:50:A7:DB:38
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/TbJ6mz3bHKSv7gjs3UNdc1Cn2zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bf:cc:a2:3c:a4:1b:fc:19:57:ea:0f:c5:3b:90:47:c4:95:55:
e1:5f:ac:91:54:52:c6:32:4e:75:07:56:d9:53:5e:a5:9d:d8:
0d:8e:ab:e3:2f:1f:68:f6:71:49:bd:05:ce:ae:70:c2:73:b2:
ef:70:80:ed:2a:27:d8:6f:af:6e:3b:1a:54:e5:ca:4f:3c:36:
f1:46:ac:62:d8:b8:d8:a0:ab:27:4a:a9:38:f3:eb:41:b9:37:
2b:6d:81:74:73:a7:df:05:47:fa:4c:ab:d0:b5:1d:3e:08:bf:
fb:ad:0c:31:27:73:34:83:a2:82:a8:7b:ef:de:0a:49:2a:f3:
bc:9a:67:3d:9f:71:85:48:c8:52:f4:e7:0b:df:eb:2f:df:83:
db:ba:00:2e:d0:27:37:ef:5b:a8:cb:48:d8:d4:9d:cb:26:ac:
66:0f:d0:5d:2f:28:d3:3c:44:39:1d:6b:82:b3:de:37:f7:b9:
89:fa:f8:ee:96:65:81:5b:0b:f9:76:74:bd:37:71:3a:02:88:
38:ba:4c:05:5f:49:cb:4d:d4:15:60:cb:66:54:6c:48:b1:20:
dc:9d:5c:23:b1:aa:b8:5d:29:ba:72:c7:bd:c7:6f:94:22:fe:
e2:7c:e5:06:bf:34:b8:6d:b8:98:90:bb:20:d0:01:63:16:9b:
d1:2e:76:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxklhM/bOItBMlurIdJaXXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEzMTkxMDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGIyN2E5YjNkZGIxY2E0YWZlZTA4ZWNkZDQzNWQ3MzUwYTdkYjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRh10j+v/iB8A73Gk/jfKiFW1PIB
pluhw303XTXSwZIsS81RJcKctRs4rWoX8vq8Qqq5P3d46weUyX7QRRbCF4MK4p9o
cvP5Mi+rYX/P7nHWyLT5mZIzAfL/NgrpW6tW0gWZqkE2wcFY8q6FX1U7rvHQU+xY
A0M4pJSErArDYUvRXMyU5ro5f43xwnemmprTskX7ZcqIVUBn5bDmACVUJ8cF/nBn
APD6/+ZGbyQtHs6aH8AxFYNu5BUU+We4uZ5hFIOWqDqkcRthbbJ3L2Kpx0YsJdRy
aWFlyCTXkPgCdRAPGpOi+t0VTUfMlQuH273wkkMG+hUoQz98ukwC3MTfawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE2yeps92xykr+4I7N1DXXNQp9s4MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvVGJKNm16M2JIS1N2N2dqczNVTmRjMUNuMnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAL/MojykG/wZV+oPxTuQ
R8SVVeFfrJFUUsYyTnUHVtlTXqWd2A2Oq+MvH2j2cUm9Bc6ucMJzsu9wgO0qJ9hv
r247GlTlyk88NvFGrGLYuNigqydKqTjz60G5NyttgXRzp98FR/pMq9C1HT4Iv/ut
DDEnczSDooKoe+/eCkkq87yaZz2fcYVIyFL05wvf6y/fg9u6AC7QJzfvW6jLSNjU
ncsmrGYP0F0vKNM8RDkda4Kz3jf3uYn6+O6WZYFbC/l2dL03cToCiDi6TAVfSctN
1BVgy2ZUbEixINydXCOxqrhdKbpyx73Hb5Qi/uJ85Qa/NLhtuJiQuyDQAWMWm9Eu
duk=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:34:17 2025 by rpki-client