Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bV_Z6VJEoaCd1yfovM88ChNQScM.roa
File: bV_Z6VJEoaCd1yfovM88ChNQScM.roa (raw, json)
Hash identifier: /RgZpD3x7RAADchl+HenujYo6aUB3v8BGH0SnngRZls=
Subject key identifier: 6D:5F:D9:E9:52:44:A1:A0:9D:D7:27:E8:BC:CF:3C:0A:13:50:49:C3
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AE55CD12C670A1355237FDC532F085E21
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bV_Z6VJEoaCd1yfovM88ChNQScM.roa
Signing time: Sat 30 Sep 2023 09:12:59 +0000
ROA not before: Sat 30 Sep 2023 09:12:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e5:5c:d1:2c:67:0a:13:55:23:7f:dc:53:2f:08:5e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 30 09:12:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d5fd9e95244a1a09dd727e8bccf3c0a135049c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:24:25:5f:ee:c2:fb:b0:3c:04:51:36:5e:ce:
af:a2:99:db:9a:18:74:84:00:c5:7e:de:95:87:d3:
80:54:6f:dc:c9:83:1a:2a:2a:62:73:e2:ab:4d:82:
25:62:15:20:cf:0b:00:d7:2e:f2:21:14:a2:c7:84:
be:6a:b3:88:95:75:79:10:3d:7a:d0:37:68:7e:64:
03:98:24:72:56:c4:46:09:76:29:8e:15:b8:c9:db:
c8:32:32:2c:30:76:53:19:e1:61:14:1e:30:b2:a1:
07:fb:07:43:5e:ca:eb:2f:1c:f1:d8:30:d1:14:93:
68:3c:e7:e1:10:fb:a6:ae:2f:cd:ec:3d:7f:7d:f0:
fa:4d:37:87:3e:58:85:4a:23:55:fe:0c:d5:dd:74:
92:1e:da:65:33:87:10:d1:6e:5b:0a:f7:0a:34:ec:
0b:53:1a:88:27:57:cd:09:f2:8c:bd:18:10:d2:73:
bf:0d:73:ed:91:91:aa:f3:f4:ba:0c:a4:fa:5f:3a:
2e:57:51:b7:5d:84:7a:03:89:91:df:3b:eb:f1:76:
a6:e5:9b:c3:58:06:14:92:19:78:36:19:be:08:07:
3d:3d:5e:80:a0:ea:7a:2e:0c:1a:18:e3:9d:c8:28:
a2:9e:48:e5:b5:a3:74:d7:8f:73:bb:e1:02:46:13:
25:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5F:D9:E9:52:44:A1:A0:9D:D7:27:E8:BC:CF:3C:0A:13:50:49:C3
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bV_Z6VJEoaCd1yfovM88ChNQScM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:d3:0c:dd:bb:6c:b3:b0:54:36:1d:3c:68:53:57:4a:8e:8e:
68:5e:90:07:fe:56:bf:aa:2d:ca:08:f6:94:1f:9e:47:31:e5:
49:2e:ca:b3:2a:eb:a4:28:f9:77:3c:90:78:68:f8:cb:61:e8:
f6:d3:a7:0b:dd:55:ce:20:2f:f1:46:bb:e9:22:43:c9:33:80:
94:67:ed:9f:07:da:20:57:1e:d2:42:da:f2:01:8c:49:13:49:
4b:6a:93:16:f8:f7:05:b6:61:d6:84:5b:c7:2c:d3:13:1b:b8:
ac:e2:73:84:14:ac:e6:9d:9b:e7:31:ba:57:aa:ec:21:a3:84:
e5:6a:58:46:6f:af:73:3f:ea:96:72:eb:03:fb:a1:b4:8a:d3:
bf:3c:f1:1d:1d:c0:c9:4a:17:98:b7:4e:18:26:63:2d:f9:46:
f5:d4:75:3a:53:ec:1c:4f:72:4f:74:13:a3:12:73:f1:07:f2:
83:e3:c6:a2:4a:b1:92:0e:65:73:39:74:88:4d:33:b7:3e:81:
0f:64:b9:ca:4a:5b:a1:12:b5:ca:15:ab:43:c3:3e:be:d7:bd:
82:4d:7f:c5:d7:7b:57:4b:6a:19:f7:df:9b:e7:75:1c:14:5f:
1d:cf:3a:b4:09:37:d1:0a:09:62:69:d0:28:d9:f1:43:ba:0e:
b1:99:a3:b2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrlXNEsZwoTVSN/3FMvCF4hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTMwMDkxMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDVmZDllOTUyNDRhMWEwOWRkNzI3ZThiY2NmM2MwYTEzNTA0OWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiQlX+7C+7A8BFE2Xs6vopnbmhh0
hADFft6Vh9OAVG/cyYMaKipic+KrTYIlYhUgzwsA1y7yIRSix4S+arOIlXV5ED16
0DdofmQDmCRyVsRGCXYpjhW4ydvIMjIsMHZTGeFhFB4wsqEH+wdDXsrrLxzx2DDR
FJNoPOfhEPumri/N7D1/ffD6TTeHPliFSiNV/gzV3XSSHtplM4cQ0W5bCvcKNOwL
UxqIJ1fNCfKMvRgQ0nO/DXPtkZGq8/S6DKT6XzouV1G3XYR6A4mR3zvr8Xam5ZvD
WAYUkhl4Nhm+CAc9PV6AoOp6LgwaGOOdyCiinkjltaN0149zu+ECRhMlgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG1f2elSRKGgndcn6LzPPAoTUEnDMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYlZfWjZWSkVvYUNkMXlmb3ZNODhDaE5RU2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGrTDN27bLOwVDYdPGhT
V0qOjmhekAf+Vr+qLcoI9pQfnkcx5UkuyrMq66Qo+Xc8kHho+Mth6PbTpwvdVc4g
L/FGu+kiQ8kzgJRn7Z8H2iBXHtJC2vIBjEkTSUtqkxb49wW2YdaEW8cs0xMbuKzi
c4QUrOadm+cxuleq7CGjhOVqWEZvr3M/6pZy6wP7obSK07888R0dwMlKF5i3Thgm
Yy35RvXUdTpT7BxPck90E6MSc/EH8oPjxqJKsZIOZXM5dIhNM7c+gQ9kucpKW6ES
tcoVq0PDPr7XvYJNf8XXe1dLahn335vndRwUXx3POrQJN9EKCWJp0CjZ8UO6DrGZ
o7I=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:10:18 2025 by rpki-client