Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bVz2ZBMNUQTeLJSN_oEpxz7CwKo.roa
File: bVz2ZBMNUQTeLJSN_oEpxz7CwKo.roa (raw, json)
Hash identifier: 1P7f3jEsLiBTS6ZL6yifsflQ6c0JTbEOdeQ/HT61SUk=
Subject key identifier: 6D:5C:F6:64:13:0D:51:04:DE:2C:94:8D:FE:81:29:C7:3E:C2:C0:AA
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFDD5BDB3FAF25358482F5C22DD20D534
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bVz2ZBMNUQTeLJSN_oEpxz7CwKo.roa
Signing time: Thu 05 Oct 2023 03:15:57 +0000
ROA not before: Thu 05 Oct 2023 03:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fd:d5:bd:b3:fa:f2:53:58:48:2f:5c:22:dd:20:d5:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 03:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d5cf664130d5104de2c948dfe8129c73ec2c0aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b3:6e:0c:4b:57:96:71:68:9d:c4:70:43:aa:
d1:01:0b:65:09:7e:0d:5a:91:65:ad:3c:35:7b:92:
4d:4e:35:47:85:50:43:af:b3:9b:38:27:a7:ed:f5:
29:d5:6d:40:24:7e:dd:a7:f9:d6:e0:61:51:b6:4a:
5f:35:86:2f:91:d2:40:29:55:3d:01:cb:d2:2b:b9:
b0:4d:26:b6:b7:20:f6:16:e7:11:8f:ac:8b:7f:05:
d8:20:21:0a:4b:7c:fe:94:de:1b:cb:43:41:d8:16:
dd:05:28:cc:f5:15:f7:fe:aa:39:b1:8a:fe:49:42:
16:f6:23:8e:db:c7:ca:4c:26:c2:58:8c:0a:0c:12:
0b:8d:46:10:26:ed:f5:27:13:f6:3e:f6:aa:29:0a:
26:c4:54:66:29:2c:80:86:25:ea:9b:5a:80:b6:aa:
32:6b:15:35:72:9c:2b:31:65:1c:68:02:c7:35:0b:
5e:d3:b3:8a:04:99:b0:29:85:f4:3a:fc:eb:a8:5e:
3b:a1:52:cb:7d:5d:dd:cc:17:6e:f2:ea:0e:e9:bf:
83:e1:0d:8c:03:d6:15:cd:97:37:c5:0c:b1:8e:18:
8e:22:e4:70:45:b0:70:6e:8a:0b:dd:03:55:9d:78:
ca:12:dd:6e:87:32:46:0f:df:33:a8:ef:ea:95:86:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5C:F6:64:13:0D:51:04:DE:2C:94:8D:FE:81:29:C7:3E:C2:C0:AA
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bVz2ZBMNUQTeLJSN_oEpxz7CwKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:59:a5:3d:b3:99:20:6d:e5:e4:54:19:26:c8:91:a8:ac:39:
e6:a3:e6:a7:25:83:45:d4:87:c8:78:4f:5e:ae:1b:27:a4:02:
db:49:3a:8d:b4:4d:8b:8d:af:f5:75:c7:8b:2a:46:09:f3:34:
19:9a:98:6c:3e:b5:b9:03:e3:7c:93:a1:5a:4c:4d:0c:15:d7:
a0:fa:de:b8:48:7f:37:cf:8d:43:34:66:1e:6c:de:99:24:c3:
bb:ef:55:dc:6c:3b:a5:3d:1b:30:2f:c1:80:80:76:34:ee:dd:
2a:b3:15:ab:bf:d1:33:a8:3b:e6:cf:ea:5a:cc:d3:05:f3:df:
fc:0d:73:54:50:22:57:e6:f4:ac:b2:44:71:9b:fe:9f:de:64:
f6:b8:55:6c:02:c2:c9:09:1c:3a:6b:1b:7a:67:3c:2e:e9:30:
d9:0b:17:a6:9b:01:4c:52:5a:e6:16:0e:06:d6:31:25:ed:fb:
06:f9:7b:62:b9:c4:c6:47:de:c7:6e:5b:55:c1:c4:8e:ad:71:
d9:e0:04:1f:69:e8:c5:6d:2f:05:df:c9:6a:51:a6:21:fe:f2:
e8:de:ee:db:4d:2c:45:63:cb:a4:b8:b5:fd:f5:a5:33:db:2a:
36:f5:6e:57:dc:03:7e:00:e0:e2:be:4c:32:a3:17:55:27:13:
9a:b0:c4:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr91b2z+vJTWEgvXCLdINU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MDMxNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDVjZjY2NDEzMGQ1MTA0ZGUyYzk0OGRmZTgxMjljNzNlYzJjMGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLNuDEtXlnFoncRwQ6rRAQtlCX4N
WpFlrTw1e5JNTjVHhVBDr7ObOCen7fUp1W1AJH7dp/nW4GFRtkpfNYYvkdJAKVU9
AcvSK7mwTSa2tyD2FucRj6yLfwXYICEKS3z+lN4by0NB2BbdBSjM9RX3/qo5sYr+
SUIW9iOO28fKTCbCWIwKDBILjUYQJu31JxP2PvaqKQomxFRmKSyAhiXqm1qAtqoy
axU1cpwrMWUcaALHNQte07OKBJmwKYX0OvzrqF47oVLLfV3dzBdu8uoO6b+D4Q2M
A9YVzZc3xQyxjhiOIuRwRbBwbooL3QNVnXjKEt1uhzJGD98zqO/qlYayowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG1c9mQTDVEE3iyUjf6BKcc+wsCqMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYlZ6MlpCTU5VUVRlTEpTTl9vRXB4ejdDd0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHFZpT2zmSBt5eRUGSbI
kaisOeaj5qclg0XUh8h4T16uGyekAttJOo20TYuNr/V1x4sqRgnzNBmamGw+tbkD
43yToVpMTQwV16D63rhIfzfPjUM0Zh5s3pkkw7vvVdxsO6U9GzAvwYCAdjTu3Sqz
Fau/0TOoO+bP6lrM0wXz3/wNc1RQIlfm9KyyRHGb/p/eZPa4VWwCwskJHDprG3pn
PC7pMNkLF6abAUxSWuYWDgbWMSXt+wb5e2K5xMZH3sduW1XBxI6tcdngBB9p6MVt
LwXfyWpRpiH+8uje7ttNLEVjy6S4tf31pTPbKjb1blfcA34A4OK+TDKjF1UnE5qw
xPw=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:28:41 2025 by rpki-client