Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bXKJ9qKeLRU0TwOOko9WtTCzxsw.roa
File: bXKJ9qKeLRU0TwOOko9WtTCzxsw.roa (raw, json)
Hash identifier: h/jxtUxMC4b5FoOhWYBTp9guc4qxAuFDs8gTyS75nAo=
Subject key identifier: 6D:72:89:F6:A2:9E:2D:15:34:4F:03:8E:92:8F:56:B5:30:B3:C6:CC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AD4D8698809E89EB1F21BC50B562AACF0
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bXKJ9qKeLRU0TwOOko9WtTCzxsw.roa
Signing time: Wed 27 Sep 2023 04:14:27 +0000
ROA not before: Wed 27 Sep 2023 04:14:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d4:d8:69:88:09:e8:9e:b1:f2:1b:c5:0b:56:2a:ac:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 27 04:14:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d7289f6a29e2d15344f038e928f56b530b3c6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a4:38:e5:7a:68:1a:1b:02:d8:08:a7:23:65:
be:85:a3:89:1f:b5:8d:a5:03:02:1f:ae:0b:f2:69:
fa:b1:2f:c6:26:72:8d:6a:d0:b4:19:18:43:81:19:
81:21:68:c5:05:63:5f:a7:42:1c:93:77:cc:46:b7:
e9:f8:b3:15:59:c2:b1:39:15:fd:0e:5a:bf:1b:8f:
53:ec:1f:6d:51:a8:68:ad:61:21:22:77:55:ef:ce:
8a:33:1b:e0:22:2a:eb:68:5c:60:3c:fa:e0:50:de:
b8:d7:52:97:fb:fa:5c:74:70:39:06:05:9c:79:e4:
56:41:be:d7:17:b0:fb:fc:41:78:a3:6e:1d:1b:b5:
b6:e9:24:d8:02:c7:d5:28:bb:13:b4:37:af:ad:a0:
0d:d1:b0:1d:8a:e8:f0:63:3a:c3:e8:6e:da:15:43:
b0:92:f3:8c:1c:a8:b4:08:64:8a:79:53:0f:fb:81:
00:4f:f0:a0:67:44:7c:d4:ba:03:bd:92:96:3b:c1:
4c:05:38:db:f7:25:db:21:b0:66:b7:78:dc:01:cf:
c8:30:ab:13:ea:b1:d9:1f:20:df:2f:3d:6a:28:2e:
5c:16:b0:16:60:ac:de:3e:bd:d2:52:2e:69:f3:3f:
31:d3:55:08:34:32:40:5f:01:6a:ac:1c:3a:d6:86:
a4:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:72:89:F6:A2:9E:2D:15:34:4F:03:8E:92:8F:56:B5:30:B3:C6:CC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bXKJ9qKeLRU0TwOOko9WtTCzxsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:eb:a7:49:1a:b3:01:2d:8a:db:a2:f0:bc:12:ce:67:c4:87:
7d:2a:1e:73:7b:5a:f3:a0:e7:b5:40:17:6e:38:83:75:9f:85:
56:04:fa:9b:b2:00:f3:20:53:00:c4:92:0f:73:19:3d:a7:f0:
18:c7:52:0a:10:f2:65:a1:f1:3f:3c:c3:0e:21:01:db:df:c5:
30:1d:d4:50:8f:23:70:87:f0:bd:58:0f:64:6f:47:32:aa:1f:
50:20:d8:cd:3b:0e:1e:79:b0:ff:47:e1:e0:4d:48:4e:a2:fe:
4e:02:7f:dc:87:fc:a6:4b:66:cb:36:6d:b5:b9:80:34:45:c7:
bc:75:4e:37:b5:76:fa:83:cd:17:8a:79:0a:d4:aa:8c:1c:de:
19:40:cf:33:0c:ab:ce:0c:fc:b7:88:8b:d0:46:d6:0f:91:9e:
3a:e9:ef:71:75:4c:ea:5b:6b:b3:9f:e3:c2:b7:d6:b4:c3:21:
7b:11:45:ca:c6:3d:25:95:3f:0c:ca:9d:7c:a5:a9:9a:94:67:
3e:c1:75:ca:de:0f:ad:da:7d:73:c4:a4:a3:90:29:2b:07:ff:
36:c3:7f:c9:6f:e2:ad:4f:a6:af:35:b3:b5:04:b9:33:0d:64:
cc:0b:d1:91:52:e2:ff:cf:a3:c9:65:5c:31:8d:30:c2:23:34:
f1:a8:b5:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrU2GmICeiesfIbxQtWKqzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI3MDQxNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDcyODlmNmEyOWUyZDE1MzQ0ZjAzOGU5MjhmNTZiNTMwYjNjNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKQ45XpoGhsC2AinI2W+haOJH7WN
pQMCH64L8mn6sS/GJnKNatC0GRhDgRmBIWjFBWNfp0Ick3fMRrfp+LMVWcKxORX9
Dlq/G49T7B9tUahorWEhIndV786KMxvgIirraFxgPPrgUN6411KX+/pcdHA5BgWc
eeRWQb7XF7D7/EF4o24dG7W26STYAsfVKLsTtDevraAN0bAdiujwYzrD6G7aFUOw
kvOMHKi0CGSKeVMP+4EAT/CgZ0R81LoDvZKWO8FMBTjb9yXbIbBmt3jcAc/IMKsT
6rHZHyDfLz1qKC5cFrAWYKzePr3SUi5p8z8x01UINDJAXwFqrBw61oakGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG1yifaini0VNE8DjpKPVrUws8bMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYlhLSjlxS2VMUlUwVHdPT2tvOVd0VEN6eHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHLrp0kaswEtitui8LwS
zmfEh30qHnN7WvOg57VAF244g3WfhVYE+puyAPMgUwDEkg9zGT2n8BjHUgoQ8mWh
8T88ww4hAdvfxTAd1FCPI3CH8L1YD2RvRzKqH1Ag2M07Dh55sP9H4eBNSE6i/k4C
f9yH/KZLZss2bbW5gDRFx7x1Tje1dvqDzReKeQrUqowc3hlAzzMMq84M/LeIi9BG
1g+Rnjrp73F1TOpba7Of48K31rTDIXsRRcrGPSWVPwzKnXylqZqUZz7BdcreD63a
fXPEpKOQKSsH/zbDf8lv4q1Ppq81s7UEuTMNZMwL0ZFS4v/Po8llXDGNMMIjNPGo
tb4=
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:14:23 2025 by rpki-client