Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bdZL1AmDwqEczLF0yhOFw9e57Iw.roa
File: bdZL1AmDwqEczLF0yhOFw9e57Iw.roa (raw, json)
Hash identifier: qHvy/opak4H8K6MJ3F3B3ttWGz0bvqnRBpSdqCiHbb4=
Subject key identifier: 6D:D6:4B:D4:09:83:C2:A1:1C:CC:B1:74:CA:13:85:C3:D7:B9:EC:8C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BBBEDABED7E9EDD36A6D03E54A74B40E9
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bdZL1AmDwqEczLF0yhOFw9e57Iw.roa
Signing time: Sat 11 Nov 2023 01:09:57 +0000
ROA not before: Sat 11 Nov 2023 01:09:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bb:ed:ab:ed:7e:9e:dd:36:a6:d0:3e:54:a7:4b:40:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 11 01:09:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dd64bd40983c2a11cccb174ca1385c3d7b9ec8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:61:a1:1c:a6:dd:ee:fb:46:ad:7b:15:26:37:
60:cb:bc:f3:81:1d:94:22:bb:dd:5e:eb:ff:72:c9:
0e:36:a7:f1:1d:4c:02:3a:2b:7b:dd:19:17:f4:de:
1b:2d:e7:88:64:9f:4a:59:ff:68:da:52:8f:60:a9:
9a:2d:56:08:a6:13:a0:ff:d2:e8:d7:ef:d4:c2:4d:
be:c4:df:8b:ba:e7:8e:11:ee:52:50:d9:89:06:45:
6a:93:d2:82:cf:ca:5c:89:7a:04:9d:d8:49:88:97:
1c:27:84:f7:78:35:86:6f:b4:11:0c:69:7b:be:05:
08:d5:59:7a:a4:07:4d:7b:5d:12:10:7a:09:2b:1f:
ac:f3:a4:3c:ac:cf:f7:f1:7f:3c:7f:33:fc:66:dd:
28:cf:3e:e7:a0:4a:20:e8:1e:bc:61:4b:45:e7:ea:
40:a1:49:99:dc:69:20:36:3e:49:3e:30:22:32:f2:
e9:e7:cf:c1:6d:9c:74:43:47:2d:d7:b9:37:d0:93:
ff:bb:4e:38:ae:f4:64:e9:55:ea:24:f9:c1:79:2b:
70:6f:02:47:48:a7:e6:87:70:2d:05:90:b2:09:27:
dd:45:cb:c0:f0:15:54:d2:d7:d7:c0:15:12:f0:4b:
79:cd:c5:eb:be:58:d7:bc:c3:80:11:f4:3e:df:88:
fa:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D6:4B:D4:09:83:C2:A1:1C:CC:B1:74:CA:13:85:C3:D7:B9:EC:8C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bdZL1AmDwqEczLF0yhOFw9e57Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c1:e0:47:ea:29:e6:15:fe:ec:bf:3b:78:64:74:d3:d8:4a:08:
94:99:2f:52:90:03:5e:07:df:32:35:de:8c:3c:65:01:c9:a5:
e2:c6:9c:5e:ac:d8:24:54:89:9d:d4:11:2d:7a:9d:a2:d2:1b:
60:65:0d:94:1b:ba:77:ee:d9:f3:b2:3b:d6:7f:0a:b0:30:13:
42:3c:70:83:82:6a:01:a8:aa:64:a0:6e:9c:5b:6f:a5:21:43:
59:6d:37:7b:7a:f4:2f:68:97:8e:3e:5d:22:45:d1:e1:f5:e4:
ba:ab:8b:e4:21:9d:e3:ae:15:1a:b9:0c:6b:41:5d:9f:fd:8b:
c8:09:95:bd:0e:f2:55:ab:17:67:0d:85:31:72:7e:ef:2e:70:
48:a5:17:1c:a0:02:3b:95:96:0c:ac:d9:4f:3a:87:59:0a:53:
54:15:2a:7a:61:b8:19:3e:f2:a8:43:21:81:f1:fd:ff:be:ec:
85:da:66:34:42:2a:cf:ff:97:aa:22:bd:71:f8:ea:1e:90:b9:
38:07:fd:f1:f3:e7:d3:61:81:e4:59:9b:97:30:95:62:ff:5a:
e7:d3:54:ef:9e:27:00:47:66:66:9c:4c:a7:5b:ca:06:29:b2:
07:20:8b:08:12:80:2c:24:c1:11:53:45:2d:09:92:a0:fe:ef:
fd:e9:f9:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYu77avtfp7dNqbQPlSnS0DpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTExMDEwOTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ2NGJkNDA5ODNjMmExMWNjY2IxNzRjYTEzODVjM2Q3YjllYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmGhHKbd7vtGrXsVJjdgy7zzgR2U
IrvdXuv/cskONqfxHUwCOit73RkX9N4bLeeIZJ9KWf9o2lKPYKmaLVYIphOg/9Lo
1+/Uwk2+xN+LuueOEe5SUNmJBkVqk9KCz8pciXoEndhJiJccJ4T3eDWGb7QRDGl7
vgUI1Vl6pAdNe10SEHoJKx+s86Q8rM/38X88fzP8Zt0ozz7noEog6B68YUtF5+pA
oUmZ3GkgNj5JPjAiMvLp58/BbZx0Q0ct17k30JP/u044rvRk6VXqJPnBeStwbwJH
SKfmh3AtBZCyCSfdRcvA8BVU0tfXwBUS8Et5zcXrvljXvMOAEfQ+34j6oQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG3WS9QJg8KhHMyxdMoThcPXueyMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYmRaTDFBbUR3cUVjekxGMHloT0Z3OWU1N0l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMHgR+op5hX+7L87eGR0
09hKCJSZL1KQA14H3zI13ow8ZQHJpeLGnF6s2CRUiZ3UES16naLSG2BlDZQbunfu
2fOyO9Z/CrAwE0I8cIOCagGoqmSgbpxbb6UhQ1ltN3t69C9ol44+XSJF0eH15Lqr
i+QhneOuFRq5DGtBXZ/9i8gJlb0O8lWrF2cNhTFyfu8ucEilFxygAjuVlgys2U86
h1kKU1QVKnphuBk+8qhDIYHx/f++7IXaZjRCKs//l6oivXH46h6QuTgH/fHz59Nh
geRZm5cwlWL/WufTVO+eJwBHZmacTKdbygYpsgcgiwgSgCwkwRFTRS0JkqD+7/3p
+Sc=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:21:21 2025 by rpki-client