Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bpI7AqxeiOaGrUQyvALcdsxLWLk.roa
File: bpI7AqxeiOaGrUQyvALcdsxLWLk.roa (raw, json)
Hash identifier: C3knLqk/3QrXdqG2D65cvCGdVvca+t6NBJ0op6U3oyE=
Subject key identifier: 6E:92:3B:02:AC:5E:88:E6:86:AD:44:32:BC:02:DC:76:CC:4B:58:B9
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFA6501C856DC7F7C7101A2E65271EFA3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bpI7AqxeiOaGrUQyvALcdsxLWLk.roa
Signing time: Wed 04 Oct 2023 11:13:58 +0000
ROA not before: Wed 04 Oct 2023 11:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:65:01:c8:56:dc:7f:7c:71:01:a2:e6:52:71:ef:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 11:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e923b02ac5e88e686ad4432bc02dc76cc4b58b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:18:f1:11:4c:97:c1:b9:03:97:65:0d:ba:0e:
92:8e:04:67:91:33:ab:f9:b9:08:d9:72:d2:1b:d4:
8f:33:8e:7a:09:7a:02:ea:1e:93:c9:60:86:68:e2:
c3:68:6f:df:8b:12:84:4d:bb:48:70:6b:a6:95:7e:
f5:76:37:82:ff:f9:e7:1a:a8:8c:58:15:07:ec:26:
9b:bf:cb:4e:c7:05:aa:69:50:d0:f5:01:1e:0a:e0:
82:63:fd:66:a5:c4:47:d4:8f:e5:5d:1d:5b:70:0d:
cb:5d:fc:56:f5:94:a0:0e:e8:11:73:b8:a1:1a:62:
34:61:f3:18:39:a0:10:b2:09:ef:1e:a7:ef:0d:9f:
ad:8d:01:38:0f:5b:ce:91:4f:c0:e0:40:ad:fc:37:
4e:79:34:93:8b:d9:6a:57:0d:7e:52:1c:11:00:a2:
c7:91:cb:3f:5f:b8:5e:85:e6:91:9b:9a:65:06:be:
00:3a:2c:75:ee:85:d4:ff:82:a5:12:16:2b:84:87:
f9:ae:ce:da:e2:76:df:1c:ff:c0:05:bb:ef:70:3d:
f4:0b:6a:90:8d:44:f7:29:09:fb:9d:c7:08:85:5f:
e7:c6:8a:10:4f:db:3a:a4:91:34:88:2d:34:3f:c7:
b0:60:13:9d:c8:b7:c5:ef:5b:d3:ba:9d:3c:6d:1e:
d3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:92:3B:02:AC:5E:88:E6:86:AD:44:32:BC:02:DC:76:CC:4B:58:B9
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bpI7AqxeiOaGrUQyvALcdsxLWLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
af:0a:f8:3a:0b:a0:8c:f4:27:53:76:64:da:fa:48:9f:6e:4c:
8c:29:79:44:71:5a:21:69:6a:ed:62:27:5d:3c:dc:6c:ee:c8:
f7:61:e1:2d:5f:ca:3c:87:5d:9a:3c:d4:ea:61:f5:22:99:d3:
4b:0d:0f:06:02:0f:ca:b3:19:6d:95:45:29:6e:5a:c1:a0:fb:
d1:e5:19:ac:5a:3f:b7:74:d9:bd:d1:60:a6:c2:4f:7f:22:e3:
44:c7:5f:30:e7:1e:15:67:91:e0:cc:15:95:d4:b0:8f:a7:77:
3c:35:9c:53:16:82:61:28:b7:68:d4:58:78:e3:42:85:73:21:
df:4f:f6:f2:24:47:db:8c:f2:61:02:d9:27:00:ba:4b:b8:85:
5c:32:cf:fc:be:82:cd:47:b7:76:f5:44:a9:7b:91:bb:40:4c:
37:a6:bd:12:0f:7e:62:5e:ef:07:1c:96:53:b6:3e:a9:b8:b4:
94:fa:e5:f7:a8:9b:38:ad:10:c0:72:00:31:25:19:59:10:44:
89:06:58:c0:76:d0:7f:19:05:b2:50:3b:d1:8b:40:2d:5b:3a:
ad:0f:2d:c2:12:79:ce:49:ad:7d:f5:c6:37:6b:b2:58:ac:57:
74:01:b9:37:16:bd:ab:f2:cf:eb:1a:d0:9a:72:84:6b:c4:08:
58:b5:f9:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr6ZQHIVtx/fHEBouZSce+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MTExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTkyM2IwMmFjNWU4OGU2ODZhZDQ0MzJiYzAyZGM3NmNjNGI1OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBjxEUyXwbkDl2UNug6SjgRnkTOr
+bkI2XLSG9SPM456CXoC6h6TyWCGaOLDaG/fixKETbtIcGumlX71djeC//nnGqiM
WBUH7Cabv8tOxwWqaVDQ9QEeCuCCY/1mpcRH1I/lXR1bcA3LXfxW9ZSgDugRc7ih
GmI0YfMYOaAQsgnvHqfvDZ+tjQE4D1vOkU/A4ECt/DdOeTSTi9lqVw1+UhwRAKLH
kcs/X7heheaRm5plBr4AOix17oXU/4KlEhYrhIf5rs7a4nbfHP/ABbvvcD30C2qQ
jUT3KQn7nccIhV/nxooQT9s6pJE0iC00P8ewYBOdyLfF71vTup08bR7TfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG6SOwKsXojmhq1EMrwC3HbMS1i5MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYnBJN0FxeGVpT2FHclVReXZBTGNkc3hMV0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAK8K+DoLoIz0J1N2ZNr6
SJ9uTIwpeURxWiFpau1iJ1083GzuyPdh4S1fyjyHXZo81Oph9SKZ00sNDwYCD8qz
GW2VRSluWsGg+9HlGaxaP7d02b3RYKbCT38i40THXzDnHhVnkeDMFZXUsI+ndzw1
nFMWgmEot2jUWHjjQoVzId9P9vIkR9uM8mEC2ScAuku4hVwyz/y+gs1Ht3b1RKl7
kbtATDemvRIPfmJe7wccllO2Pqm4tJT65feomzitEMByADElGVkQRIkGWMB20H8Z
BbJQO9GLQC1bOq0PLcISec5JrX31xjdrslisV3QBuTcWvavyz+sa0JpyhGvECFi1
+Xg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:44:53 2025 by rpki-client