Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bq9c8ZZHf94rrmkJXPdTvIDPdMc.roa
File: bq9c8ZZHf94rrmkJXPdTvIDPdMc.roa (raw, json)
Hash identifier: tbFkVZUaifkZcMtqBYc6vOd0Rrp0BqhyufY1eNzhjdc=
Subject key identifier: 6E:AF:5C:F1:96:47:7F:DE:2B:AE:69:09:5C:F7:53:BC:80:CF:74:C7
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B8806E8AEDF1350963B44116935F6D84B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bq9c8ZZHf94rrmkJXPdTvIDPdMc.roa
Signing time: Tue 31 Oct 2023 23:17:16 +0000
ROA not before: Tue 31 Oct 2023 23:17:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:88:06:e8:ae:df:13:50:96:3b:44:11:69:35:f6:d8:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 31 23:17:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6eaf5cf196477fde2bae69095cf753bc80cf74c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2e:81:aa:df:b2:6c:92:7d:b0:94:b2:53:a6:
e2:92:7c:72:fd:ae:20:da:aa:ab:c5:bb:0f:e7:a9:
7a:0e:6e:83:95:75:2f:e2:98:b8:7e:c0:73:f5:0d:
da:29:1d:f3:b2:d7:6f:a9:10:64:d9:ea:b1:eb:d6:
da:e9:58:e9:4a:34:5e:b3:66:59:80:93:a1:bf:82:
a5:47:a0:5b:e9:b5:11:08:28:cd:84:69:9c:b8:9a:
54:e7:7c:52:ce:54:c3:27:ce:69:93:3f:fa:d1:4e:
10:23:a9:cb:6e:b9:cd:8d:f2:1c:1f:0a:ab:78:36:
59:fc:cd:cf:ac:26:cf:e3:5b:98:51:88:db:c9:c4:
18:ba:c8:c6:ce:97:41:b1:3b:f1:79:50:a5:f3:c7:
c4:4c:8e:f8:87:7c:70:2c:59:30:16:c1:fa:2c:d6:
4b:50:77:2b:0a:bf:fd:2a:a6:23:69:19:62:e5:fb:
79:93:80:4c:be:b0:7e:af:4a:ab:47:19:9f:b1:3a:
13:91:bc:b7:7a:09:11:dc:a7:90:88:87:8a:ee:70:
cd:4f:f9:9d:82:4d:39:b4:17:b0:27:56:01:ee:e9:
2e:d4:13:17:0a:09:de:1e:04:dd:50:59:c6:ed:86:
f4:27:57:20:e1:51:91:57:f6:1d:f2:2b:9e:dc:60:
0c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AF:5C:F1:96:47:7F:DE:2B:AE:69:09:5C:F7:53:BC:80:CF:74:C7
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bq9c8ZZHf94rrmkJXPdTvIDPdMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b7:b1:c9:ca:f1:ea:64:0f:8b:fc:0c:36:56:0b:2e:b1:de:0c:
f9:d8:f0:ef:59:a7:45:63:9c:86:d4:a7:99:3b:87:c6:2e:b5:
65:06:63:a1:8b:ea:6c:d2:b3:17:bd:22:85:a0:53:da:d5:64:
c1:a9:f7:c1:e9:8f:53:7a:df:7d:25:58:5c:69:61:9a:97:a7:
b8:3a:fb:ce:95:3d:11:06:5d:b9:8f:b6:93:2d:54:13:f9:30:
69:74:4b:1c:4d:36:29:5e:d0:5a:3e:c7:38:cc:a1:5d:c1:36:
6f:55:a2:8f:c3:6e:30:d5:a8:3c:f3:3c:fb:b5:1a:cd:d4:f1:
28:16:57:28:15:91:3e:7e:8f:4d:4f:0c:2e:ae:d1:e6:9d:fc:
41:99:83:96:09:07:43:13:cb:2a:db:26:60:94:68:45:f5:4b:
db:f9:14:76:bc:55:0c:bf:0e:f9:f6:0b:33:c0:08:ef:d8:57:
0c:a8:4f:28:28:e5:8b:2f:67:8d:c1:09:e5:e4:d6:f1:0e:87:
72:e5:81:10:7b:bf:e0:29:26:54:76:1f:70:cb:4f:4e:fb:22:
07:b4:8a:00:c4:02:e6:d6:90:c7:bd:9e:c2:35:73:f6:be:59:
7c:5c:fa:33:51:12:da:89:80:c4:2b:9c:75:90:74:d7:1f:2a:
bf:43:a3:d8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuIBuiu3xNQljtEEWk19thLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDMxMjMxNzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWFmNWNmMTk2NDc3ZmRlMmJhZTY5MDk1Y2Y3NTNiYzgwY2Y3NGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7y6Bqt+ybJJ9sJSyU6biknxy/a4g
2qqrxbsP56l6Dm6DlXUv4pi4fsBz9Q3aKR3zstdvqRBk2eqx69ba6VjpSjRes2ZZ
gJOhv4KlR6Bb6bURCCjNhGmcuJpU53xSzlTDJ85pkz/60U4QI6nLbrnNjfIcHwqr
eDZZ/M3PrCbP41uYUYjbycQYusjGzpdBsTvxeVCl88fETI74h3xwLFkwFsH6LNZL
UHcrCr/9KqYjaRli5ft5k4BMvrB+r0qrRxmfsToTkby3egkR3KeQiIeK7nDNT/md
gk05tBewJ1YB7uku1BMXCgneHgTdUFnG7Yb0J1cg4VGRV/Yd8iue3GAMSQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG6vXPGWR3/eK65pCVz3U7yAz3THMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYnE5YzhaWkhmOTRycm1rSlhQZFR2SURQZE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALexycrx6mQPi/wMNlYL
LrHeDPnY8O9Zp0VjnIbUp5k7h8YutWUGY6GL6mzSsxe9IoWgU9rVZMGp98Hpj1N6
330lWFxpYZqXp7g6+86VPREGXbmPtpMtVBP5MGl0SxxNNile0Fo+xzjMoV3BNm9V
oo/DbjDVqDzzPPu1Gs3U8SgWVygVkT5+j01PDC6u0ead/EGZg5YJB0MTyyrbJmCU
aEX1S9v5FHa8VQy/Dvn2CzPACO/YVwyoTygo5YsvZ43BCeXk1vEOh3LlgRB7v+Ap
JlR2H3DLT077Ige0igDEAubWkMe9nsI1c/a+WXxc+jNREtqJgMQrnHWQdNcfKr9D
o9g=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:43:35 2025 by rpki-client