Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mBcXuqUUhkX4pMz2DE1nxE5yTU0.roa
File: mBcXuqUUhkX4pMz2DE1nxE5yTU0.roa (raw, json)
Hash identifier: i6TPHTY5dtsSQKQukHAPPGqq9XK+UfCtOgo3eGtUe7M=
Subject key identifier: 98:17:17:BA:A5:14:86:45:F8:A4:CC:F6:0C:4D:67:C4:4E:72:4D:4D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB2B14743014487ECE6F8A6769BAF570F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mBcXuqUUhkX4pMz2DE1nxE5yTU0.roa
Signing time: Wed 20 Sep 2023 13:04:37 +0000
ROA not before: Wed 20 Sep 2023 13:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:b2b1:2ebd/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:b1:47:43:01:44:87:ec:e6:f8:a6:76:9b:af:57:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 13:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=981717baa5148645f8a4ccf60c4d67c44e724d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:18:52:c2:08:a3:2b:18:0d:48:5f:61:80:91:
87:50:91:a1:17:1f:be:11:09:76:41:56:c6:2a:25:
9c:ab:2d:e7:84:7a:60:37:cd:21:60:aa:0c:e6:ad:
bf:2f:c3:16:5e:85:2a:d0:38:0b:4b:a0:24:f4:8b:
8f:25:c4:41:2c:57:19:6a:18:80:31:00:23:d8:4a:
4c:93:9d:03:2b:f1:ba:21:22:03:13:8e:f4:00:42:
eb:1e:94:32:3c:f9:90:86:bc:8d:93:ac:05:0c:24:
68:39:68:72:ff:41:10:1d:41:7e:ea:95:39:cd:c8:
af:58:e4:61:19:94:84:33:1d:77:0f:c6:55:14:c0:
9c:aa:00:90:98:56:ac:8b:5e:f2:5c:d7:9e:d4:c3:
b0:20:a5:fd:f3:3f:1f:4e:aa:b5:5d:e7:e4:35:3b:
87:97:d1:42:8e:4a:27:a3:52:5c:12:fb:70:e4:73:
3e:f4:ab:7a:52:39:d4:9c:80:f4:c2:dc:ea:17:2a:
24:eb:d5:1e:59:16:6d:a4:84:16:90:ec:11:d2:0b:
e4:3a:8d:df:f1:65:fc:8b:90:a5:73:a1:ff:cf:c1:
58:32:53:d9:7c:58:32:49:75:47:6a:11:56:6d:65:
14:df:bf:08:11:8e:80:d6:33:dc:ca:85:d9:ee:66:
12:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:17:17:BA:A5:14:86:45:F8:A4:CC:F6:0C:4D:67:C4:4E:72:4D:4D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mBcXuqUUhkX4pMz2DE1nxE5yTU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b2:5b:18:b9:5d:53:89:10:5a:f2:b1:30:b3:0c:11:fe:31:00:
96:83:87:3a:eb:54:bb:47:df:6a:8a:b5:4b:c2:14:66:78:0e:
3a:20:f9:d3:01:ed:16:bb:49:69:35:fe:60:c6:b1:53:8f:7d:
26:f8:cf:c0:2b:c2:1c:52:61:15:12:16:7c:b7:0e:09:dc:37:
4e:50:7f:56:01:2b:f2:8a:55:e8:56:10:de:81:a6:3c:c8:8d:
2f:fe:40:01:cb:e8:af:71:49:78:80:ce:76:94:5e:13:0c:45:
b1:4e:f4:8c:12:cc:58:6e:ce:9b:dd:1d:e3:a1:ad:fb:c3:d7:
72:23:34:0e:96:b2:a9:48:53:a2:ce:64:9a:17:52:43:c3:f3:
91:fb:d5:c6:86:43:42:12:76:d8:a5:71:e1:c6:e4:2f:3e:5a:
e7:60:6f:8b:d5:6a:60:63:a1:85:80:7a:0f:58:ef:70:8d:73:
db:a8:15:18:b4:da:9c:86:5a:03:fc:08:30:83:03:c0:b1:8f:
aa:7a:ab:f2:ac:fb:d4:79:19:91:4a:9c:c0:f1:43:f1:f2:18:
c5:70:df:ab:0f:c3:39:72:89:85:ef:24:b6:08:e7:f4:b9:cb:
df:ac:23:2c:11:2c:79:0d:b3:c3:c3:e4:e3:8d:bc:79:fd:8e:
bb:3b:b9:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqysUdDAUSH7Ob4pnabr1cPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMTMwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE3MTdiYWE1MTQ4NjQ1ZjhhNGNjZjYwYzRkNjdjNDRlNzI0ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRhSwgijKxgNSF9hgJGHUJGhFx++
EQl2QVbGKiWcqy3nhHpgN80hYKoM5q2/L8MWXoUq0DgLS6Ak9IuPJcRBLFcZahiA
MQAj2EpMk50DK/G6ISIDE470AELrHpQyPPmQhryNk6wFDCRoOWhy/0EQHUF+6pU5
zcivWORhGZSEMx13D8ZVFMCcqgCQmFasi17yXNee1MOwIKX98z8fTqq1XefkNTuH
l9FCjkono1JcEvtw5HM+9Kt6UjnUnID0wtzqFyok69UeWRZtpIQWkOwR0gvkOo3f
8WX8i5Clc6H/z8FYMlPZfFgySXVHahFWbWUU378IEY6A1jPcyoXZ7mYS0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJgXF7qlFIZF+KTM9gxNZ8ROck1NMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbUJjWHVxVVVoa1g0cE16MkRFMW54RTV5VFUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALJbGLldU4kQWvKxMLMM
Ef4xAJaDhzrrVLtH32qKtUvCFGZ4Djog+dMB7Ra7SWk1/mDGsVOPfSb4z8ArwhxS
YRUSFny3DgncN05Qf1YBK/KKVehWEN6BpjzIjS/+QAHL6K9xSXiAznaUXhMMRbFO
9IwSzFhuzpvdHeOhrfvD13IjNA6WsqlIU6LOZJoXUkPD85H71caGQ0ISdtilceHG
5C8+Wudgb4vVamBjoYWAeg9Y73CNc9uoFRi02pyGWgP8CDCDA8Cxj6p6q/Ks+9R5
GZFKnMDxQ/HyGMVw36sPwzlyiYXvJLYI5/S5y9+sIywRLHkNs8PD5OONvHn9jrs7
ufM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:30:53 2025 by rpki-client