Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mybi4-NLeB8XZP9IHahiPDSnwOI.roa
File: mybi4-NLeB8XZP9IHahiPDSnwOI.roa (raw, json)
Hash identifier: ZeEK4n3I9dCXjtSzSnKLwM7+LT8DL1MkwHmAdqQ0tgw=
Subject key identifier: 9B:26:E2:E3:E3:4B:78:1F:17:64:FF:48:1D:A8:62:3C:34:A7:C0:E2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C44D9ABC38D1393B837E3FFA5E65C2802
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mybi4-NLeB8XZP9IHahiPDSnwOI.roa
Signing time: Thu 07 Dec 2023 15:16:05 +0000
ROA not before: Thu 07 Dec 2023 15:16:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:44:d9:ab:c3:8d:13:93:b8:37:e3:ff:a5:e6:5c:28:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 7 15:16:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b26e2e3e34b781f1764ff481da8623c34a7c0e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bc:3e:5a:d7:68:6f:da:28:07:07:24:ba:14:
ee:18:4f:36:db:07:ec:52:2b:95:14:4a:47:89:33:
7f:80:ef:8c:21:80:52:e3:b7:33:4c:b7:61:13:e3:
b0:a0:a7:5c:d0:9a:df:36:c5:6b:11:c4:cf:1b:0d:
bd:f7:f2:95:70:5b:2c:97:d5:32:6e:78:b3:7c:a3:
ef:73:d6:d3:a0:f8:20:37:51:13:79:a3:22:1e:59:
ee:38:29:ae:8d:c5:3f:c2:46:a2:9f:9a:5f:37:bd:
bb:42:35:0a:43:72:18:de:f9:af:63:3d:79:a5:ab:
cd:7c:e5:aa:2e:ee:19:b0:3f:f4:27:bf:50:85:94:
d1:66:7b:53:ff:74:ae:1c:d7:04:d3:e0:25:40:ab:
85:8d:f8:2e:bc:90:b4:1d:83:04:90:29:31:1c:84:
2b:1b:a3:f5:91:7a:f5:42:51:1c:20:40:13:24:92:
0c:f0:0d:3c:b5:40:c0:56:8a:1d:cd:43:6d:ae:60:
88:c7:47:4e:26:e3:ea:1e:65:54:cf:0d:e9:6b:01:
f5:05:32:dc:52:5c:96:61:41:1f:28:c5:50:89:a0:
db:38:9f:83:eb:25:0e:c6:b5:c0:b1:b0:d4:95:d9:
18:32:bd:6e:f4:82:43:c3:53:46:ba:a4:1d:dc:8f:
41:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:26:E2:E3:E3:4B:78:1F:17:64:FF:48:1D:A8:62:3C:34:A7:C0:E2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/mybi4-NLeB8XZP9IHahiPDSnwOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
ac:43:e7:ba:79:bf:c2:66:fd:85:f7:63:ca:70:d5:dd:0a:c3:
b2:a5:af:9b:c3:b8:67:0d:c7:9e:6d:fb:fb:1b:51:b7:13:56:
6a:b6:53:d5:62:f4:ba:e4:ed:de:08:ae:04:d4:5d:fb:51:1d:
ea:10:e3:1a:0b:1e:c2:82:51:ea:69:e9:35:98:04:46:04:25:
14:f6:90:18:cd:0a:83:89:f5:92:22:11:d7:1b:e3:da:5b:7a:
53:3d:bd:9b:29:bd:ce:2a:99:ca:c7:24:fc:da:74:d2:fc:7f:
14:22:28:fc:45:09:42:38:b7:b1:9a:0d:3c:07:b5:9e:94:5b:
59:f6:d5:08:e9:75:e1:6f:df:80:4f:32:69:df:cb:d0:66:c5:
b5:e7:c9:de:2f:d7:ac:c9:50:6b:c7:36:cd:be:98:29:05:c7:
d1:f1:79:4e:0e:c2:61:fd:cd:d2:99:0b:f6:0c:46:3e:a9:37:
6b:fa:34:f1:f8:f7:63:80:eb:f2:28:73:e3:5d:96:cb:25:db:
c3:0d:da:a7:4f:ab:75:37:6c:38:c8:d4:9d:3d:cb:fe:8a:6f:
3b:b8:6f:dd:7e:1a:6c:a3:6c:f8:04:f7:18:66:12:ca:82:ce:
cc:34:f4:33:6d:4d:66:a9:85:5a:ae:19:0b:20:e9:26:a6:5f:
d1:de:88:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxE2avDjROTuDfj/6XmXCgCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA3MTUxNjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjI2ZTJlM2UzNGI3ODFmMTc2NGZmNDgxZGE4NjIzYzM0YTdjMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrw+Wtdob9ooBwckuhTuGE822wfs
UiuVFEpHiTN/gO+MIYBS47czTLdhE+OwoKdc0JrfNsVrEcTPGw299/KVcFssl9Uy
bnizfKPvc9bToPggN1ETeaMiHlnuOCmujcU/wkain5pfN727QjUKQ3IY3vmvYz15
pavNfOWqLu4ZsD/0J79QhZTRZntT/3SuHNcE0+AlQKuFjfguvJC0HYMEkCkxHIQr
G6P1kXr1QlEcIEATJJIM8A08tUDAVoodzUNtrmCIx0dOJuPqHmVUzw3pawH1BTLc
UlyWYUEfKMVQiaDbOJ+D6yUOxrXAsbDUldkYMr1u9IJDw1NGuqQd3I9BTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJsm4uPjS3gfF2T/SB2oYjw0p8DiMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvbXliaTQtTkxlQjhYWlA5SUhhaGlQRFNud09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKxD57p5v8Jm/YX3Y8pw
1d0Kw7Klr5vDuGcNx55t+/sbUbcTVmq2U9Vi9Lrk7d4IrgTUXftRHeoQ4xoLHsKC
Uepp6TWYBEYEJRT2kBjNCoOJ9ZIiEdcb49pbelM9vZspvc4qmcrHJPzadNL8fxQi
KPxFCUI4t7GaDTwHtZ6UW1n21QjpdeFv34BPMmnfy9BmxbXnyd4v16zJUGvHNs2+
mCkFx9HxeU4OwmH9zdKZC/YMRj6pN2v6NPH492OA6/Ioc+Ndlssl28MN2qdPq3U3
bDjI1J09y/6Kbzu4b91+GmyjbPgE9xhmEsqCzsw09DNtTWaphVquGQsg6SamX9He
iMM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:28:17 2025 by rpki-client