Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tbMGQWxh-Kptd4AwfwYpR8T-_tE.roa
File: tbMGQWxh-Kptd4AwfwYpR8T-_tE.roa (raw, json)
Hash identifier: R9V5CT60oMIMgM00soSjJvw07Sf6G2zfsj2pPAts+5M=
Subject key identifier: B5:B3:06:41:6C:61:F8:AA:6D:77:80:30:7F:06:29:47:C4:FE:FE:D1
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B50DBFDF027A6EAD2F792F6CA34481836
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tbMGQWxh-Kptd4AwfwYpR8T-_tE.roa
Signing time: Sat 21 Oct 2023 06:11:16 +0000
ROA not before: Sat 21 Oct 2023 06:11:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:50:db:fd:f0:27:a6:ea:d2:f7:92:f6:ca:34:48:18:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 21 06:11:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5b306416c61f8aa6d7780307f062947c4fefed1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:b8:76:77:3e:81:aa:5e:d4:50:0d:cc:10:
5b:09:c4:27:2a:d3:97:7f:aa:35:99:de:a3:a0:94:
53:a9:63:6c:35:54:e0:8b:28:39:0b:d0:0d:05:c9:
bb:b5:81:77:1d:1e:08:36:f3:ff:2c:ee:5a:76:9e:
dc:5d:dc:af:d9:c5:67:1a:8d:ad:98:1d:14:39:3c:
1e:8c:9a:42:83:de:7c:ec:31:8f:51:b6:a4:f7:b1:
fc:b9:d8:55:6b:0e:c7:0b:3a:9a:ab:24:7e:e1:e4:
fc:fa:06:1f:46:84:9a:16:b6:d1:e4:82:ce:6e:66:
ab:e6:53:ef:bc:82:1b:4a:49:37:2c:39:6a:1c:27:
83:d0:45:a1:2d:ec:57:62:b5:09:e7:3b:b1:84:14:
4b:4e:ed:f1:f9:9a:59:fd:de:e6:3e:ed:1d:39:c9:
d0:bc:eb:21:83:0d:5d:4d:84:e9:bd:f6:46:fb:96:
31:b3:08:d2:67:a4:90:99:f3:a7:ac:4c:f9:c2:87:
92:3e:5d:13:b7:28:87:5c:62:c7:32:67:8e:df:8e:
83:a5:ad:c3:f2:9b:17:ce:fa:35:62:b2:6c:8d:40:
6b:5f:f9:62:c6:83:c4:fd:36:6d:06:91:89:4a:b9:
f6:37:48:bc:96:0b:1c:ee:3e:f5:72:c7:c8:c5:aa:
c8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B3:06:41:6C:61:F8:AA:6D:77:80:30:7F:06:29:47:C4:FE:FE:D1
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tbMGQWxh-Kptd4AwfwYpR8T-_tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:71:23:3e:40:ff:d1:d0:b5:5e:47:8f:80:8b:07:95:08:5a:
90:93:e5:68:2a:0a:c3:d2:e5:99:02:08:57:a2:e9:44:bd:c4:
d1:a2:65:33:88:6b:65:b3:cb:99:75:4b:53:83:2a:80:b7:c6:
8e:f4:5a:4e:ad:d1:ed:10:71:51:75:09:1f:74:cd:d9:5a:17:
65:f0:65:9b:a4:b9:e3:1d:f8:c0:2b:c1:a1:82:bb:60:b4:61:
60:c4:95:9b:c2:db:c6:80:4d:dd:cb:46:b4:25:e4:6b:11:cb:
6d:b7:09:42:c5:ae:cc:a7:06:6e:9a:22:fd:9a:13:be:96:e9:
fa:be:d8:de:8b:86:64:1b:45:c0:2e:e5:22:9f:a7:32:6f:6d:
55:28:c9:09:60:65:43:a3:09:6e:98:17:72:67:1f:05:79:cd:
48:ba:e9:be:b5:c3:0c:3b:b3:29:62:17:65:f7:8d:db:d8:c5:
15:99:ff:eb:f0:43:b8:6e:8b:8a:56:b2:c2:5c:c2:b8:3d:14:
74:48:49:c2:36:37:bc:f5:4e:2f:d0:9b:f6:4c:ac:24:ae:e0:
93:ca:b6:9d:a8:60:29:56:8f:df:a8:97:36:ce:e5:ac:f9:fe:
10:45:64:f2:8f:9f:fc:95:45:6b:3a:17:1f:15:12:36:2c:08:
8b:f7:a7:10
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtQ2/3wJ6bq0veS9so0SBg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDIxMDYxMTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWIzMDY0MTZjNjFmOGFhNmQ3NzgwMzA3ZjA2Mjk0N2M0ZmVmZWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKC4dnc+gape1FANzBBbCcQnKtOX
f6o1md6joJRTqWNsNVTgiyg5C9ANBcm7tYF3HR4INvP/LO5adp7cXdyv2cVnGo2t
mB0UOTwejJpCg9587DGPUbak97H8udhVaw7HCzqaqyR+4eT8+gYfRoSaFrbR5ILO
bmar5lPvvIIbSkk3LDlqHCeD0EWhLexXYrUJ5zuxhBRLTu3x+ZpZ/d7mPu0dOcnQ
vOshgw1dTYTpvfZG+5YxswjSZ6SQmfOnrEz5woeSPl0TtyiHXGLHMmeO346Dpa3D
8psXzvo1YrJsjUBrX/lixoPE/TZtBpGJSrn2N0i8lgsc7j71csfIxarIIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLWzBkFsYfiqbXeAMH8GKUfE/v7RMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdGJNR1FXeGgtS3B0ZDRBd2Z3WXBSOFQtX3RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKFxIz5A/9HQtV5Hj4CL
B5UIWpCT5WgqCsPS5ZkCCFei6US9xNGiZTOIa2Wzy5l1S1ODKoC3xo70Wk6t0e0Q
cVF1CR90zdlaF2XwZZukueMd+MArwaGCu2C0YWDElZvC28aATd3LRrQl5GsRy223
CULFrsynBm6aIv2aE76W6fq+2N6LhmQbRcAu5SKfpzJvbVUoyQlgZUOjCW6YF3Jn
HwV5zUi66b61www7syliF2X3jdvYxRWZ/+vwQ7hui4pWssJcwrg9FHRIScI2N7z1
Ti/Qm/ZMrCSu4JPKtp2oYClWj9+olzbO5az5/hBFZPKPn/yVRWs6Fx8VEjYsCIv3
pxA=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:21:08 2025 by rpki-client