Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/trj6OEvRJpdWjNuo-pfGRUx0xJ0.roa
File: trj6OEvRJpdWjNuo-pfGRUx0xJ0.roa (raw, json)
Hash identifier: YQ3nO5ZHolixXgGsNRqS/aKaSKdCyqbXtyOa7DVz0FU=
Subject key identifier: B6:B8:FA:38:4B:D1:26:97:56:8C:DB:A8:FA:97:C6:45:4C:74:C4:9D
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C4A712F81F8B6BF8351AA498C2DF00C56
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/trj6OEvRJpdWjNuo-pfGRUx0xJ0.roa
Signing time: Fri 08 Dec 2023 17:19:40 +0000
ROA not before: Fri 08 Dec 2023 17:19:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4a:71:2f:81:f8:b6:bf:83:51:aa:49:8c:2d:f0:0c:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 8 17:19:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b6b8fa384bd12697568cdba8fa97c6454c74c49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0a:6d:01:5b:4c:5a:b8:9d:f6:4d:62:ff:69:
91:91:eb:c0:2f:21:ca:a5:56:3b:d9:7a:e4:15:3f:
ec:2d:76:2e:ce:13:8f:8c:ee:27:4b:b8:5a:c3:29:
ff:c8:8b:7d:dd:8b:d4:b8:a0:ad:ac:79:8a:b0:71:
37:17:9c:4a:ea:37:56:09:d6:1e:9e:30:eb:38:1d:
b4:f7:a8:50:ae:ad:7d:6b:78:48:fc:ff:f2:e3:5b:
75:3e:40:0d:65:c5:c6:1f:04:42:01:17:fb:a9:be:
88:a7:5d:03:65:71:03:d3:42:89:f6:90:91:96:b7:
f1:e3:6a:3d:55:2c:65:09:d9:b3:03:a1:63:8e:6e:
40:46:99:90:01:b8:d6:9e:d8:59:e8:50:16:67:97:
ad:e7:04:86:52:23:a4:75:c1:1f:cb:90:3a:f7:60:
c0:22:41:3d:a9:29:d0:80:8e:49:1e:7e:50:3d:83:
7a:8d:bc:a2:3e:2c:d7:9f:19:ed:c2:50:4b:95:16:
a4:3b:d4:64:d8:89:1a:6c:5d:ef:f3:ab:26:cb:f0:
0a:7b:58:df:c4:d9:b7:33:98:c5:02:98:15:6c:e1:
18:00:7b:42:7f:b0:e5:81:e0:b1:4b:b9:d9:d4:20:
fe:9d:76:9c:02:6e:ef:48:79:2c:b5:ab:b9:51:d8:
05:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B8:FA:38:4B:D1:26:97:56:8C:DB:A8:FA:97:C6:45:4C:74:C4:9D
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/trj6OEvRJpdWjNuo-pfGRUx0xJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d2:1e:6e:ca:d8:61:7e:22:cd:4b:13:08:a9:6e:70:52:f7:b7:
22:54:93:ef:f6:c5:a3:63:f0:f4:33:0e:16:9d:fc:4a:9a:bb:
81:28:f5:c5:8a:3d:70:16:c6:dd:22:22:c4:66:ab:cb:ad:ea:
8f:99:8a:47:15:b1:52:51:a1:86:da:d1:18:94:68:3d:40:ee:
18:a1:30:f7:7b:ec:ca:47:71:21:93:23:e0:69:ba:0d:bb:5d:
19:c0:f5:45:5f:b9:b2:52:c2:7c:97:d2:e2:a3:da:31:11:72:
1b:f7:f8:7d:3c:d4:c6:83:c8:69:83:33:54:bc:12:b3:44:f3:
0b:5c:8a:d4:45:16:b4:de:59:6f:ed:c3:31:f7:71:99:26:b0:
4d:1f:ef:b4:fc:b3:0a:59:a7:3a:b3:a7:86:1c:7d:5a:83:0e:
7c:5d:52:73:28:9b:97:1e:20:ed:aa:0e:ef:f4:00:79:95:85:
e8:c3:4b:54:18:2d:a3:e8:61:23:15:d4:aa:03:aa:7d:10:2a:
5e:53:f4:ac:53:15:6f:d1:2c:c2:58:78:a9:e9:24:1e:cf:d4:
53:3a:a3:f1:3e:31:40:77:97:41:8f:38:a9:d4:26:c3:34:9a:
c6:6a:78:22:df:26:42:08:e3:b2:89:20:a7:a3:67:4d:31:d2:
c6:14:69:71
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxKcS+B+La/g1GqSYwt8AxWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA4MTcxOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI4ZmEzODRiZDEyNjk3NTY4Y2RiYThmYTk3YzY0NTRjNzRjNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAptAVtMWrid9k1i/2mRkevALyHK
pVY72XrkFT/sLXYuzhOPjO4nS7hawyn/yIt93YvUuKCtrHmKsHE3F5xK6jdWCdYe
njDrOB2096hQrq19a3hI/P/y41t1PkANZcXGHwRCARf7qb6Ip10DZXED00KJ9pCR
lrfx42o9VSxlCdmzA6Fjjm5ARpmQAbjWnthZ6FAWZ5et5wSGUiOkdcEfy5A692DA
IkE9qSnQgI5JHn5QPYN6jbyiPizXnxntwlBLlRakO9Rk2IkabF3v86smy/AKe1jf
xNm3M5jFApgVbOEYAHtCf7DlgeCxS7nZ1CD+nXacAm7vSHkstau5UdgFcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLa4+jhL0SaXVozbqPqXxkVMdMSdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdHJqNk9FdlJKcGRXak51by1wZkdSVXgweEowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANIebsrYYX4izUsTCKlu
cFL3tyJUk+/2xaNj8PQzDhad/Eqau4Eo9cWKPXAWxt0iIsRmq8ut6o+ZikcVsVJR
oYba0RiUaD1A7hihMPd77MpHcSGTI+Bpug27XRnA9UVfubJSwnyX0uKj2jERchv3
+H081MaDyGmDM1S8ErNE8wtcitRFFrTeWW/twzH3cZkmsE0f77T8swpZpzqzp4Yc
fVqDDnxdUnMom5ceIO2qDu/0AHmVhejDS1QYLaPoYSMV1KoDqn0QKl5T9KxTFW/R
LMJYeKnpJB7P1FM6o/E+MUB3l0GPOKnUJsM0msZqeCLfJkII47KJIKejZ00x0sYU
aXE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:48:39 2025 by rpki-client