Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vBbie7jBwZ3G-snp4hF9j3W6k6w.roa
File: vBbie7jBwZ3G-snp4hF9j3W6k6w.roa (raw, json)
Hash identifier: UwYTRcj/xW0MJ3xl0GL8B0IOSfsYKygRsScpl3nR0KA=
Subject key identifier: BC:16:E2:7B:B8:C1:C1:9D:C6:FA:C9:E9:E2:11:7D:8F:75:BA:93:AC
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C119184768504A7910AAA2814C9A9E4DF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vBbie7jBwZ3G-snp4hF9j3W6k6w.roa
Signing time: Mon 27 Nov 2023 16:16:38 +0000
ROA not before: Mon 27 Nov 2023 16:16:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:91:84:76:85:04:a7:91:0a:aa:28:14:c9:a9:e4:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 27 16:16:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bc16e27bb8c1c19dc6fac9e9e2117d8f75ba93ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ea:68:18:d6:a9:9d:e3:f6:31:e6:a0:f2:c7:
1b:27:81:35:42:0f:73:a9:06:73:72:83:08:32:18:
c5:d9:f6:0e:c9:e0:23:e8:ec:2f:15:ba:ae:a9:ea:
c1:78:d8:ee:d8:d7:f5:bb:07:8e:ac:92:ba:95:01:
ae:31:c2:aa:31:68:77:a6:33:79:94:75:0a:38:d9:
57:7e:b2:2e:41:50:37:da:22:04:da:42:4b:66:07:
a6:c6:51:59:c6:d4:77:16:e2:fb:8b:ba:58:2f:8b:
1b:33:cf:b9:32:c9:26:9d:80:75:7f:10:fb:c3:22:
48:2d:05:14:91:7c:3f:1a:6a:14:17:1c:2a:66:54:
a9:51:18:da:b1:56:17:bc:30:d6:b5:fe:06:df:cf:
f4:81:b4:b6:95:da:5b:55:bf:17:fd:7e:e1:82:94:
8e:97:48:7b:5d:02:31:3c:b5:83:e1:2c:19:4a:a7:
52:5c:88:59:4f:99:6d:57:92:b6:e8:c6:2f:3f:b5:
8d:dd:f8:3c:ca:9a:0d:5c:ed:ea:33:be:90:a7:13:
ca:6f:22:cc:ab:d0:f9:45:7d:d0:0f:b9:b4:95:b3:
94:0b:9a:07:ec:c3:c4:a0:9a:07:d1:ed:ae:7c:22:
41:ba:66:c9:3a:31:95:bf:00:69:f8:04:a7:b1:8a:
83:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:16:E2:7B:B8:C1:C1:9D:C6:FA:C9:E9:E2:11:7D:8F:75:BA:93:AC
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/vBbie7jBwZ3G-snp4hF9j3W6k6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5e:dc:cb:be:f1:02:0a:8e:79:12:30:7b:05:50:f4:60:c7:3d:
20:a8:a5:6e:ce:8a:5e:b3:69:9d:d3:11:89:b9:30:ed:f8:27:
f3:c1:52:64:5f:96:15:5d:fc:ed:e1:46:54:f4:51:07:7d:5a:
d8:bc:ba:3b:5f:db:f2:94:c6:54:84:a8:d5:9f:89:f7:bc:87:
0d:96:83:83:b7:4a:c1:85:8e:77:a0:55:42:7f:4f:ed:ac:42:
2e:aa:d8:f4:74:05:31:fe:46:66:c5:d3:80:bb:a9:1b:42:c5:
de:0a:bb:22:cc:7a:fb:5a:7e:ab:fe:63:ce:6d:55:25:21:08:
1e:84:8a:04:cf:64:42:f9:8f:2a:c2:ad:99:45:ba:6b:24:b7:
61:74:c2:e4:7f:93:d5:37:ad:f5:ab:a4:6e:82:f2:9c:b5:e4:
2f:36:ee:9b:2b:18:82:d2:c7:70:24:e9:91:b5:c3:71:b4:07:
16:55:ab:df:8c:d5:b0:67:f1:ca:55:20:0d:19:37:fb:85:3f:
78:c1:b2:eb:94:f8:f2:f1:04:35:25:8a:0e:4d:d1:bb:02:a5:
11:43:39:61:5b:05:d9:87:1e:c9:13:2e:0b:cc:20:9b:c2:ce:
bf:e7:d4:c0:ab:51:8d:3b:6c:56:c9:3b:aa:31:cc:ac:87:fa:
4f:ec:8e:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwRkYR2hQSnkQqqKBTJqeTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI3MTYxNjM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE2ZTI3YmI4YzFjMTlkYzZmYWM5ZTllMjExN2Q4Zjc1YmE5M2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOpoGNapneP2Meag8scbJ4E1Qg9z
qQZzcoMIMhjF2fYOyeAj6OwvFbquqerBeNju2Nf1uweOrJK6lQGuMcKqMWh3pjN5
lHUKONlXfrIuQVA32iIE2kJLZgemxlFZxtR3FuL7i7pYL4sbM8+5MskmnYB1fxD7
wyJILQUUkXw/GmoUFxwqZlSpURjasVYXvDDWtf4G38/0gbS2ldpbVb8X/X7hgpSO
l0h7XQIxPLWD4SwZSqdSXIhZT5ltV5K26MYvP7WN3fg8ypoNXO3qM76QpxPKbyLM
q9D5RX3QD7m0lbOUC5oH7MPEoJoH0e2ufCJBumbJOjGVvwBp+ASnsYqDWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLwW4nu4wcGdxvrJ6eIRfY91upOsMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdkJiaWU3akJ3WjNHLXNucDRoRjlqM1c2azZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF7cy77xAgqOeRIwewVQ
9GDHPSCopW7Oil6zaZ3TEYm5MO34J/PBUmRflhVd/O3hRlT0UQd9Wti8ujtf2/KU
xlSEqNWfife8hw2Wg4O3SsGFjnegVUJ/T+2sQi6q2PR0BTH+RmbF04C7qRtCxd4K
uyLMevtafqv+Y85tVSUhCB6EigTPZEL5jyrCrZlFumskt2F0wuR/k9U3rfWrpG6C
8py15C827psrGILSx3Ak6ZG1w3G0BxZVq9+M1bBn8cpVIA0ZN/uFP3jBsuuU+PLx
BDUlig5N0bsCpRFDOWFbBdmHHskTLgvMIJvCzr/n1MCrUY07bFbJO6oxzKyH+k/s
juY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:15:27 2025 by rpki-client