Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bwnk95q1CF4OPk-Fg3VU6iAroM.roa
File: 1-bwnk95q1CF4OPk-Fg3VU6iAroM.roa (raw, json)
Hash identifier: 7qDWC5gO/XG8jX1c8ugHJVoszFb2mLXBwmGT4CXIIQs=
Subject key identifier: F9:BC:27:93:DE:6A:D4:21:78:38:F9:3E:16:0D:D5:53:A8:80:AE:83
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AF42AF9BCEF4AB0F2B2F7EB8E6A58D51C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bwnk95q1CF4OPk-Fg3VU6iAroM.roa
Signing time: Tue 03 Oct 2023 06:12:51 +0000
ROA not before: Tue 03 Oct 2023 06:12:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f4:2a:f9:bc:ef:4a:b0:f2:b2:f7:eb:8e:6a:58:d5:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 3 06:12:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9bc2793de6ad4217838f93e160dd553a880ae83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:77:f3:a2:a3:11:00:15:5e:03:51:f3:ee:29:
e8:8c:b4:ae:b0:eb:72:5b:df:ab:30:08:d6:43:be:
05:2f:e6:e6:70:37:0c:1c:52:e5:65:03:a2:1a:a7:
7b:b5:5e:f6:4c:a0:e8:07:0d:9b:ba:77:68:3b:48:
43:00:7f:37:74:50:b3:4f:3e:f3:9c:01:d2:77:09:
12:fb:0e:ca:70:72:3b:c7:d1:02:18:3f:b4:41:77:
81:07:2b:0b:ea:c4:4f:ce:d3:fa:bc:44:07:1b:34:
79:b8:d7:f4:7f:30:7b:b9:5c:18:49:e7:2b:13:da:
38:33:b3:99:1d:b7:4c:f4:ff:90:2e:40:ef:90:99:
2d:e3:d8:96:e1:8e:2e:20:d8:0e:ab:0f:ee:4e:18:
d3:3e:d1:96:ad:a5:0c:21:15:c3:d8:af:cc:d3:df:
d0:04:33:5d:b4:26:51:ca:d4:f7:27:34:08:b6:f1:
50:db:b7:cf:7a:82:8f:3b:99:1a:1d:01:d1:72:ab:
06:95:55:64:a4:da:5f:0f:1a:1a:8d:70:8b:85:f5:
6e:b0:00:0a:70:85:48:52:28:2d:88:58:6d:54:e7:
5c:18:25:f6:12:10:d3:fd:45:e2:31:9c:ed:5e:db:
22:c1:f8:8b:99:4a:13:9b:67:3c:d4:2c:47:d7:75:
90:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BC:27:93:DE:6A:D4:21:78:38:F9:3E:16:0D:D5:53:A8:80:AE:83
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bwnk95q1CF4OPk-Fg3VU6iAroM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:53:04:76:cd:95:e7:d7:54:84:02:eb:03:de:35:9a:57:69:
3e:e3:71:43:fd:1b:3f:0c:e8:ff:65:cb:3d:21:64:b6:f3:d7:
68:05:a5:74:ab:e4:1b:18:95:ad:7f:ad:b5:a9:cf:e2:67:f5:
bc:64:8f:8e:ab:85:ba:6b:88:40:a9:6a:ff:ce:b0:11:7d:76:
0d:30:a8:77:04:2b:71:e0:f2:d8:38:62:79:c9:bf:06:e0:af:
6d:07:fd:39:7e:15:d2:4e:0c:51:a0:31:f9:18:25:0c:bb:2c:
f1:91:a7:e7:db:63:ce:61:ea:05:0f:b7:1d:17:32:a6:bc:a0:
a2:77:b3:0a:a5:7a:17:b6:70:a9:33:42:66:33:76:d9:ee:f1:
b5:9b:83:4d:92:97:4e:60:a4:c4:cc:a0:0d:8f:7d:42:c9:38:
fa:75:58:2b:0b:65:22:2c:62:ce:d4:91:0d:6c:48:66:68:a4:
52:3c:31:06:fa:79:de:a3:5f:a0:15:2e:97:4d:ba:9a:ac:b1:
d3:d5:55:65:21:20:9d:4a:81:92:03:bd:d6:a1:4d:de:09:12:
41:d0:f5:00:42:19:53:de:58:f8:74:f0:ad:eb:17:0b:ca:74:
6f:17:e9:ee:f9:54:51:39:99:f5:12:af:0f:c0:e4:69:6b:91:
c6:ea:d9:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr0Kvm870qw8rL3645qWNUcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDAzMDYxMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJjMjc5M2RlNmFkNDIxNzgzOGY5M2UxNjBkZDU1M2E4ODBhZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+XfzoqMRABVeA1Hz7inojLSusOty
W9+rMAjWQ74FL+bmcDcMHFLlZQOiGqd7tV72TKDoBw2bundoO0hDAH83dFCzTz7z
nAHSdwkS+w7KcHI7x9ECGD+0QXeBBysL6sRPztP6vEQHGzR5uNf0fzB7uVwYSecr
E9o4M7OZHbdM9P+QLkDvkJkt49iW4Y4uINgOqw/uThjTPtGWraUMIRXD2K/M09/Q
BDNdtCZRytT3JzQItvFQ27fPeoKPO5kaHQHRcqsGlVVkpNpfDxoajXCLhfVusAAK
cIVIUigtiFhtVOdcGCX2EhDT/UXiMZztXtsiwfiLmUoTm2c81CxH13WQIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPm8J5PeatQheDj5PhYN1VOogK6DMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1id25rOTVxMUNGNE9Qay1GZzNWVTZpQXJvTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvZjYwMTc4LTk5MWEtNDI2MS05NmEwLWRkNWMzMDBiZTU0
ZS8xL1F3T2FhQk1QR1dNZUZTZVViaDRTZmJIby1kay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQADUwR2zZXn11SEAusD
3jWaV2k+43FD/Rs/DOj/Zcs9IWS289doBaV0q+QbGJWtf621qc/iZ/W8ZI+Oq4W6
a4hAqWr/zrARfXYNMKh3BCtx4PLYOGJ5yb8G4K9tB/05fhXSTgxRoDH5GCUMuyzx
kafn22POYeoFD7cdFzKmvKCid7MKpXoXtnCpM0JmM3bZ7vG1m4NNkpdOYKTEzKAN
j31CyTj6dVgrC2UiLGLO1JENbEhmaKRSPDEG+nneo1+gFS6XTbqarLHT1VVlISCd
SoGSA73WoU3eCRJB0PUAQhlT3lj4dPCt6xcLynRvF+nu+VRROZn1Eq8PwORpa5HG
6tm7
-----END CERTIFICATE-----
Generated at Sun May 11 12:39:34 2025 by rpki-client