Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/B2tGa8ew-4M9pJR_ZASHP9PTc3c.roa
File: B2tGa8ew-4M9pJR_ZASHP9PTc3c.roa (raw, json)
Hash identifier: IhgxRliUWTape9+71zzm3dBJX9AB8Sv7fj9sD9MBPcM=
Subject key identifier: 07:6B:46:6B:C7:B0:FB:83:3D:A4:94:7F:64:04:87:3F:D3:D3:73:77
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BFF8003F196AC55DBF53A42F45896FBE6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/B2tGa8ew-4M9pJR_ZASHP9PTc3c.roa
Signing time: Fri 24 Nov 2023 04:04:21 +0000
ROA not before: Fri 24 Nov 2023 04:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:ff7f:dc4e/128 maxlen: 128
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ff:80:03:f1:96:ac:55:db:f5:3a:42:f4:58:96:fb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 24 04:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=076b466bc7b0fb833da4947f6404873fd3d37377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:de:eb:82:d9:85:c2:1b:f2:68:cb:18:8c:f4:
27:4f:ef:6d:a1:36:e4:b6:cb:d2:7b:9d:9f:9c:4c:
a3:64:d2:f8:7c:f0:49:17:8b:a7:cf:2f:69:7f:e9:
d1:73:0d:d2:96:7d:56:ce:88:74:f9:ac:bd:ac:a6:
29:5e:e3:99:58:d2:6a:1c:dd:49:ea:9b:80:4a:d6:
e8:5d:e6:3d:8c:f5:fc:07:7a:bd:be:11:dd:08:15:
5a:a3:ee:86:7d:f6:21:fd:14:ba:0d:33:62:1a:27:
dc:c3:5a:00:7c:6d:f4:21:46:66:77:f6:72:05:ce:
dd:6c:be:64:22:5a:cc:1a:50:8e:27:0c:e2:01:fa:
9e:94:8a:b9:ee:5d:8e:bf:b4:59:48:4b:e6:e9:b2:
ba:e3:c2:a9:42:b8:81:a0:6c:d4:ae:c5:24:d6:3a:
96:dd:e8:4f:3b:c2:eb:24:71:d2:b0:2f:c9:60:03:
f0:96:ef:3f:fe:47:4b:d3:2e:e7:a5:a2:d0:22:97:
06:ca:22:0b:79:e9:30:98:13:9c:13:10:8d:8f:7d:
b8:d6:99:29:21:93:9e:56:ef:60:ef:1f:6f:2c:39:
6b:94:bb:dc:28:f2:de:7f:78:bd:9a:e9:82:f7:33:
fb:3a:aa:ac:86:bf:34:c3:14:d5:44:75:82:fb:27:
8b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:6B:46:6B:C7:B0:FB:83:3D:A4:94:7F:64:04:87:3F:D3:D3:73:77
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/B2tGa8ew-4M9pJR_ZASHP9PTc3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:95:85:f4:0d:3d:92:05:c4:5d:d8:32:b2:60:d8:13:4f:b6:
81:89:fb:ce:e7:71:0a:a9:8b:87:f5:99:8e:23:00:60:6f:e7:
89:15:af:f9:c1:0c:82:1c:20:ce:c2:57:34:62:d7:fe:44:3c:
4c:0a:9d:b5:74:87:90:cf:8b:b2:15:36:dd:31:2c:87:41:11:
31:b0:ed:59:39:fe:93:3e:ef:0f:03:3d:10:ec:d5:f6:ec:86:
94:42:b6:4f:60:53:60:63:1c:71:5e:1c:12:f9:3e:9e:f3:cd:
b8:dc:d6:98:7e:f9:fa:2a:4d:5e:a1:35:c6:45:dc:23:4c:c2:
a3:b6:c2:1c:b2:11:87:84:39:7c:2e:fa:6d:c5:c3:8f:b6:1c:
af:ee:0d:fc:7c:29:24:b5:13:97:4f:a3:66:d4:a2:2b:23:63:
aa:38:12:05:59:a2:08:f5:81:2e:21:7f:6d:a6:cd:91:8a:b1:
71:c7:00:34:dc:50:43:e8:d3:f4:58:9b:84:83:15:63:e1:0f:
e6:45:f0:ef:13:62:0c:b0:a1:e2:c2:fc:7d:c5:90:e4:f7:48:
61:02:17:f3:bd:00:e9:15:ac:69:90:89:e6:2b:e0:2e:4f:e8:
fa:1a:8d:8b:da:89:c5:38:4d:97:48:6c:f0:7c:6a:55:90:fb:
84:e1:56:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYv/gAPxlqxV2/U6QvRYlvvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI0MDQwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzZiNDY2YmM3YjBmYjgzM2RhNDk0N2Y2NDA0ODczZmQzZDM3Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht7rgtmFwhvyaMsYjPQnT+9toTbk
tsvSe52fnEyjZNL4fPBJF4unzy9pf+nRcw3Sln1Wzoh0+ay9rKYpXuOZWNJqHN1J
6puAStboXeY9jPX8B3q9vhHdCBVao+6GffYh/RS6DTNiGifcw1oAfG30IUZmd/Zy
Bc7dbL5kIlrMGlCOJwziAfqelIq57l2Ov7RZSEvm6bK648KpQriBoGzUrsUk1jqW
3ehPO8LrJHHSsC/JYAPwlu8//kdL0y7npaLQIpcGyiILeekwmBOcExCNj3241pkp
IZOeVu9g7x9vLDlrlLvcKPLef3i9mumC9zP7Oqqshr80wxTVRHWC+yeL4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAdrRmvHsPuDPaSUf2QEhz/T03N3MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQjJ0R2E4ZXctNE05cEpSX1pBU0hQOVBUYzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGOVhfQNPZIFxF3YMrJg
2BNPtoGJ+87ncQqpi4f1mY4jAGBv54kVr/nBDIIcIM7CVzRi1/5EPEwKnbV0h5DP
i7IVNt0xLIdBETGw7Vk5/pM+7w8DPRDs1fbshpRCtk9gU2BjHHFeHBL5Pp7zzbjc
1ph++foqTV6hNcZF3CNMwqO2whyyEYeEOXwu+m3Fw4+2HK/uDfx8KSS1E5dPo2bU
oisjY6o4EgVZogj1gS4hf22mzZGKsXHHADTcUEPo0/RYm4SDFWPhD+ZF8O8TYgyw
oeLC/H3FkOT3SGECF/O9AOkVrGmQieYr4C5P6PoajYvaicU4TZdIbPB8alWQ+4Th
VoY=
-----END CERTIFICATE-----
Generated at Sat May 10 13:05:02 2025 by rpki-client