Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Bri-UOP72qkx0orUNQl7EPQWssU.roa
File: Bri-UOP72qkx0orUNQl7EPQWssU.roa (raw, json)
Hash identifier: qn8Qftxt7C4rsQ//Fk89ifE2v1P2Y6a7vTUyWd8TfMo=
Subject key identifier: 06:B8:BE:50:E3:FB:DA:A9:31:D2:8A:D4:35:09:7B:10:F4:16:B2:C5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B0D405DA8AB3801847A2DDC01996DCED5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Bri-UOP72qkx0orUNQl7EPQWssU.roa
Signing time: Sun 08 Oct 2023 03:06:43 +0000
ROA not before: Sun 08 Oct 2023 03:06:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18b:d3f:7fbf/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:0d:40:5d:a8:ab:38:01:84:7a:2d:dc:01:99:6d:ce:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 8 03:06:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06b8be50e3fbdaa931d28ad435097b10f416b2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:67:00:21:ca:02:6b:9e:e1:4f:94:83:58:16:
fe:e1:b0:55:a0:6b:69:2b:4b:f9:97:06:2f:34:a7:
20:3a:96:90:33:c7:19:2b:41:a4:f0:26:03:bc:66:
24:bb:7c:c8:0a:4d:88:51:8c:81:58:d3:42:8e:8b:
4a:97:7d:d5:82:8b:86:08:44:9e:d3:b3:a7:e8:26:
45:73:ca:88:32:5c:c3:98:12:a3:fb:11:bc:c4:9b:
e6:e9:86:69:22:2f:f0:82:10:7e:53:d0:e2:49:d5:
b9:3f:f4:ba:ba:40:59:b4:a9:0a:43:73:16:b2:c4:
dc:15:67:de:97:92:32:37:2d:03:b6:a6:62:be:ae:
f1:6a:19:43:bc:6a:a7:3f:47:05:4f:ac:c1:5f:e5:
5e:0d:23:a4:2c:49:d4:d0:94:58:df:63:aa:f2:7f:
93:ed:88:0e:bd:8b:a1:e5:f5:e9:cf:e9:70:4b:f6:
a0:c1:c3:78:5d:cd:80:5e:00:71:3a:d3:56:35:c5:
9f:16:a1:a2:9c:59:fa:a4:15:fd:43:f2:ba:e2:f4:
16:0e:a7:84:cd:51:c6:bc:1a:8b:d4:80:10:ed:cd:
48:be:90:29:f5:a0:5c:aa:90:98:a0:a2:00:1d:7a:
07:7d:20:84:01:38:17:95:40:55:f3:4a:af:8f:08:
78:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B8:BE:50:E3:FB:DA:A9:31:D2:8A:D4:35:09:7B:10:F4:16:B2:C5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Bri-UOP72qkx0orUNQl7EPQWssU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:b3:bb:60:42:70:ed:af:a5:8b:1a:ac:77:aa:cc:7a:5b:3e:
65:67:90:44:a4:ee:71:70:a1:b7:1d:44:f2:b4:91:74:24:90:
78:6c:26:9b:ae:76:a2:d9:cd:ae:d9:cd:af:4c:aa:d3:6b:96:
dc:e7:42:d3:f9:f4:89:04:ae:1e:94:78:36:ff:f4:b5:86:04:
01:cc:14:5c:c5:31:03:af:17:9f:53:f8:23:8a:62:15:7a:c6:
fb:00:cd:d0:3d:1d:60:78:c6:44:09:83:0b:56:32:d6:96:07:
67:4f:8f:5a:fb:28:0e:51:e1:11:55:02:fb:66:8a:82:53:5d:
74:ea:44:a4:a8:c6:ad:dc:d7:f9:52:8a:83:09:66:9c:11:7b:
20:4b:5e:f6:1c:23:d6:e4:f8:8a:83:d8:fe:4e:8a:16:e1:b8:
00:17:77:b3:a7:5e:5e:f2:cb:0c:a5:67:fa:5b:fd:7b:7c:aa:
16:f7:4c:02:4b:53:c7:c5:b8:8e:6a:9e:1a:29:4f:bc:9f:19:
03:65:ca:94:1a:90:7b:c0:1d:c7:e6:12:60:b5:16:79:08:90:
ad:a9:0b:e8:57:b9:b8:9f:5c:35:ae:61:4c:d4:1c:46:d7:72:
a7:ea:f5:27:fa:8e:24:1f:b8:b4:db:8c:32:86:a3:1f:d4:e0:
a8:b1:c7:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsNQF2oqzgBhHot3AGZbc7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA4MDMwNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI4YmU1MGUzZmJkYWE5MzFkMjhhZDQzNTA5N2IxMGY0MTZiMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2cAIcoCa57hT5SDWBb+4bBVoGtp
K0v5lwYvNKcgOpaQM8cZK0Gk8CYDvGYku3zICk2IUYyBWNNCjotKl33VgouGCESe
07On6CZFc8qIMlzDmBKj+xG8xJvm6YZpIi/wghB+U9DiSdW5P/S6ukBZtKkKQ3MW
ssTcFWfel5IyNy0DtqZivq7xahlDvGqnP0cFT6zBX+VeDSOkLEnU0JRY32Oq8n+T
7YgOvYuh5fXpz+lwS/agwcN4Xc2AXgBxOtNWNcWfFqGinFn6pBX9Q/K64vQWDqeE
zVHGvBqL1IAQ7c1IvpAp9aBcqpCYoKIAHXoHfSCEATgXlUBV80qvjwh43wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAa4vlDj+9qpMdKK1DUJexD0FrLFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQnJpLVVPUDcycWt4MG9yVU5RbDdFUFFXc3NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB6zu2BCcO2vpYsarHeq
zHpbPmVnkESk7nFwobcdRPK0kXQkkHhsJpuudqLZza7Zza9MqtNrltznQtP59IkE
rh6UeDb/9LWGBAHMFFzFMQOvF59T+COKYhV6xvsAzdA9HWB4xkQJgwtWMtaWB2dP
j1r7KA5R4RFVAvtmioJTXXTqRKSoxq3c1/lSioMJZpwReyBLXvYcI9bk+IqD2P5O
ihbhuAAXd7OnXl7yywylZ/pb/Xt8qhb3TAJLU8fFuI5qnhopT7yfGQNlypQakHvA
HcfmEmC1FnkIkK2pC+hXubifXDWuYUzUHEbXcqfq9Sf6jiQfuLTbjDKGox/U4Kix
x0c=
-----END CERTIFICATE-----
Generated at Mon May 12 07:12:56 2025 by rpki-client