Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bUhb28MbpH62Ro_i7Mm6Zw9wtVQ.roa
File: bUhb28MbpH62Ro_i7Mm6Zw9wtVQ.roa (raw, json)
Hash identifier: J3tFTRiXrdLV0ToZV6JGt6h9azcxR/beHUES0ewT88w=
Subject key identifier: 6D:48:5B:DB:C3:1B:A4:7E:B6:46:8F:E2:EC:C9:BA:67:0F:70:B5:54
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B08FC242DBF9D2ADF0CFB0C0D39C7AF14
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bUhb28MbpH62Ro_i7Mm6Zw9wtVQ.roa
Signing time: Sat 07 Oct 2023 07:13:43 +0000
ROA not before: Sat 07 Oct 2023 07:13:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:08:fc:24:2d:bf:9d:2a:df:0c:fb:0c:0d:39:c7:af:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 7 07:13:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d485bdbc31ba47eb6468fe2ecc9ba670f70b554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ad:53:87:4c:bd:d7:e5:c9:9f:ba:ee:62:f2:
c3:e7:87:17:94:b0:a4:5d:2d:b2:77:2e:80:66:45:
89:9e:89:28:17:17:b7:52:55:34:2c:56:03:09:2d:
07:82:10:4c:a2:c6:d8:0d:ea:74:7e:55:87:1f:46:
68:25:1e:8b:43:4d:f4:80:b8:f4:9a:53:31:a7:d4:
5b:49:8a:c4:ea:ba:e4:82:1f:16:f2:20:68:d7:01:
ad:ca:87:c5:6b:8b:ef:1f:28:19:74:eb:a7:b9:ec:
cf:50:41:5c:8e:75:ec:0e:3f:50:e9:65:65:3f:53:
da:e0:a1:55:e1:c9:4b:4b:c9:32:07:a0:88:3d:55:
c8:88:33:fd:57:7f:8f:fd:13:38:5f:f2:38:7f:7d:
0b:fe:ea:57:84:e9:cc:49:34:25:2f:0c:e6:c9:b1:
00:d8:d7:8f:96:08:f1:04:3b:c3:59:33:79:8d:6c:
3b:75:e3:cf:3a:d8:e6:b2:77:f2:79:fb:bd:51:79:
d6:67:5a:d0:c5:42:dd:aa:2b:fd:f0:cd:e9:99:8f:
c5:99:19:29:78:50:d7:c8:57:a5:a8:2b:8c:46:dc:
e1:20:e7:7b:dc:ff:74:ea:91:92:12:dc:cd:cf:e1:
48:e1:8f:12:14:70:80:67:c5:32:fb:dd:d6:ab:8a:
02:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:48:5B:DB:C3:1B:A4:7E:B6:46:8F:E2:EC:C9:BA:67:0F:70:B5:54
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bUhb28MbpH62Ro_i7Mm6Zw9wtVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3b:ef:6c:38:77:03:58:a5:31:78:ca:54:a8:fb:6f:c0:39:6a:
9c:0b:8a:95:52:1d:71:cb:6a:5a:50:9f:a3:79:69:9e:fd:e9:
61:98:34:74:ce:32:f3:dd:75:40:16:e9:97:ba:1d:88:be:f9:
fe:36:96:e4:09:ad:ad:9a:fd:7f:64:a9:7b:df:06:9c:41:09:
8a:ee:16:d8:54:8b:56:29:40:33:e0:b4:b8:1e:d8:a8:e0:e1:
3f:c9:3b:c4:51:fc:e4:af:45:14:15:af:d5:f1:78:bd:f4:b2:
1a:d5:a7:8c:92:9f:96:65:bb:4c:f7:80:06:fe:16:fb:d0:32:
ae:9d:0a:76:a2:20:60:42:4e:13:ff:01:c6:6c:89:ba:e7:3b:
1d:e4:ed:49:25:6a:1a:60:48:75:59:a8:3f:a1:39:ef:ae:cd:
64:89:9e:35:3e:2f:81:a5:ed:53:70:11:08:28:5e:9d:48:02:
9e:f3:22:81:fd:b0:c6:d9:42:84:20:90:d2:1b:98:f6:f9:4f:
59:2c:39:5f:34:58:27:48:8e:3c:13:ce:4f:4d:c7:a0:d2:1f:
03:db:2d:c1:ee:3b:4d:db:ef:4a:aa:be:ed:f8:8e:57:4d:d2:
16:d0:d8:f9:c6:05:90:ac:bc:ed:a1:d6:1b:28:0a:8a:0b:92:
0d:33:42:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsI/CQtv50q3wz7DA05x68UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA3MDcxMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQ4NWJkYmMzMWJhNDdlYjY0NjhmZTJlY2M5YmE2NzBmNzBiNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK1Th0y91+XJn7ruYvLD54cXlLCk
XS2ydy6AZkWJnokoFxe3UlU0LFYDCS0HghBMosbYDep0flWHH0ZoJR6LQ030gLj0
mlMxp9RbSYrE6rrkgh8W8iBo1wGtyofFa4vvHygZdOunuezPUEFcjnXsDj9Q6WVl
P1Pa4KFV4clLS8kyB6CIPVXIiDP9V3+P/RM4X/I4f30L/upXhOnMSTQlLwzmybEA
2NePlgjxBDvDWTN5jWw7dePPOtjmsnfyefu9UXnWZ1rQxULdqiv98M3pmY/FmRkp
eFDXyFelqCuMRtzhIOd73P906pGSEtzNz+FI4Y8SFHCAZ8Uy+93Wq4oCQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG1IW9vDG6R+tkaP4uzJumcPcLVUMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYlVoYjI4TWJwSDYyUm9faTdNbTZadzl3dFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADvvbDh3A1ilMXjKVKj7
b8A5apwLipVSHXHLalpQn6N5aZ796WGYNHTOMvPddUAW6Ze6HYi++f42luQJra2a
/X9kqXvfBpxBCYruFthUi1YpQDPgtLge2Kjg4T/JO8RR/OSvRRQVr9XxeL30shrV
p4ySn5Zlu0z3gAb+FvvQMq6dCnaiIGBCThP/AcZsibrnOx3k7UklahpgSHVZqD+h
Oe+uzWSJnjU+L4Gl7VNwEQgoXp1IAp7zIoH9sMbZQoQgkNIbmPb5T1ksOV80WCdI
jjwTzk9Nx6DSHwPbLcHuO03b70qqvu34jldN0hbQ2PnGBZCsvO2h1hsoCooLkg0z
QiA=
-----END CERTIFICATE-----
Generated at Mon May 12 13:11:30 2025 by rpki-client