Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bz9E7uJVlwZ2wpWOkkPgFrTkRjE.roa
File: bz9E7uJVlwZ2wpWOkkPgFrTkRjE.roa (raw, json)
Hash identifier: mgr00wtqf6IB1Ib4DNXnWYF6SOUkAJYyt4Slkr7x3hs=
Subject key identifier: 6F:3F:44:EE:E2:55:97:06:76:C2:95:8E:92:43:E0:16:B4:E4:46:31
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C2706F7417C313EF55D89958092613741
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bz9E7uJVlwZ2wpWOkkPgFrTkRjE.roa
Signing time: Fri 01 Dec 2023 20:16:57 +0000
ROA not before: Fri 01 Dec 2023 20:16:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:27:06:f7:41:7c:31:3e:f5:5d:89:95:80:92:61:37:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 1 20:16:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f3f44eee255970676c2958e9243e016b4e44631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2f:0e:f2:73:83:57:10:c8:43:fd:a5:b5:ff:
ef:b4:4f:bb:19:a9:41:cf:83:e8:ca:10:c0:1f:30:
10:66:98:da:28:bf:7a:ac:13:00:46:b0:43:20:f4:
c8:3f:df:5c:6b:2b:cf:ec:e0:6b:fc:a0:4e:34:a0:
55:37:03:6d:45:cb:3f:8c:c9:18:b7:ea:ed:5a:19:
08:f5:eb:a8:90:67:af:7a:8f:f9:c3:24:26:fc:a7:
b7:53:49:2f:8a:59:ef:42:f2:54:17:e6:5a:c4:5f:
73:32:39:96:ed:27:36:0d:a7:47:57:39:45:39:02:
e4:d8:01:6f:d7:d0:57:12:0c:e4:d1:fd:f5:0b:30:
f4:60:44:03:62:fc:12:22:96:2f:1f:5b:b3:50:e5:
23:f8:1a:a3:69:50:4b:4b:59:99:39:36:2b:6c:5c:
62:47:5b:7c:35:01:34:2b:51:79:dd:d2:4e:f1:d9:
0a:60:a3:d6:1b:cd:4d:43:07:56:07:dc:8e:99:27:
1c:cf:96:5a:a6:8e:49:b4:65:3d:9e:22:d4:9b:a2:
05:57:0a:55:c8:2e:30:70:ab:b0:d6:2f:8c:b3:22:
a3:c5:2e:56:24:cf:5d:c6:58:c2:d9:51:b6:07:d5:
8e:09:c7:82:88:6e:50:c6:3b:0a:aa:e4:9d:53:1a:
a4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:3F:44:EE:E2:55:97:06:76:C2:95:8E:92:43:E0:16:B4:E4:46:31
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bz9E7uJVlwZ2wpWOkkPgFrTkRjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:f5:aa:0d:d0:5a:1d:7f:0e:6b:3b:6a:35:5b:3b:5b:99:d3:
02:c2:1b:0d:cd:15:12:cd:0b:b3:39:6e:33:0b:bb:8f:e9:b3:
ed:33:4c:97:11:d8:35:5d:c8:84:57:55:8b:52:ce:ca:71:b7:
e2:0c:62:f3:cf:cf:96:25:57:2f:9a:b9:58:06:59:90:ba:40:
a7:a5:e6:fd:bb:e3:66:06:27:bf:1b:b1:81:78:36:8e:34:79:
55:c5:1e:08:09:9f:51:dd:f8:49:52:47:3a:31:d9:f0:46:dd:
20:5e:52:a2:e5:fe:d0:a1:b2:ce:0b:5a:92:c3:ad:88:54:2a:
9f:1b:4d:3d:cf:b0:40:5c:47:61:96:c1:98:f9:d6:c4:44:ee:
78:21:c7:ba:46:08:18:c7:65:e6:74:0e:8a:3f:19:aa:39:ec:
b0:cf:f1:c7:c8:e4:69:d7:3c:29:29:ff:20:4a:82:3f:37:56:
9f:9f:25:09:20:0f:f9:58:a3:b1:c8:5b:f7:e1:f4:79:1b:4e:
cf:9b:d5:07:a1:2f:9e:04:35:a1:dc:c1:48:43:02:0d:f5:a1:
66:69:d5:1f:d6:b4:58:31:f4:4c:42:88:21:9e:69:54:71:26:
90:77:27:d5:75:28:99:db:8b:13:40:31:36:6a:ec:ff:84:bc:
30:8d:cd:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwnBvdBfDE+9V2JlYCSYTdBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjAxMjAxNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjNmNDRlZWUyNTU5NzA2NzZjMjk1OGU5MjQzZTAxNmI0ZTQ0NjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxy8O8nODVxDIQ/2ltf/vtE+7GalB
z4PoyhDAHzAQZpjaKL96rBMARrBDIPTIP99cayvP7OBr/KBONKBVNwNtRcs/jMkY
t+rtWhkI9euokGeveo/5wyQm/Ke3U0kvilnvQvJUF+ZaxF9zMjmW7Sc2DadHVzlF
OQLk2AFv19BXEgzk0f31CzD0YEQDYvwSIpYvH1uzUOUj+BqjaVBLS1mZOTYrbFxi
R1t8NQE0K1F53dJO8dkKYKPWG81NQwdWB9yOmSccz5Zapo5JtGU9niLUm6IFVwpV
yC4wcKuw1i+MsyKjxS5WJM9dxljC2VG2B9WOCceCiG5QxjsKquSdUxqkewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG8/RO7iVZcGdsKVjpJD4Ba05EYxMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYno5RTd1SlZsd1oyd3BXT2trUGdGclRrUmpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIL1qg3QWh1/Dms7ajVb
O1uZ0wLCGw3NFRLNC7M5bjMLu4/ps+0zTJcR2DVdyIRXVYtSzspxt+IMYvPPz5Yl
Vy+auVgGWZC6QKel5v2742YGJ78bsYF4No40eVXFHggJn1Hd+ElSRzox2fBG3SBe
UqLl/tChss4LWpLDrYhUKp8bTT3PsEBcR2GWwZj51sRE7nghx7pGCBjHZeZ0Doo/
Gao57LDP8cfI5GnXPCkp/yBKgj83Vp+fJQkgD/lYo7HIW/fh9HkbTs+b1QehL54E
NaHcwUhDAg31oWZp1R/WtFgx9ExCiCGeaVRxJpB3J9V1KJnbixNAMTZq7P+EvDCN
zbE=
-----END CERTIFICATE-----
Generated at Sun May 11 19:10:26 2025 by rpki-client