Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tBEv6PkCXPnzN_rJmHcfBH6rpx4.roa
File: tBEv6PkCXPnzN_rJmHcfBH6rpx4.roa (raw, json)
Hash identifier: YHObnLzRghoe3DP+mr3u9pgUDL16Faf2fPkacpvb7Jw=
Subject key identifier: B4:11:2F:E8:F9:02:5C:F9:F3:37:FA:C9:98:77:1F:04:7E:AB:A7:1E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AB356133ABA1DB3E4F4302F220483852C
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tBEv6PkCXPnzN_rJmHcfBH6rpx4.roa
Signing time: Wed 20 Sep 2023 16:04:37 +0000
ROA not before: Wed 20 Sep 2023 16:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:b355:b3bc/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:56:13:3a:ba:1d:b3:e4:f4:30:2f:22:04:83:85:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 20 16:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4112fe8f9025cf9f337fac998771f047eaba71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dc:14:2a:6e:39:5f:7f:e1:11:ca:68:b4:c8:
92:3c:88:9f:10:80:47:15:2c:82:c8:6b:d8:ad:8a:
3e:9e:d3:74:ce:fc:c1:da:df:34:32:12:3a:71:71:
d2:6a:91:f7:ed:33:3c:96:77:c8:ba:50:9b:a9:32:
31:ae:b5:11:13:3e:03:60:2e:a5:25:c5:fd:15:31:
1f:ba:89:20:ed:57:74:e1:f4:06:a1:76:b1:f4:b1:
64:9a:4f:e0:af:0a:80:4a:51:bb:f1:08:1d:20:1f:
8a:8f:b1:21:91:d7:4a:97:05:e7:cc:13:2f:89:d7:
fb:bb:d7:db:d4:9d:f1:10:10:1d:b4:6c:6e:00:c5:
ae:3c:40:dc:e8:80:5f:86:12:46:8e:5c:3c:93:de:
a2:7a:29:28:9c:15:41:42:ba:1d:50:c2:d4:6f:a9:
cf:39:ea:ac:aa:b3:4c:b2:98:05:69:cc:a0:56:01:
07:50:d7:63:fe:f4:48:32:aa:5d:c3:68:c7:9b:45:
30:f8:48:67:39:0f:9d:85:ae:2e:42:d3:fa:8e:e4:
ed:45:32:69:72:83:f3:a1:d7:3f:3b:fa:36:48:27:
b4:92:ec:3b:00:ac:1f:11:d0:f1:fe:df:7b:f0:72:
87:89:2d:27:3b:b4:0a:a3:31:09:cb:e1:24:29:90:
6a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:11:2F:E8:F9:02:5C:F9:F3:37:FA:C9:98:77:1F:04:7E:AB:A7:1E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/tBEv6PkCXPnzN_rJmHcfBH6rpx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:bc:3d:c3:84:82:23:2b:e6:83:6e:4f:68:d7:9a:65:b5:b0:
db:5c:f0:0b:a9:36:02:2d:30:72:35:ee:21:83:af:42:b3:d2:
17:8f:a0:7a:d6:99:b0:1e:15:d1:e3:eb:d7:7a:a5:e8:83:53:
f1:16:b6:7a:28:d6:44:a7:6a:10:ff:e4:ee:31:3a:95:59:35:
ee:47:39:5f:89:12:3c:9b:15:04:69:32:a2:14:9b:6b:08:fd:
13:70:7a:f5:8c:9c:26:77:97:91:e0:fa:fe:fb:e0:09:d7:5d:
9e:42:da:11:26:e2:6d:2d:b4:bb:1e:e9:08:b5:5e:fd:78:8b:
46:95:d4:f4:95:36:15:f2:4c:d2:71:17:a1:30:0b:49:f0:7e:
6a:c8:2a:45:1a:c2:97:97:02:90:ea:31:72:82:68:7d:2d:6d:
50:12:97:9c:f8:28:9f:7d:0f:87:dd:05:38:97:7c:96:96:9a:
3a:3d:73:d7:cf:43:a0:1b:5e:f2:e9:3a:b9:f6:80:29:fe:cc:
db:be:f3:33:4b:da:a6:0d:1a:c6:48:8a:7e:41:bb:c4:fd:04:
4b:33:b5:da:9f:1a:83:e5:92:d8:12:73:88:b3:9f:f1:0c:6a:
d9:ea:ea:0a:ef:9e:a7:16:2a:4e:b6:19:41:4c:95:46:8b:2e:
07:61:23:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqzVhM6uh2z5PQwLyIEg4UsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTIwMTYwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDExMmZlOGY5MDI1Y2Y5ZjMzN2ZhYzk5ODc3MWYwNDdlYWJhNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltwUKm45X3/hEcpotMiSPIifEIBH
FSyCyGvYrYo+ntN0zvzB2t80MhI6cXHSapH37TM8lnfIulCbqTIxrrUREz4DYC6l
JcX9FTEfuokg7Vd04fQGoXax9LFkmk/grwqASlG78QgdIB+Kj7EhkddKlwXnzBMv
idf7u9fb1J3xEBAdtGxuAMWuPEDc6IBfhhJGjlw8k96ieikonBVBQrodUMLUb6nP
OeqsqrNMspgFacygVgEHUNdj/vRIMqpdw2jHm0Uw+EhnOQ+dha4uQtP6juTtRTJp
coPzodc/O/o2SCe0kuw7AKwfEdDx/t978HKHiS0nO7QKozEJy+EkKZBq+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLQRL+j5Alz58zf6yZh3HwR+q6ceMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdEJFdjZQa0NYUG56Tl9ySm1IY2ZCSDZycHg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEa8PcOEgiMr5oNuT2jX
mmW1sNtc8AupNgItMHI17iGDr0Kz0hePoHrWmbAeFdHj69d6peiDU/EWtnoo1kSn
ahD/5O4xOpVZNe5HOV+JEjybFQRpMqIUm2sI/RNwevWMnCZ3l5Hg+v774AnXXZ5C
2hEm4m0ttLse6Qi1Xv14i0aV1PSVNhXyTNJxF6EwC0nwfmrIKkUawpeXApDqMXKC
aH0tbVASl5z4KJ99D4fdBTiXfJaWmjo9c9fPQ6AbXvLpOrn2gCn+zNu+8zNL2qYN
GsZIin5Bu8T9BEsztdqfGoPlktgSc4izn/EMatnq6grvnqcWKk62GUFMlUaLLgdh
IzM=
-----END CERTIFICATE-----
Generated at Sat May 10 11:46:45 2025 by rpki-client