Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BrN4r7cXXqwR_i2b0PtwSt1kJd0.roa
File: BrN4r7cXXqwR_i2b0PtwSt1kJd0.roa (raw, json)
Hash identifier: gt5As1NXszhKxZENK7rxXEKAQyC2Z9ekrSECaGkgsMU=
Subject key identifier: 06:B3:78:AF:B7:17:5E:AC:11:FE:2D:9B:D0:FB:70:4A:DD:64:25:DD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BD571F6FDCD64C275B5CC5635B08C0BA7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BrN4r7cXXqwR_i2b0PtwSt1kJd0.roa
Signing time: Thu 16 Nov 2023 00:04:57 +0000
ROA not before: Thu 16 Nov 2023 00:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18b:d571:565f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d5:71:f6:fd:cd:64:c2:75:b5:cc:56:35:b0:8c:0b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 16 00:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06b378afb7175eac11fe2d9bd0fb704add6425dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:31:82:ed:70:93:0a:ff:8c:42:57:b8:2b:a2:
7e:35:80:77:c7:73:23:d2:ea:e9:1b:2f:d3:e9:51:
00:5d:67:ad:45:e5:ed:a1:77:13:e3:94:70:ff:2e:
bf:f3:7d:4a:55:9a:be:bd:f0:8f:16:13:01:7d:5f:
0c:39:68:82:22:c9:b4:ec:b7:98:04:72:58:47:cd:
d7:a9:77:e8:8f:1a:b2:7d:e9:0b:e2:9c:77:78:bb:
36:f9:a8:0e:1c:c6:fb:e2:d5:03:d7:8a:f7:68:fe:
c8:6e:f8:07:b2:ab:2d:01:3f:92:74:5f:a1:6c:d0:
26:a8:aa:23:d2:34:61:7f:66:7c:0b:9e:47:9a:b7:
b8:8a:48:d6:04:61:dd:cf:23:5a:a4:ef:c7:ca:ba:
5e:d8:98:a6:8c:34:72:56:84:59:c3:cb:99:5a:7c:
2f:a6:73:1a:f3:10:49:e4:a1:ba:98:82:1d:4c:ae:
ac:fc:d3:4f:f7:7d:69:e8:97:4f:83:e1:36:1b:2f:
6d:07:a2:6f:48:d5:78:2c:da:bb:4c:b2:58:18:91:
e3:8d:fd:54:bf:8f:8f:07:21:b8:29:4c:34:44:b5:
70:1d:ac:79:a6:f1:cf:7e:57:be:6b:c8:f2:4e:2a:
50:b2:6c:c4:e4:51:8d:26:70:75:b3:12:c6:32:0d:
49:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B3:78:AF:B7:17:5E:AC:11:FE:2D:9B:D0:FB:70:4A:DD:64:25:DD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BrN4r7cXXqwR_i2b0PtwSt1kJd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:79:56:f8:91:50:76:f2:6b:8b:f1:58:e8:13:e6:e9:d5:74:
db:23:9b:2b:42:51:3e:e5:97:66:f8:a7:14:43:e3:b5:dd:fb:
92:65:b9:69:29:2e:70:1f:74:ce:e8:ec:29:c2:df:dd:c1:f8:
af:99:78:d0:1d:65:e3:10:d4:63:a5:33:3b:6d:fb:d7:e0:ec:
7a:f8:34:fc:ab:44:a1:85:2d:e7:17:63:f7:44:8a:f5:6d:ce:
dc:4d:f5:fa:1e:74:3e:d4:65:40:cc:23:0f:a9:6d:2f:eb:b1:
34:ac:7a:ee:18:da:97:ee:3d:1d:c4:56:c9:0f:94:9e:59:06:
08:f4:18:42:0a:cb:f5:fb:96:cf:a0:a3:a6:9c:bb:09:f5:ff:
f5:94:cd:f6:e1:05:3d:c8:f7:c3:00:dd:4b:d7:c4:e9:e5:90:
0e:d6:ed:2e:5a:9e:09:ed:ff:87:e5:00:5a:a6:87:f5:05:4d:
36:6b:cf:2f:de:bc:14:17:d0:71:42:0e:55:98:c8:5b:eb:31:
69:a0:6a:4c:5c:4d:6b:8b:9d:12:9e:2b:c5:bb:f8:ce:04:4c:
e2:01:ed:f9:28:e7:69:f0:8e:84:b8:1c:fd:a8:f9:94:a5:7c:
92:95:e8:47:7b:4e:e4:ba:3a:24:73:41:47:05:1f:0f:e8:28:
03:d8:71:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvVcfb9zWTCdbXMVjWwjAunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTE2MDAwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmIzNzhhZmI3MTc1ZWFjMTFmZTJkOWJkMGZiNzA0YWRkNjQyNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zGC7XCTCv+MQle4K6J+NYB3x3Mj
0urpGy/T6VEAXWetReXtoXcT45Rw/y6/831KVZq+vfCPFhMBfV8MOWiCIsm07LeY
BHJYR83XqXfojxqyfekL4px3eLs2+agOHMb74tUD14r3aP7IbvgHsqstAT+SdF+h
bNAmqKoj0jRhf2Z8C55Hmre4ikjWBGHdzyNapO/Hyrpe2JimjDRyVoRZw8uZWnwv
pnMa8xBJ5KG6mIIdTK6s/NNP931p6JdPg+E2Gy9tB6JvSNV4LNq7TLJYGJHjjf1U
v4+PByG4KUw0RLVwHax5pvHPfle+a8jyTipQsmzE5FGNJnB1sxLGMg1J9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAazeK+3F16sEf4tm9D7cErdZCXdMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQnJONHI3Y1hYcXdSX2kyYjBQdHdTdDFrSmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKR5VviRUHbya4vxWOgT
5unVdNsjmytCUT7ll2b4pxRD47Xd+5JluWkpLnAfdM7o7CnC393B+K+ZeNAdZeMQ
1GOlMztt+9fg7Hr4NPyrRKGFLecXY/dEivVtztxN9foedD7UZUDMIw+pbS/rsTSs
eu4Y2pfuPR3EVskPlJ5ZBgj0GEIKy/X7ls+go6acuwn1//WUzfbhBT3I98MA3UvX
xOnlkA7W7S5angnt/4flAFqmh/UFTTZrzy/evBQX0HFCDlWYyFvrMWmgakxcTWuL
nRKeK8W7+M4ETOIB7fko52nwjoS4HP2o+ZSlfJKV6Ed7TuS6OiRzQUcFHw/oKAPY
cWM=
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:53:13 2025 by rpki-client