Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BGyWjmNd8poyG9TUIJCrLh7J9v4.roa
File: BGyWjmNd8poyG9TUIJCrLh7J9v4.roa (raw, json)
Hash identifier: 4+m08zrW34x3fdg+l+kfm4sVTdAsPA/hDxjRm0u7Ymo=
Subject key identifier: 04:6C:96:8E:63:5D:F2:9A:32:1B:D4:D4:20:90:AB:2E:1E:C9:F6:FE
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C088E9895E493063B0ACC98A9134C308A
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BGyWjmNd8poyG9TUIJCrLh7J9v4.roa
Signing time: Sat 25 Nov 2023 22:16:52 +0000
ROA not before: Sat 25 Nov 2023 22:16:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:08:8e:98:95:e4:93:06:3b:0a:cc:98:a9:13:4c:30:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 25 22:16:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=046c968e635df29a321bd4d42090ab2e1ec9f6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:10:35:79:c2:70:78:07:9d:dc:65:f5:29:33:
dd:d6:e7:f9:0e:89:d0:c8:7b:f0:b6:13:bc:62:e5:
56:88:f4:18:91:a9:25:5e:b8:79:85:90:70:10:ca:
46:ab:8a:46:52:e8:19:45:35:b5:72:65:be:19:3c:
58:fe:11:bc:9b:96:8c:77:07:b7:70:fb:42:23:d9:
83:d8:7f:e8:53:76:fe:0f:78:51:8b:9a:1b:59:80:
c2:d9:16:75:bf:df:17:bc:57:f4:f5:a2:49:89:43:
84:b0:8d:b9:6e:d9:2c:cf:2d:eb:fa:24:f4:8e:d1:
38:68:e1:77:77:3a:88:e6:42:a2:c7:89:ac:c7:0f:
78:0e:be:44:9a:f2:7d:14:39:42:50:08:13:21:67:
b6:0c:63:21:b6:b4:f2:38:2e:f6:06:73:e5:09:46:
b9:da:7b:40:a9:88:27:bd:d6:32:ed:da:84:fa:26:
75:39:9c:60:16:b2:04:e3:a0:00:a4:bd:b6:c7:4a:
53:d6:51:e4:38:bd:44:4c:e7:07:38:b6:be:0e:cc:
4a:d2:9c:a0:29:cf:87:65:a7:a0:52:8b:67:ac:4f:
c2:45:4b:26:38:58:4e:e8:5b:2a:dc:f0:e0:8e:4c:
2e:a4:22:ba:76:27:0e:30:d6:69:23:1e:e7:f9:18:
b6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:6C:96:8E:63:5D:F2:9A:32:1B:D4:D4:20:90:AB:2E:1E:C9:F6:FE
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BGyWjmNd8poyG9TUIJCrLh7J9v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
bc:95:94:89:b0:30:3e:91:1f:46:11:71:90:d7:30:67:2e:cd:
51:d1:2a:c1:90:19:76:71:f3:49:80:c1:42:a4:c3:1e:f3:2b:
81:af:73:3a:d2:ef:e0:98:c5:b8:47:b3:85:ce:a3:d5:d2:ea:
28:1f:24:e3:35:62:5c:69:c1:0c:7a:dd:69:47:dc:ae:ac:18:
74:72:b5:98:f5:e3:1c:45:eb:ac:17:b5:cc:bc:a6:12:f1:00:
7c:63:7c:1a:72:c2:26:d9:dd:4a:3a:0d:f1:13:0f:b5:14:aa:
7a:e7:65:d1:d8:c9:a1:64:3b:20:f6:b1:de:31:3c:4a:4f:35:
35:06:c7:ed:0e:e2:2c:52:56:33:d7:3f:c9:d1:2e:53:11:23:
0e:c4:1c:ad:37:66:48:09:02:8f:3a:40:af:8d:50:6f:f6:ea:
10:5f:4b:5c:8d:38:f4:d7:b1:c4:03:5a:44:eb:f7:af:21:40:
d7:84:c4:ae:93:2d:a7:b0:ee:c9:87:cc:6f:39:d4:0b:3a:e7:
e6:3c:37:97:90:32:cd:52:fb:d4:db:47:64:7e:f6:8b:73:c6:
87:c7:cf:3a:13:db:e9:55:46:8d:8a:ad:7c:ae:9e:ed:cc:89:
c2:2d:1b:ea:90:b4:61:3a:1f:7b:43:c6:7b:ca:27:cb:58:ca:
7e:7b:6a:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYwIjpiV5JMGOwrMmKkTTDCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTI1MjIxNjUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDZjOTY4ZTYzNWRmMjlhMzIxYmQ0ZDQyMDkwYWIyZTFlYzlmNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxA1ecJweAed3GX1KTPd1uf5DonQ
yHvwthO8YuVWiPQYkaklXrh5hZBwEMpGq4pGUugZRTW1cmW+GTxY/hG8m5aMdwe3
cPtCI9mD2H/oU3b+D3hRi5obWYDC2RZ1v98XvFf09aJJiUOEsI25btkszy3r+iT0
jtE4aOF3dzqI5kKix4msxw94Dr5EmvJ9FDlCUAgTIWe2DGMhtrTyOC72BnPlCUa5
2ntAqYgnvdYy7dqE+iZ1OZxgFrIE46AApL22x0pT1lHkOL1ETOcHOLa+DsxK0pyg
Kc+HZaegUotnrE/CRUsmOFhO6Fsq3PDgjkwupCK6dicOMNZpIx7n+Ri2CQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFARslo5jXfKaMhvU1CCQqy4eyfb+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQkd5V2ptTmQ4cG95RzlUVUlKQ3JMaDdKOXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALyVlImwMD6RH0YRcZDX
MGcuzVHRKsGQGXZx80mAwUKkwx7zK4GvczrS7+CYxbhHs4XOo9XS6igfJOM1Ylxp
wQx63WlH3K6sGHRytZj14xxF66wXtcy8phLxAHxjfBpywibZ3Uo6DfETD7UUqnrn
ZdHYyaFkOyD2sd4xPEpPNTUGx+0O4ixSVjPXP8nRLlMRIw7EHK03ZkgJAo86QK+N
UG/26hBfS1yNOPTXscQDWkTr968hQNeExK6TLaew7smHzG851As65+Y8N5eQMs1S
+9TbR2R+9otzxofHzzoT2+lVRo2KrXyunu3MicItG+qQtGE6H3tDxnvKJ8tYyn57
akE=
-----END CERTIFICATE-----
Generated at Mon Jun 9 09:36:21 2025 by rpki-client