Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BcTHvGE6AifIgOxAFgidhZnPRBA.roa
File: BcTHvGE6AifIgOxAFgidhZnPRBA.roa (raw, json)
Hash identifier: WQd/lAuFLDoZD8sV5UWvLxR9lVYJr2VSwTb1ZnEK/Kw=
Subject key identifier: 05:C4:C7:BC:61:3A:02:27:C8:80:EC:40:16:08:9D:85:99:CF:44:10
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B3492793AC6D873DFDBD9244B5FE620E3
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BcTHvGE6AifIgOxAFgidhZnPRBA.roa
Signing time: Sun 15 Oct 2023 18:21:36 +0000
ROA not before: Sun 15 Oct 2023 18:21:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:34:92:79:3a:c6:d8:73:df:db:d9:24:4b:5f:e6:20:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 15 18:21:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05c4c7bc613a0227c880ec4016089d8599cf4410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:67:3d:b7:40:9f:01:92:f3:c0:bd:9c:c6:22:
72:2c:58:3b:22:b6:d0:9c:2d:de:1c:cb:85:a4:e5:
31:dc:81:5f:bb:09:c9:e1:a9:93:13:0a:1e:b5:1e:
d3:04:9f:91:b5:2a:0c:10:00:42:e6:b6:da:d3:c5:
cf:b8:a5:26:1e:b0:17:22:df:34:2e:88:42:ac:2d:
7e:bf:12:b2:b1:ab:74:54:d9:fb:d9:a1:4f:ee:45:
e4:8e:5a:e7:61:2d:6a:a2:39:a2:1c:83:c9:d6:78:
69:8e:13:08:b4:a4:1d:e1:e7:d6:82:50:0a:98:35:
52:1f:63:69:fe:7c:d6:fe:e0:69:81:0f:87:ed:1d:
11:55:81:5c:9b:fa:37:6f:57:73:b3:c8:82:99:fa:
c5:a3:22:d3:96:98:b6:8d:4e:d5:02:8f:57:94:6c:
5a:49:e7:f9:06:37:60:5c:32:0d:a3:64:2c:17:30:
92:30:09:ca:39:6d:5c:32:19:17:6e:ed:21:3c:8e:
c6:ad:72:46:f7:6e:03:68:ac:1a:16:f1:07:2b:28:
0b:c1:b5:d1:04:b3:9e:a0:0f:24:80:4b:fa:6f:5f:
8f:49:c7:c0:40:86:14:94:67:a2:2f:9a:1e:14:c5:
c4:19:63:38:f8:cd:1a:14:18:55:0d:e4:ad:4e:cf:
6a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C4:C7:BC:61:3A:02:27:C8:80:EC:40:16:08:9D:85:99:CF:44:10
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BcTHvGE6AifIgOxAFgidhZnPRBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
b2:8f:a3:e4:45:0c:8a:a6:9e:0b:d3:0b:f1:f4:c1:2c:49:c7:
5f:75:61:59:cc:33:e5:84:42:fa:cf:8e:72:51:a1:0b:7b:37:
81:7f:94:fb:37:77:2a:3e:e5:fe:d9:9b:7b:f0:d6:e4:f7:ee:
03:03:84:99:6f:05:9f:d4:8c:37:5b:e0:81:45:eb:39:2b:90:
93:fa:f2:c1:01:e7:0d:14:a0:3a:50:9b:d1:26:15:b3:22:0f:
8f:97:60:67:c6:f8:7d:c8:04:4a:df:30:7e:7e:32:67:ef:8b:
74:ba:f8:18:4e:ec:b6:00:da:4c:8d:79:2b:2a:8a:80:eb:9e:
b8:9d:5d:53:83:73:f7:85:5e:2a:d0:5a:c0:14:40:c1:81:0b:
da:93:26:a6:09:51:9d:2c:97:2d:cc:6c:6a:e4:d8:30:88:1f:
fc:d8:3d:92:21:c9:d8:40:67:bb:da:bf:01:d7:75:42:58:46:
cb:21:63:c0:c9:27:fc:10:1e:9d:53:a8:c9:67:d5:fd:68:ff:
0f:80:48:41:63:2e:d0:b8:0c:22:42:ef:76:e3:50:e2:9f:3d:
31:89:7c:f2:df:5f:3d:a1:e1:46:aa:35:ca:57:3f:6d:fe:b6:
85:4c:7b:6d:9c:e3:16:d9:61:06:8c:8d:d3:6e:7f:34:b4:fb:
d3:8a:15:a8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYs0knk6xthz39vZJEtf5iDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDE1MTgyMTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM0YzdiYzYxM2EwMjI3Yzg4MGVjNDAxNjA4OWQ4NTk5Y2Y0NDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWc9t0CfAZLzwL2cxiJyLFg7IrbQ
nC3eHMuFpOUx3IFfuwnJ4amTEwoetR7TBJ+RtSoMEABC5rba08XPuKUmHrAXIt80
LohCrC1+vxKysat0VNn72aFP7kXkjlrnYS1qojmiHIPJ1nhpjhMItKQd4efWglAK
mDVSH2Np/nzW/uBpgQ+H7R0RVYFcm/o3b1dzs8iCmfrFoyLTlpi2jU7VAo9XlGxa
Sef5BjdgXDINo2QsFzCSMAnKOW1cMhkXbu0hPI7GrXJG924DaKwaFvEHKygLwbXR
BLOeoA8kgEv6b1+PScfAQIYUlGeiL5oeFMXEGWM4+M0aFBhVDeStTs9q7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXEx7xhOgInyIDsQBYInYWZz0QQMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQmNUSHZHRTZBaWZJZ094QUZnaWRoWm5QUkJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBALKPo+RFDIqmngvTC/H0
wSxJx191YVnMM+WEQvrPjnJRoQt7N4F/lPs3dyo+5f7Zm3vw1uT37gMDhJlvBZ/U
jDdb4IFF6zkrkJP68sEB5w0UoDpQm9EmFbMiD4+XYGfG+H3IBErfMH5+Mmfvi3S6
+BhO7LYA2kyNeSsqioDrnridXVODc/eFXirQWsAUQMGBC9qTJqYJUZ0sly3MbGrk
2DCIH/zYPZIhydhAZ7vavwHXdUJYRsshY8DJJ/wQHp1TqMln1f1o/w+ASEFjLtC4
DCJC73bjUOKfPTGJfPLfXz2h4UaqNcpXP23+toVMe22c4xbZYQaMjdNufzS0+9OK
Fag=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:14:25 2025 by rpki-client