Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BiCKaDpTVsLhGEz3k09AWs3llK8.roa
File: BiCKaDpTVsLhGEz3k09AWs3llK8.roa (raw, json)
Hash identifier: peaYFTCEvb1nDMk3M28sXMNk+sgAf7lcMJZD4eSW3mg=
Subject key identifier: 06:20:8A:68:3A:53:56:C2:E1:18:4C:F7:93:4F:40:5A:CD:E5:94:AF
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C536FBB44068F3FCDA35A775B4BC63B57
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BiCKaDpTVsLhGEz3k09AWs3llK8.roa
Signing time: Sun 10 Dec 2023 11:14:40 +0000
ROA not before: Sun 10 Dec 2023 11:14:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:53:6f:bb:44:06:8f:3f:cd:a3:5a:77:5b:4b:c6:3b:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 11:14:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06208a683a5356c2e1184cf7934f405acde594af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:1b:8b:20:ee:06:db:13:a3:43:57:95:56:b9:
51:c6:63:c7:cf:12:0d:54:03:6b:d6:fb:13:99:e5:
e8:40:85:91:a7:01:41:e5:86:a1:13:68:93:a1:4d:
f3:08:45:28:38:7b:2f:a9:94:8c:b9:4e:84:6f:f2:
91:33:ee:fb:6c:bd:1e:6d:90:cc:66:28:05:30:f4:
ab:d2:5d:96:60:d9:4f:64:54:d1:b0:37:4e:4c:ec:
9f:4f:63:f0:94:af:7d:d5:2d:21:13:85:f7:61:42:
b9:c9:f7:f9:e0:8c:3c:cf:42:be:f5:d6:61:e3:73:
42:1b:ed:23:7b:f5:28:9f:73:6c:d6:78:54:2c:fb:
00:d7:79:0e:bf:33:b1:79:60:b6:1f:f4:32:5f:9e:
a5:9c:6a:aa:59:54:d5:d3:86:0a:f9:ca:7c:47:bc:
2f:20:8e:3d:82:59:6d:c8:e0:c7:12:3a:9f:89:62:
8d:87:1e:30:12:fa:eb:28:ba:d3:6c:71:ff:68:8b:
65:bf:5c:1d:c4:0e:de:7d:3b:b9:1e:83:b6:ea:42:
78:8b:6e:3e:54:b3:a6:cf:b3:11:9d:a3:5b:9a:01:
55:cb:06:6b:f6:16:c6:6d:cd:cf:25:90:1d:2d:1d:
65:8d:9f:c3:e8:21:10:44:f7:ba:d2:1c:a1:38:23:
38:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:20:8A:68:3A:53:56:C2:E1:18:4C:F7:93:4F:40:5A:CD:E5:94:AF
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BiCKaDpTVsLhGEz3k09AWs3llK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:3d:74:41:18:e2:7a:b6:9c:60:e1:07:12:e7:1b:a1:74:b9:
58:b6:33:49:9e:76:30:85:9a:3d:e8:7f:82:2c:91:9b:53:55:
15:76:db:2d:64:4c:96:79:65:39:0a:45:84:43:fe:9c:c5:93:
40:c5:dd:52:28:55:04:01:34:ce:3c:fd:d0:6e:e8:e1:09:f7:
ec:d3:19:28:c5:a6:5a:b0:f6:d0:dd:9f:29:d3:bf:9e:08:0a:
c3:c3:70:f4:31:93:f9:5e:ea:ea:7c:11:a5:94:27:9c:79:0b:
13:47:48:4c:81:7c:cf:31:47:fe:9b:a8:67:7c:85:36:e0:e0:
0d:c1:63:d2:b4:32:02:5c:39:64:21:a0:30:b0:67:96:07:67:
b2:be:93:57:d7:4f:96:83:7e:78:1f:57:5a:3d:b6:53:de:6c:
cf:ea:2c:35:e7:f7:a2:e2:50:05:d8:00:33:82:e9:a6:69:b0:
13:0b:0b:75:b5:e2:93:2a:62:2d:cc:bb:db:87:b5:28:c8:97:
9c:b1:c8:0f:ec:30:66:d4:40:e0:e3:f3:43:d7:34:4e:80:7c:
2d:55:75:d0:51:58:70:77:7c:f6:4c:9a:f1:89:f4:97:76:74:
da:e8:ef:2b:6c:e8:20:dd:08:e0:c8:0e:49:e4:d8:ae:16:9c:
26:ac:c5:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxTb7tEBo8/zaNad1tLxjtXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMTExNDQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjIwOGE2ODNhNTM1NmMyZTExODRjZjc5MzRmNDA1YWNkZTU5NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohuLIO4G2xOjQ1eVVrlRxmPHzxIN
VANr1vsTmeXoQIWRpwFB5YahE2iToU3zCEUoOHsvqZSMuU6Eb/KRM+77bL0ebZDM
ZigFMPSr0l2WYNlPZFTRsDdOTOyfT2PwlK991S0hE4X3YUK5yff54Iw8z0K+9dZh
43NCG+0je/Uon3Ns1nhULPsA13kOvzOxeWC2H/QyX56lnGqqWVTV04YK+cp8R7wv
II49glltyODHEjqfiWKNhx4wEvrrKLrTbHH/aItlv1wdxA7efTu5HoO26kJ4i24+
VLOmz7MRnaNbmgFVywZr9hbGbc3PJZAdLR1ljZ/D6CEQRPe60hyhOCM4yQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAYgimg6U1bC4RhM95NPQFrN5ZSvMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQmlDS2FEcFRWc0xoR0V6M2swOUFXczNsbEs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHI9dEEY4nq2nGDhBxLn
G6F0uVi2M0medjCFmj3of4IskZtTVRV22y1kTJZ5ZTkKRYRD/pzFk0DF3VIoVQQB
NM48/dBu6OEJ9+zTGSjFplqw9tDdnynTv54ICsPDcPQxk/le6up8EaWUJ5x5CxNH
SEyBfM8xR/6bqGd8hTbg4A3BY9K0MgJcOWQhoDCwZ5YHZ7K+k1fXT5aDfngfV1o9
tlPebM/qLDXn96LiUAXYADOC6aZpsBMLC3W14pMqYi3Mu9uHtSjIl5yxyA/sMGbU
QODj80PXNE6AfC1VddBRWHB3fPZMmvGJ9Jd2dNro7yts6CDdCODIDknk2K4WnCas
xdM=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:11:33 2025 by rpki-client