Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BpDP28zEWZPYrnKyXJt0AH_VKSE.roa
File: BpDP28zEWZPYrnKyXJt0AH_VKSE.roa (raw, json)
Hash identifier: tUDdG1EgsRh+qVudJsbSywYQjw3a7yCjhrSOGS7mmtg=
Subject key identifier: 06:90:CF:DB:CC:C4:59:93:D8:AE:72:B2:5C:9B:74:00:7F:D5:29:21
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BCA86DCB2717F53D9C72642D157C138F5
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BpDP28zEWZPYrnKyXJt0AH_VKSE.roa
Signing time: Mon 13 Nov 2023 21:11:57 +0000
ROA not before: Mon 13 Nov 2023 21:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ca:86:dc:b2:71:7f:53:d9:c7:26:42:d1:57:c1:38:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 21:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0690cfdbccc45993d8ae72b25c9b74007fd52921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b8:05:14:c4:22:09:67:26:4a:55:f3:37:3e:
96:28:b6:74:09:cf:b2:fe:26:51:de:2a:75:63:fa:
e9:9a:6a:89:26:e8:ed:fe:fd:95:fe:3a:22:43:a7:
1e:b0:f0:cc:4b:84:2a:9a:d7:c9:6b:02:f4:d7:5d:
a2:74:d3:26:44:6d:4c:12:c5:71:64:91:8c:bb:b8:
8e:85:85:05:51:1b:66:3b:10:7a:95:85:ac:24:c0:
f7:b0:8c:9c:2d:f7:43:e6:85:13:c1:1a:63:14:ee:
82:b6:e7:b7:5b:6b:d0:f6:2d:54:4b:b3:03:6e:ae:
29:65:f5:84:03:46:c1:09:39:ed:a2:90:bd:73:a1:
7e:3f:1e:d7:01:61:5c:99:92:17:86:ff:52:37:9d:
21:ed:cf:ca:ff:a2:38:35:cc:3a:30:f5:05:7e:2e:
68:18:3c:b6:e2:01:17:63:37:e1:a8:59:df:76:b8:
0d:92:f5:34:02:2c:a8:a2:0a:37:6a:85:24:a1:5b:
63:ba:61:fb:ab:70:4e:de:e6:8a:1e:88:17:cb:e7:
44:8d:5e:7d:85:da:1d:22:44:a2:a6:a0:a8:63:38:
7c:6b:98:8f:5b:2e:9e:69:3b:bd:41:de:6d:e3:a9:
56:68:a3:50:98:8e:9d:e3:a5:d2:fb:ff:fa:79:6a:
15:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:90:CF:DB:CC:C4:59:93:D8:AE:72:B2:5C:9B:74:00:7F:D5:29:21
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BpDP28zEWZPYrnKyXJt0AH_VKSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:fc:3f:ed:fb:b2:d9:21:c0:1c:f2:1d:34:c7:2c:a1:01:39:
25:b5:9e:af:35:e6:5d:c8:82:5c:29:03:a2:f0:9e:40:e0:fe:
90:e7:c8:26:6b:b6:92:ab:23:ea:f6:e8:60:b2:2d:5c:af:e8:
29:b1:f5:73:bb:ad:6c:76:0b:6e:89:91:9b:8e:e8:58:a2:fe:
86:26:5e:86:b0:50:37:c6:07:fb:44:bf:ae:ed:6d:43:46:eb:
34:45:3d:b1:c2:6a:5f:7a:29:43:50:11:4e:1e:e3:0e:6c:7c:
93:82:e3:58:cc:da:57:1d:2b:00:13:e5:03:76:25:56:48:a1:
7e:de:54:75:5b:a5:6d:0f:6b:92:75:db:58:bb:b2:85:f4:34:
30:3c:e6:a9:98:7d:7e:88:d8:88:2d:b2:d7:18:21:ac:52:7a:
83:33:eb:62:0d:12:f3:11:df:68:9c:0c:8b:3e:2f:33:87:d7:
64:cd:94:bd:7a:f0:bd:8d:ca:19:f3:f7:fe:40:5d:09:0f:f8:
01:2a:a9:cc:89:3f:22:30:68:ac:5f:3a:24:53:99:7a:15:1e:
a0:6c:cc:99:65:8d:b2:cc:29:29:6d:70:de:88:c9:ad:d4:16:
6c:36:90:f8:eb:81:fb:59:70:d2:b4:7b:0b:c9:92:19:b2:1d:
6a:b3:7b:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvKhtyycX9T2ccmQtFXwTj1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMjExMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjkwY2ZkYmNjYzQ1OTkzZDhhZTcyYjI1YzliNzQwMDdmZDUyOTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbgFFMQiCWcmSlXzNz6WKLZ0Cc+y
/iZR3ip1Y/rpmmqJJujt/v2V/joiQ6cesPDMS4QqmtfJawL0112idNMmRG1MEsVx
ZJGMu7iOhYUFURtmOxB6lYWsJMD3sIycLfdD5oUTwRpjFO6Ctue3W2vQ9i1US7MD
bq4pZfWEA0bBCTntopC9c6F+Px7XAWFcmZIXhv9SN50h7c/K/6I4Ncw6MPUFfi5o
GDy24gEXYzfhqFnfdrgNkvU0Aiyoogo3aoUkoVtjumH7q3BO3uaKHogXy+dEjV59
hdodIkSipqCoYzh8a5iPWy6eaTu9Qd5t46lWaKNQmI6d46XS+//6eWoVdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAaQz9vMxFmT2K5yslybdAB/1SkhMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQnBEUDI4ekVXWlBZcm5LeVhKdDBBSF9WS1NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABr8P+37stkhwBzyHTTH
LKEBOSW1nq815l3IglwpA6LwnkDg/pDnyCZrtpKrI+r26GCyLVyv6Cmx9XO7rWx2
C26JkZuO6Fii/oYmXoawUDfGB/tEv67tbUNG6zRFPbHCal96KUNQEU4e4w5sfJOC
41jM2lcdKwAT5QN2JVZIoX7eVHVbpW0Pa5J121i7soX0NDA85qmYfX6I2IgtstcY
IaxSeoMz62INEvMR32icDIs+LzOH12TNlL168L2Nyhnz9/5AXQkP+AEqqcyJPyIw
aKxfOiRTmXoVHqBszJlljbLMKSltcN6Iya3UFmw2kPjrgftZcNK0ewvJkhmyHWqz
e2M=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:46:02 2025 by rpki-client