Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bBMWvyvlhiQUeA3GUs_3qdq9a9Y.roa
File: bBMWvyvlhiQUeA3GUs_3qdq9a9Y.roa (raw, json)
Hash identifier: b5AZdl6bKdLLQktyrTaaxZXn+6BEU5CQh0BbKzps5Zs=
Subject key identifier: 6C:13:16:BF:2B:E5:86:24:14:78:0D:C6:52:CF:F7:A9:DA:BD:6B:D6
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFF82E8522D817505DB828ED2B5ADE6CE
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bBMWvyvlhiQUeA3GUs_3qdq9a9Y.roa
Signing time: Thu 05 Oct 2023 11:04:43 +0000
ROA not before: Thu 05 Oct 2023 11:04:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:ff82:7643/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ff:82:e8:52:2d:81:75:05:db:82:8e:d2:b5:ad:e6:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 5 11:04:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c1316bf2be5862414780dc652cff7a9dabd6bd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:34:c5:48:e1:28:52:eb:22:fa:e6:44:f1:d8:
fb:42:41:fc:36:2f:82:1c:d2:54:4a:67:87:65:1b:
eb:08:b4:3d:69:a9:59:ce:f1:33:1e:42:9d:e7:35:
34:37:bd:42:ac:be:09:b0:51:dc:ee:db:cd:fd:53:
16:3c:3f:95:87:7f:b7:9a:55:f8:a9:4a:de:4a:4e:
67:4f:e4:7b:70:e9:6f:f1:86:70:f2:98:8e:04:2f:
3d:c6:19:04:2a:5a:99:56:bf:90:be:fa:78:bc:04:
bb:11:83:8b:3b:83:73:61:bb:41:b5:ab:60:f8:2e:
90:cd:e3:4b:b8:8d:96:af:65:cb:5f:ae:71:08:0a:
a6:dc:40:b9:28:7b:08:79:99:89:80:8b:71:65:e2:
a4:6d:b3:7f:fc:81:ec:6b:1a:55:a0:24:d8:17:ad:
06:c0:24:3d:3f:c2:4a:6b:01:73:5a:4b:74:a3:a0:
86:20:19:76:23:c8:1d:87:dd:e7:04:a9:3c:6f:72:
9c:61:ab:c8:cb:4e:0f:6e:e7:cb:1c:3b:cf:e8:55:
d1:3f:b2:d9:66:ae:54:ae:74:5d:af:08:80:74:8a:
8a:25:1a:1f:70:7b:b8:fe:66:e1:45:62:a1:d4:17:
08:1d:71:05:60:bb:51:f1:82:62:20:b3:ae:98:d2:
73:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:13:16:BF:2B:E5:86:24:14:78:0D:C6:52:CF:F7:A9:DA:BD:6B:D6
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bBMWvyvlhiQUeA3GUs_3qdq9a9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:6f:c4:7a:85:19:9b:c3:1d:43:a3:43:66:5c:90:a1:38:fe:
6b:dd:09:b1:25:5c:09:a4:1d:80:a0:2f:29:8f:66:a9:7c:bd:
dd:2b:a4:18:0c:6f:21:9a:51:cf:51:dd:1a:ac:34:7c:3a:23:
4f:7f:36:e9:44:a7:b1:a1:c1:db:a2:6e:4d:a6:6f:f2:a3:94:
b6:19:59:ac:46:23:01:7f:12:cd:7a:7c:8c:cf:af:aa:20:b5:
02:af:30:d2:8c:e0:2d:2f:1b:52:ba:35:7d:13:86:fa:ee:81:
83:28:8d:cf:eb:c8:74:c7:a5:ab:ef:10:c6:7c:a1:91:08:4d:
21:27:7a:d2:f8:a9:bc:c0:94:f1:ad:70:3b:b2:6d:f2:a1:bc:
ce:cb:44:c9:3d:63:14:fa:af:81:bb:50:f5:db:23:62:5e:26:
7a:b0:7b:06:2d:8c:c8:b4:48:10:cb:57:27:c0:65:eb:db:ae:
14:88:d5:73:11:db:b5:85:f0:a5:ea:cc:65:7d:91:c8:56:08:
ce:d7:72:4e:78:92:01:27:d3:7b:34:39:76:82:84:94:b5:22:
21:36:22:74:5d:86:a7:8a:34:af:71:20:0f:32:94:2e:26:1d:
a6:bb:f9:46:74:f7:30:55:5b:18:d7:88:93:5a:9b:a6:c5:1d:
8a:d3:87:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr/guhSLYF1BduCjtK1rebOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA1MTEwNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzEzMTZiZjJiZTU4NjI0MTQ3ODBkYzY1MmNmZjdhOWRhYmQ2YmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjTFSOEoUusi+uZE8dj7QkH8Ni+C
HNJUSmeHZRvrCLQ9aalZzvEzHkKd5zU0N71CrL4JsFHc7tvN/VMWPD+Vh3+3mlX4
qUreSk5nT+R7cOlv8YZw8piOBC89xhkEKlqZVr+Qvvp4vAS7EYOLO4NzYbtBtatg
+C6QzeNLuI2Wr2XLX65xCAqm3EC5KHsIeZmJgItxZeKkbbN//IHsaxpVoCTYF60G
wCQ9P8JKawFzWkt0o6CGIBl2I8gdh93nBKk8b3KcYavIy04PbufLHDvP6FXRP7LZ
Zq5UrnRdrwiAdIqKJRofcHu4/mbhRWKh1BcIHXEFYLtR8YJiILOumNJzPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGwTFr8r5YYkFHgNxlLP96navWvWMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYkJNV3Z5dmxoaVFVZUEzR1VzXzNxZHE5YTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI5vxHqFGZvDHUOjQ2Zc
kKE4/mvdCbElXAmkHYCgLymPZql8vd0rpBgMbyGaUc9R3RqsNHw6I09/NulEp7Gh
wduibk2mb/KjlLYZWaxGIwF/Es16fIzPr6ogtQKvMNKM4C0vG1K6NX0ThvrugYMo
jc/ryHTHpavvEMZ8oZEITSEnetL4qbzAlPGtcDuybfKhvM7LRMk9YxT6r4G7UPXb
I2JeJnqwewYtjMi0SBDLVyfAZevbrhSI1XMR27WF8KXqzGV9kchWCM7Xck54kgEn
03s0OXaChJS1IiE2InRdhqeKNK9xIA8ylC4mHaa7+UZ09zBVWxjXiJNam6bFHYrT
h84=
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:12:04 2025 by rpki-client