Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bECx-yngYdsfPATM1jeHJDgmxic.roa
File: bECx-yngYdsfPATM1jeHJDgmxic.roa (raw, json)
Hash identifier: TLBljH+7bOkR/ONg2L8QEhFzVLuvIR2fP5Pw1NzUt9o=
Subject key identifier: 6C:40:B1:FB:29:E0:61:DB:1F:3C:04:CC:D6:37:87:24:38:26:C6:27
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C555C4A25D7E3AB0B8AB68A74715BD139
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bECx-yngYdsfPATM1jeHJDgmxic.roa
Signing time: Sun 10 Dec 2023 20:12:40 +0000
ROA not before: Sun 10 Dec 2023 20:12:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:55:5c:4a:25:d7:e3:ab:0b:8a:b6:8a:74:71:5b:d1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 10 20:12:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6c40b1fb29e061db1f3c04ccd63787243826c627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ba:b3:96:15:c0:ec:78:3a:b4:eb:4b:ff:82:
03:77:ce:1f:3c:21:c2:50:f7:b5:10:4d:70:d1:3e:
b1:ca:43:a7:b2:6a:fb:1c:85:d7:6d:6c:e7:61:71:
e9:ca:65:32:98:1d:ed:ca:fb:dc:2c:a0:13:16:36:
d5:6c:11:b2:60:8d:a2:07:83:97:df:5b:aa:cf:05:
4b:ec:31:96:19:12:c1:bd:de:42:54:09:95:69:ec:
b5:65:1f:92:18:c0:04:5c:aa:62:5a:f9:00:98:dd:
86:d1:0c:fb:72:70:8c:f7:ff:fc:f1:3d:a5:b3:cd:
d1:eb:05:5a:01:36:d0:d0:42:ec:95:4c:54:03:1e:
0e:62:f8:7b:52:80:e5:e4:00:98:59:84:36:38:27:
a1:f4:1f:66:f4:c3:98:ea:11:35:2a:9b:cf:d7:6d:
2c:ca:96:18:a0:26:4e:a6:40:34:d0:c6:05:2b:a1:
95:1b:3b:2c:60:3b:7d:a1:a8:7f:52:e4:7f:05:af:
bd:9a:2d:7c:e4:20:e3:bf:82:60:47:b3:ce:cb:30:
40:bf:b1:1f:47:2c:4a:a9:d0:38:ff:28:4b:16:02:
e9:9b:10:d6:e8:71:f1:77:79:12:19:e1:49:b2:8a:
86:19:65:41:5c:6d:53:b9:ff:bd:55:96:2b:bf:f5:
33:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:40:B1:FB:29:E0:61:DB:1F:3C:04:CC:D6:37:87:24:38:26:C6:27
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bECx-yngYdsfPATM1jeHJDgmxic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
88:29:62:ae:bd:0c:0b:38:70:00:62:dd:0a:a3:4e:bc:b1:4e:
fd:a1:5f:30:48:3a:af:fd:b1:9d:f8:40:9a:ea:43:f5:6f:9c:
16:cc:7d:df:b4:b8:30:5f:45:88:d2:28:b3:c9:34:21:48:f4:
b6:c2:9f:76:95:6b:f7:4e:0e:94:04:99:e2:f2:48:e4:60:0e:
54:56:d7:85:fe:03:aa:3d:c2:a3:3a:e4:27:87:12:a4:0d:ee:
62:f8:a4:c1:b2:ba:c6:68:2a:ab:61:57:ec:e4:a3:93:2b:5f:
1b:c0:02:6b:98:bc:cb:38:c8:17:4a:b6:ce:ac:24:4b:72:77:
17:5f:4b:af:a4:39:24:9e:c4:8c:3d:cf:c5:0d:0c:55:95:6e:
10:72:2f:a2:e9:73:09:43:56:d0:b9:14:0a:35:76:8c:47:15:
3b:39:7e:48:b5:5c:09:e6:09:a3:af:f9:a7:6e:f6:fe:23:4e:
ec:b2:96:12:9d:cf:37:c3:32:6f:4f:7b:f5:27:89:28:84:fc:
91:6d:1e:da:bb:7c:62:16:11:a3:de:19:15:ed:f8:6a:f2:0d:
fe:48:b6:20:51:b4:cb:0b:c0:99:6e:87:16:fd:3b:c8:c8:92:
49:4b:1a:ee:a2:13:9f:34:20:4f:f5:7e:06:bf:45:6a:c0:b6:
92:68:fa:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxVXEol1+OrC4q2inRxW9E5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjEwMjAxMjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQwYjFmYjI5ZTA2MWRiMWYzYzA0Y2NkNjM3ODcyNDM4MjZjNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbqzlhXA7Hg6tOtL/4IDd84fPCHC
UPe1EE1w0T6xykOnsmr7HIXXbWznYXHpymUymB3tyvvcLKATFjbVbBGyYI2iB4OX
31uqzwVL7DGWGRLBvd5CVAmVaey1ZR+SGMAEXKpiWvkAmN2G0Qz7cnCM9//88T2l
s83R6wVaATbQ0ELslUxUAx4OYvh7UoDl5ACYWYQ2OCeh9B9m9MOY6hE1KpvP120s
ypYYoCZOpkA00MYFK6GVGzssYDt9oah/UuR/Ba+9mi185CDjv4JgR7POyzBAv7Ef
RyxKqdA4/yhLFgLpmxDW6HHxd3kSGeFJsoqGGWVBXG1Tuf+9VZYrv/UzcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGxAsfsp4GHbHzwEzNY3hyQ4JsYnMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYkVDeC15bmdZZHNmUEFUTTFqZUhKRGdteGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIgpYq69DAs4cABi3Qqj
TryxTv2hXzBIOq/9sZ34QJrqQ/VvnBbMfd+0uDBfRYjSKLPJNCFI9LbCn3aVa/dO
DpQEmeLySORgDlRW14X+A6o9wqM65CeHEqQN7mL4pMGyusZoKqthV+zko5MrXxvA
AmuYvMs4yBdKts6sJEtydxdfS6+kOSSexIw9z8UNDFWVbhByL6LpcwlDVtC5FAo1
doxHFTs5fki1XAnmCaOv+adu9v4jTuyylhKdzzfDMm9Pe/UniSiE/JFtHtq7fGIW
EaPeGRXt+GryDf5ItiBRtMsLwJluhxb9O8jIkklLGu6iE580IE/1fga/RWrAtpJo
+hY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:00:58 2025 by rpki-client