Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bcfeKTyhnW88PQs1n8iBIIMjcAw.roa
File: bcfeKTyhnW88PQs1n8iBIIMjcAw.roa (raw, json)
Hash identifier: rNxQ8HU9FQpjQd8w3BG/TSU1emYxBO5jB+nRyc6E7xU=
Subject key identifier: 6D:C7:DE:29:3C:A1:9D:6F:3C:3D:0B:35:9F:C8:81:20:83:23:70:0C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3F797A4C439714D2127FC7040E1101B2
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bcfeKTyhnW88PQs1n8iBIIMjcAw.roa
Signing time: Wed 06 Dec 2023 14:12:54 +0000
ROA not before: Wed 06 Dec 2023 14:12:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3f:79:7a:4c:43:97:14:d2:12:7f:c7:04:0e:11:01:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 6 14:12:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dc7de293ca19d6f3c3d0b359fc881208323700c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ad:3b:1d:19:58:bb:65:44:fc:dc:a0:52:01:
cb:ed:58:fb:c2:27:1e:d8:3d:27:84:0c:fc:92:7c:
45:47:9c:f4:31:64:76:ce:26:bf:9b:a9:63:29:8b:
44:76:49:b3:6b:e0:1c:b8:cd:3e:c7:59:cb:83:4b:
83:36:24:f7:f7:8d:c9:98:0b:1a:bd:fa:e2:93:4c:
31:28:d2:50:c8:3f:4d:b5:38:5d:5e:41:ed:02:82:
24:f0:26:71:80:c5:0c:2f:e8:30:92:26:b0:8b:82:
b3:b9:bf:33:5d:d9:48:8f:1a:48:aa:f1:6c:f7:3c:
5a:17:79:c6:5a:a0:ee:47:86:a6:76:56:ea:32:38:
b3:ad:1a:7c:cc:01:05:48:a2:14:3e:e1:c1:f4:9f:
cd:21:51:a4:e3:6c:b9:e5:28:51:76:b1:dd:78:3a:
b3:72:22:78:01:23:96:0c:ec:c2:0e:8a:5e:ee:4a:
f4:90:cb:37:cd:06:fa:7d:b6:68:b5:88:dc:8d:58:
98:15:ca:11:c4:d6:17:fe:74:96:9d:ce:50:49:3d:
bd:2f:03:ae:df:b1:dc:ad:f2:5d:ab:b9:bc:e5:0e:
45:6a:c3:c9:9f:f6:39:04:b8:72:db:bf:68:05:b0:
76:15:52:bd:9d:f7:44:50:70:c8:24:bb:7c:53:ea:
26:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C7:DE:29:3C:A1:9D:6F:3C:3D:0B:35:9F:C8:81:20:83:23:70:0C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bcfeKTyhnW88PQs1n8iBIIMjcAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:72:79:33:74:b0:5e:cf:77:77:ea:76:42:a1:95:d6:88:d7:
3d:82:6d:c3:45:7c:53:48:de:89:ef:1c:8d:73:4c:4d:cf:60:
af:e7:ab:fe:d8:39:bf:c9:6a:6e:05:ca:55:a2:fb:3d:70:cb:
a9:30:f6:d3:43:c0:68:b1:cc:1e:57:a3:25:52:a2:a0:99:75:
f3:66:54:63:c1:4e:22:59:4e:d2:ae:2f:82:63:0f:40:89:e6:
fc:fc:8f:ce:ea:73:77:ed:ac:d9:ed:d1:04:66:9c:e0:62:2f:
d0:c7:11:86:06:22:c4:9f:ae:46:8c:ab:0f:cc:6a:e2:dc:15:
f1:e6:c3:09:e3:ed:c8:7e:36:ec:04:ad:05:d7:61:a8:e9:bc:
7a:f7:83:fb:c0:77:1a:49:05:ab:90:72:7d:a8:eb:71:2f:d3:
f9:65:1c:ef:06:a5:1d:e2:b3:00:a7:df:af:17:88:dd:cc:cf:
95:c9:9f:b1:2d:53:9d:c8:f8:28:5d:5c:de:0f:32:9a:34:4b:
30:88:3d:3b:62:9d:f8:20:0f:97:d1:96:c2:72:02:3e:ee:f7:
7a:57:73:a5:35:fa:7f:2d:21:ef:4f:8b:cc:09:d2:9b:e3:2b:
d5:c0:49:f2:b1:18:84:ec:e7:ab:fe:f0:bd:78:2a:24:e1:cd:
8b:8d:57:5b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw/eXpMQ5cU0hJ/xwQOEQGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA2MTQxMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM3ZGUyOTNjYTE5ZDZmM2MzZDBiMzU5ZmM4ODEyMDgzMjM3MDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6q07HRlYu2VE/NygUgHL7Vj7wice
2D0nhAz8knxFR5z0MWR2zia/m6ljKYtEdkmza+AcuM0+x1nLg0uDNiT3943JmAsa
vfrik0wxKNJQyD9NtThdXkHtAoIk8CZxgMUML+gwkiawi4Kzub8zXdlIjxpIqvFs
9zxaF3nGWqDuR4amdlbqMjizrRp8zAEFSKIUPuHB9J/NIVGk42y55ShRdrHdeDqz
ciJ4ASOWDOzCDope7kr0kMs3zQb6fbZotYjcjViYFcoRxNYX/nSWnc5QST29LwOu
37HcrfJdq7m85Q5FasPJn/Y5BLhy279oBbB2FVK9nfdEUHDIJLt8U+omIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG3H3ik8oZ1vPD0LNZ/IgSCDI3AMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYmNmZUtUeWhuVzg4UFFzMW44aUJJSU1qY0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNyeTN0sF7Pd3fqdkKh
ldaI1z2CbcNFfFNI3onvHI1zTE3PYK/nq/7YOb/Jam4FylWi+z1wy6kw9tNDwGix
zB5XoyVSoqCZdfNmVGPBTiJZTtKuL4JjD0CJ5vz8j87qc3ftrNnt0QRmnOBiL9DH
EYYGIsSfrkaMqw/MauLcFfHmwwnj7ch+NuwErQXXYajpvHr3g/vAdxpJBauQcn2o
63Ev0/llHO8GpR3iswCn368XiN3Mz5XJn7EtU53I+ChdXN4PMpo0SzCIPTtinfgg
D5fRlsJyAj7u93pXc6U1+n8tIe9Pi8wJ0pvjK9XASfKxGITs56v+8L14KiThzYuN
V1s=
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:01:45 2025 by rpki-client