Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bnxK16lGnwHdrfARsEf4DEQyET4.roa
File: bnxK16lGnwHdrfARsEf4DEQyET4.roa (raw, json)
Hash identifier: PJ4l4JihSNrf10s5vDgEjvUCDq88FggB4V6iJydNocA=
Subject key identifier: 6E:7C:4A:D7:A9:46:9F:01:DD:AD:F0:11:B0:47:F8:0C:44:32:11:3E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7BC48699850D9CE973C280D269C4AD00
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bnxK16lGnwHdrfARsEf4DEQyET4.roa
Signing time: Mon 18 Dec 2023 07:12:06 +0000
ROA not before: Mon 18 Dec 2023 07:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:c4:86:99:85:0d:9c:e9:73:c2:80:d2:69:c4:ad:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 07:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e7c4ad7a9469f01ddadf011b047f80c4432113e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ac:d0:80:68:bc:53:61:23:d3:61:9c:c3:3b:
88:05:8e:db:b3:9f:d7:8d:b4:2a:b9:ad:ef:35:88:
c1:91:e9:c2:a4:4d:ff:ee:8f:3d:04:79:c1:58:92:
59:28:f7:01:1d:f7:ed:6d:ca:b6:b6:34:d5:53:c4:
8b:af:45:ba:82:bc:c3:22:41:32:7f:b9:77:6b:c3:
80:ee:b0:57:ce:d1:d8:a7:be:71:f1:53:cd:0e:02:
37:20:6e:e1:c3:c1:2f:9d:28:81:8e:b9:22:90:70:
26:5d:cc:1c:3a:8c:6f:39:cd:f8:af:20:67:3f:f9:
62:34:5e:d1:f8:a1:df:a3:75:80:21:95:cc:ff:90:
b9:fd:75:3f:cc:b5:61:83:7e:91:83:5a:d3:c4:5b:
d2:11:4d:fd:22:f4:ea:31:c7:30:4b:f8:02:64:f4:
fe:0d:a3:cd:53:ec:1c:e8:ba:65:25:01:ce:62:00:
45:ec:b1:a3:b3:0a:8b:b5:ae:7d:83:54:a8:52:06:
ad:d9:a1:30:23:c9:9c:63:50:94:ed:1c:3c:54:10:
ba:3e:a5:b3:99:13:6b:61:7f:22:61:de:41:e0:cb:
da:53:9f:9a:e8:87:10:1d:e1:69:9f:98:6e:45:1e:
cc:db:63:3b:fe:be:eb:c9:4f:ee:da:77:a7:b6:69:
27:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7C:4A:D7:A9:46:9F:01:DD:AD:F0:11:B0:47:F8:0C:44:32:11:3E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bnxK16lGnwHdrfARsEf4DEQyET4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c7:30:ea:b5:70:54:c5:d6:67:d9:c0:67:53:3c:0f:f2:38:0e:
70:d9:a3:9c:d5:4e:41:f1:11:81:ea:d5:7e:dc:40:88:d6:65:
cf:8d:e7:ad:57:6c:be:d5:d4:5f:1d:92:b0:24:7d:38:8c:e3:
0a:28:a6:b4:87:fc:b5:7f:60:78:d8:01:45:4b:dd:2e:dc:b5:
cb:eb:f5:f2:38:b5:58:df:7d:cc:88:07:c5:c8:ee:e7:86:87:
89:70:e5:3c:30:b4:8d:33:83:41:46:0a:f5:20:6b:f5:c9:4b:
53:4f:f6:ca:c9:67:a3:39:6f:44:c3:77:f3:36:b0:6e:bd:d2:
67:eb:f0:b0:9b:fb:55:19:56:67:bb:2a:03:a3:a6:8a:db:bb:
2d:8c:37:4c:6c:99:f2:c0:2e:32:29:3d:ce:c9:17:c9:e5:50:
c5:22:24:d9:0d:45:fb:2a:87:56:4c:ea:16:21:f1:26:f6:24:
e7:82:af:06:75:89:73:2e:13:83:64:0b:7d:7a:0f:34:cb:0c:
13:3b:46:4a:5e:77:7b:e2:71:38:6e:3b:8c:5f:d4:00:ee:d3:
ea:44:78:eb:d7:6c:b0:d5:76:e9:74:a7:f4:96:fb:a2:e1:fb:
2f:0d:a8:2e:70:88:37:49:be:86:82:f7:0a:76:e7:4b:cf:2f:
83:20:1c:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx7xIaZhQ2c6XPCgNJpxK0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MDcxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdjNGFkN2E5NDY5ZjAxZGRhZGYwMTFiMDQ3ZjgwYzQ0MzIxMTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnazQgGi8U2Ej02GcwzuIBY7bs5/X
jbQqua3vNYjBkenCpE3/7o89BHnBWJJZKPcBHfftbcq2tjTVU8SLr0W6grzDIkEy
f7l3a8OA7rBXztHYp75x8VPNDgI3IG7hw8EvnSiBjrkikHAmXcwcOoxvOc34ryBn
P/liNF7R+KHfo3WAIZXM/5C5/XU/zLVhg36Rg1rTxFvSEU39IvTqMccwS/gCZPT+
DaPNU+wc6LplJQHOYgBF7LGjswqLta59g1SoUgat2aEwI8mcY1CU7Rw8VBC6PqWz
mRNrYX8iYd5B4MvaU5+a6IcQHeFpn5huRR7M22M7/r7ryU/u2nentmknKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG58StepRp8B3a3wEbBH+AxEMhE+MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYm54SzE2bEdud0hkcmZBUnNFZjRERVF5RVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMcw6rVwVMXWZ9nAZ1M8
D/I4DnDZo5zVTkHxEYHq1X7cQIjWZc+N561XbL7V1F8dkrAkfTiM4wooprSH/LV/
YHjYAUVL3S7ctcvr9fI4tVjffcyIB8XI7ueGh4lw5TwwtI0zg0FGCvUga/XJS1NP
9srJZ6M5b0TDd/M2sG690mfr8LCb+1UZVme7KgOjporbuy2MN0xsmfLALjIpPc7J
F8nlUMUiJNkNRfsqh1ZM6hYh8Sb2JOeCrwZ1iXMuE4NkC316DzTLDBM7Rkped3vi
cThuO4xf1ADu0+pEeOvXbLDVdul0p/SW+6Lh+y8NqC5wiDdJvoaC9wp250vPL4Mg
HCg=
-----END CERTIFICATE-----
Generated at Mon Jun 9 09:31:20 2025 by rpki-client