Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bxHko3EnJByFZCe_4tKmD3c0h9U.roa
File: bxHko3EnJByFZCe_4tKmD3c0h9U.roa (raw, json)
Hash identifier: RD2aRcI1Lx5NkWuNLHwTyYx8wTi2jAfU7QFdtzaC6Ps=
Subject key identifier: 6F:11:E4:A3:71:27:24:1C:85:64:27:BF:E2:D2:A6:0F:77:34:87:D5
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BF2D70C4FA076D274EA9A0B3743BEC1C4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bxHko3EnJByFZCe_4tKmD3c0h9U.roa
Signing time: Tue 21 Nov 2023 17:04:21 +0000
ROA not before: Tue 21 Nov 2023 17:04:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18b:f2d7:691/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f2:d7:0c:4f:a0:76:d2:74:ea:9a:0b:37:43:be:c1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 21 17:04:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6f11e4a37127241c856427bfe2d2a60f773487d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:2b:79:b3:6e:01:0b:21:47:10:cb:b9:db:bf:
f5:fd:77:ef:a4:e9:69:65:db:2e:db:5e:0f:ed:62:
a8:4d:1b:1a:4c:af:30:fa:8b:5c:b7:91:f5:2d:c2:
9a:e8:7d:16:89:3d:5f:6f:02:2e:9f:dc:a2:47:43:
4b:83:7c:e5:16:6b:72:5f:c3:75:d8:8f:2e:1b:1f:
8b:ca:10:d0:43:dd:31:75:83:53:90:52:98:fe:f9:
2a:52:fa:7f:9a:7b:55:3c:bc:a5:7a:f3:44:d2:f6:
a1:80:27:6e:ac:d7:57:2f:c1:33:7f:dd:1d:56:15:
33:ee:81:98:97:6e:08:12:24:c6:63:be:f4:f5:73:
a9:ef:03:aa:27:4d:32:31:47:60:30:a4:d6:b4:5d:
75:39:f2:5b:1d:2b:fa:11:81:1d:fd:fb:8e:3e:53:
80:16:c7:a9:30:2c:45:88:27:f6:6a:7c:7b:e8:63:
f8:bb:39:1c:9c:99:5d:1a:72:bf:c8:76:ff:26:f2:
e5:c9:8a:ce:e9:f7:b0:aa:38:60:9f:af:24:e0:f2:
53:aa:d2:f3:a5:21:74:28:4f:56:b1:a2:fc:4e:bf:
e8:40:db:a1:6a:3e:72:87:49:46:76:d2:ac:9b:fc:
61:ff:0c:86:1f:4a:4f:0c:f9:36:1d:b3:3d:77:65:
ef:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:11:E4:A3:71:27:24:1C:85:64:27:BF:E2:D2:A6:0F:77:34:87:D5
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bxHko3EnJByFZCe_4tKmD3c0h9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:78:aa:e3:7b:b3:d7:89:e7:e9:16:88:bc:70:14:fa:dc:76:
23:15:e8:12:fb:02:6e:27:72:23:03:37:65:ad:f5:85:dd:01:
a1:79:43:cb:b3:0d:8f:5f:97:e1:1e:89:66:8f:46:5a:aa:8f:
47:e4:ef:0e:3f:08:52:dc:98:86:43:d4:0a:93:68:41:b8:07:
ae:f4:ea:fe:fa:04:19:3c:aa:ce:25:26:c9:d3:6d:8b:95:e8:
65:ba:bc:b2:80:bb:f0:6a:3b:a0:75:14:e7:06:b4:1a:25:96:
27:73:80:18:5c:02:2b:05:c0:00:24:ef:04:ae:fb:05:2d:ff:
1b:cc:a4:9f:c9:d2:24:ac:98:19:0d:ed:ab:cc:e5:48:0d:4b:
bb:95:aa:48:aa:16:8a:fb:2d:b3:11:67:c7:15:e9:73:92:36:
a9:50:97:6a:8c:ee:fd:cf:70:e2:ba:7c:33:35:55:ba:ab:58:
d7:86:07:5f:1e:76:25:bb:be:49:cc:cd:dd:1b:c6:b1:f6:45:
6c:e2:eb:52:76:cf:98:79:c5:10:ca:13:48:94:c3:af:cb:d5:
bd:ff:fd:c8:c2:5c:35:3a:69:76:cc:89:d3:a0:76:36:ef:22:
b8:bc:05:59:0f:0f:bd:85:e1:17:a5:54:b5:15:15:42:92:20:
8e:3e:6f:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvy1wxPoHbSdOqaCzdDvsHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTIxMTcwNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjExZTRhMzcxMjcyNDFjODU2NDI3YmZlMmQyYTYwZjc3MzQ4N2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCt5s24BCyFHEMu527/1/XfvpOlp
Zdsu214P7WKoTRsaTK8w+otct5H1LcKa6H0WiT1fbwIun9yiR0NLg3zlFmtyX8N1
2I8uGx+LyhDQQ90xdYNTkFKY/vkqUvp/mntVPLylevNE0vahgCdurNdXL8Ezf90d
VhUz7oGYl24IEiTGY7709XOp7wOqJ00yMUdgMKTWtF11OfJbHSv6EYEd/fuOPlOA
FsepMCxFiCf2anx76GP4uzkcnJldGnK/yHb/JvLlyYrO6fewqjhgn68k4PJTqtLz
pSF0KE9WsaL8Tr/oQNuhaj5yh0lGdtKsm/xh/wyGH0pPDPk2HbM9d2Xv8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG8R5KNxJyQchWQnv+LSpg93NIfVMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYnhIa28zRW5KQnlGWkNlXzR0S21EM2MwaDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKB4quN7s9eJ5+kWiLxw
FPrcdiMV6BL7Am4nciMDN2Wt9YXdAaF5Q8uzDY9fl+EeiWaPRlqqj0fk7w4/CFLc
mIZD1AqTaEG4B6706v76BBk8qs4lJsnTbYuV6GW6vLKAu/BqO6B1FOcGtBollidz
gBhcAisFwAAk7wSu+wUt/xvMpJ/J0iSsmBkN7avM5UgNS7uVqkiqFor7LbMRZ8cV
6XOSNqlQl2qM7v3PcOK6fDM1VbqrWNeGB18ediW7vknMzd0bxrH2RWzi61J2z5h5
xRDKE0iUw6/L1b3//cjCXDU6aXbMidOgdjbvIri8BVkPD72F4RelVLUVFUKSII4+
b48=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:51:30 2025 by rpki-client