Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/us-Boqhrv5ZaymDxcEcDFj-M-14.roa
File: us-Boqhrv5ZaymDxcEcDFj-M-14.roa (raw, json)
Hash identifier: AmGCcXJ2NPeu3kIsF56ISUyqxHEIaWxvJ6CZll5qlLI=
Subject key identifier: BA:CF:81:A2:A8:6B:BF:96:5A:CA:60:F1:70:47:03:16:3F:8C:FB:5E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C499574498599C9A2BA1C38D1977C88D1
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/us-Boqhrv5ZaymDxcEcDFj-M-14.roa
Signing time: Fri 08 Dec 2023 13:19:40 +0000
ROA not before: Fri 08 Dec 2023 13:19:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:49:95:74:49:85:99:c9:a2:ba:1c:38:d1:97:7c:88:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 8 13:19:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bacf81a2a86bbf965aca60f1704703163f8cfb5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:22:42:75:39:37:19:49:72:e6:ff:7d:65:90:
63:f4:a3:c5:02:a1:43:37:12:01:ce:f9:68:44:73:
eb:3a:14:31:f7:40:88:90:aa:07:17:a2:d1:a1:27:
ef:a3:7d:ec:7b:37:d0:07:0d:bb:df:af:0e:1a:28:
ff:c4:a4:7f:00:ca:61:17:af:a0:b1:fe:20:bd:22:
f5:74:d5:90:ec:a7:fc:f4:cd:68:9a:42:42:c2:d7:
8c:10:03:3a:ce:0d:02:b0:bd:19:f0:fb:05:38:54:
ed:4c:b4:bf:2c:9b:48:d2:e5:a7:fa:0a:6e:4a:35:
4b:0e:3c:b4:34:5c:71:ca:68:f7:15:9b:f9:4d:f3:
76:fa:f3:f6:97:c6:03:78:18:8b:3e:15:5e:0f:0d:
e0:1c:5c:85:5e:d0:fc:0a:61:30:40:d6:fc:cf:08:
93:8f:6d:3b:dc:58:9a:95:09:cb:ad:19:94:bf:1d:
fe:ee:87:ae:b2:4c:ce:0d:a4:f6:a6:cf:e0:92:d7:
6b:14:bc:87:9c:04:23:cf:fe:6a:b1:57:ac:bc:0d:
24:23:96:0c:e7:e0:70:e5:bd:84:1e:1b:0a:30:0c:
d9:0b:30:cf:44:a2:84:28:10:1f:b3:72:73:e4:e5:
fc:1f:bf:e4:fe:6d:51:54:85:db:3a:eb:33:a8:fb:
f3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CF:81:A2:A8:6B:BF:96:5A:CA:60:F1:70:47:03:16:3F:8C:FB:5E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/us-Boqhrv5ZaymDxcEcDFj-M-14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:fa:21:b2:bc:3b:08:e0:98:f3:82:be:73:e7:bb:df:8b:92:
85:3c:fb:ac:75:48:81:43:da:ae:4a:dc:42:12:53:20:7e:66:
46:de:3a:56:0d:96:88:9d:51:b9:f3:cf:16:a3:24:d7:ce:bc:
35:9a:da:47:0c:fe:07:c2:1a:ab:3d:9a:ed:7f:c6:00:ba:ad:
d9:3b:44:26:c5:31:be:5c:70:8d:4b:35:e3:de:51:12:e5:24:
47:3a:ff:ec:76:04:9f:44:bd:ff:45:c4:9d:8a:8f:20:d7:a6:
ac:50:36:b6:8a:09:db:4b:32:85:74:6e:97:f2:40:6e:69:c5:
1e:03:73:b9:dd:4a:bc:90:f6:2c:48:6a:71:e4:57:72:5c:0b:
c9:53:49:86:55:a6:9f:07:c0:13:18:c7:ab:d8:9d:08:37:c2:
0d:0b:58:6a:fc:cf:d4:6b:04:cf:96:94:bf:84:b4:3e:b4:dd:
45:8b:12:25:2a:f6:b3:b1:6d:84:bf:6d:fd:33:78:55:8f:76:
af:98:ca:85:8b:14:5b:f2:98:20:51:35:c8:7f:98:d6:81:c1:
85:d0:25:3e:e8:b6:0d:85:a9:92:6e:e2:fb:36:bc:8c:e1:2a:
83:21:10:ce:6d:c9:03:7d:20:80:cd:41:ba:e6:10:d6:df:5d:
6d:49:dd:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxJlXRJhZnJorocONGXfIjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA4MTMxOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNmODFhMmE4NmJiZjk2NWFjYTYwZjE3MDQ3MDMxNjNmOGNmYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCJCdTk3GUly5v99ZZBj9KPFAqFD
NxIBzvloRHPrOhQx90CIkKoHF6LRoSfvo33sezfQBw27368OGij/xKR/AMphF6+g
sf4gvSL1dNWQ7Kf89M1omkJCwteMEAM6zg0CsL0Z8PsFOFTtTLS/LJtI0uWn+gpu
SjVLDjy0NFxxymj3FZv5TfN2+vP2l8YDeBiLPhVeDw3gHFyFXtD8CmEwQNb8zwiT
j2073FialQnLrRmUvx3+7oeuskzODaT2ps/gktdrFLyHnAQjz/5qsVesvA0kI5YM
5+Bw5b2EHhsKMAzZCzDPRKKEKBAfs3Jz5OX8H7/k/m1RVIXbOuszqPvzHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLrPgaKoa7+WWspg8XBHAxY/jPteMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvdXMtQm9xaHJ2NVpheW1EeGNFY0RGai1NLTE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACP6IbK8OwjgmPOCvnPn
u9+LkoU8+6x1SIFD2q5K3EISUyB+ZkbeOlYNloidUbnzzxajJNfOvDWa2kcM/gfC
Gqs9mu1/xgC6rdk7RCbFMb5ccI1LNePeURLlJEc6/+x2BJ9Evf9FxJ2KjyDXpqxQ
NraKCdtLMoV0bpfyQG5pxR4Dc7ndSryQ9ixIanHkV3JcC8lTSYZVpp8HwBMYx6vY
nQg3wg0LWGr8z9RrBM+WlL+EtD603UWLEiUq9rOxbYS/bf0zeFWPdq+YyoWLFFvy
mCBRNch/mNaBwYXQJT7otg2FqZJu4vs2vIzhKoMhEM5tyQN9IIDNQbrmENbfXW1J
3Q8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:37:28 2025 by rpki-client