Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bmhwkhojvQ38qGF0j7M54OOn8O8.roa
File: bmhwkhojvQ38qGF0j7M54OOn8O8.roa (raw, json)
Hash identifier: 6h36fnBIPsu07Wqbh96kZr8OxxfTyZuofWsHIMv8+rk=
Subject key identifier: 6E:68:70:92:1A:23:BD:0D:FC:A8:61:74:8F:B3:39:E0:E3:A7:F0:EF
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A75F7DAFDF27C68FE835903645AB0C15F
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bmhwkhojvQ38qGF0j7M54OOn8O8.roa
Signing time: Fri 08 Sep 2023 18:04:52 +0000
ROA not before: Fri 08 Sep 2023 18:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:75f7:80f2/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:75:f7:da:fd:f2:7c:68:fe:83:59:03:64:5a:b0:c1:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 8 18:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e6870921a23bd0dfca861748fb339e0e3a7f0ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d4:d4:9b:4d:36:21:af:9d:f7:8e:3e:d1:22:
06:7a:7a:71:51:8d:9f:d9:73:20:62:8a:81:ec:75:
7d:f3:4d:1b:06:e0:63:fb:8f:df:02:0a:7d:f1:6e:
2d:01:b4:a2:da:d0:99:8f:1f:f1:eb:84:c5:6f:1b:
21:6a:6e:16:4d:19:da:0f:8c:5c:cf:00:fe:94:f7:
49:ec:32:02:ac:dc:e3:5c:fd:c6:32:75:6f:50:ce:
d6:ee:c7:cc:c0:35:58:0a:f1:e0:84:26:82:9a:d4:
74:ac:ab:f1:f1:c0:5f:29:e9:a0:cc:d9:68:7d:b1:
11:10:a9:33:65:91:30:95:e1:f4:83:98:54:59:c3:
9a:ce:a1:8e:fc:e7:39:1b:00:2b:d2:89:57:4d:3c:
c9:1b:e9:fa:61:56:ef:13:50:72:6a:8b:b1:00:78:
69:5a:bc:38:f3:ca:d4:3f:22:04:05:4c:da:58:59:
31:97:a7:e6:ca:3a:dc:bc:62:0b:54:15:a3:9a:3f:
5a:26:e9:40:52:12:8d:e3:00:cb:7d:bb:be:b2:b6:
44:31:5d:9e:31:2c:25:eb:f1:41:3d:50:76:de:04:
eb:91:0b:80:88:9e:37:4c:f3:11:76:e9:04:d0:c1:
47:de:bd:ff:68:46:7b:e7:9b:d6:a3:a2:91:80:1d:
18:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:68:70:92:1A:23:BD:0D:FC:A8:61:74:8F:B3:39:E0:E3:A7:F0:EF
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bmhwkhojvQ38qGF0j7M54OOn8O8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:10:5d:2b:a2:2d:22:20:c0:27:9d:4f:71:ce:3a:ba:fd:57:
b9:17:54:1f:82:8a:b0:7b:b2:f8:1c:81:7c:8d:d5:23:c7:12:
41:cd:2e:bf:80:30:5c:e0:f9:fe:cf:11:d8:91:4a:f2:0a:8b:
23:c1:b1:41:82:a0:e1:58:4c:74:8f:c3:29:ca:45:84:37:b9:
f6:15:7d:e9:7c:36:ee:6f:d2:ca:7d:4c:3d:f2:4a:c1:ae:2a:
e4:b0:7d:65:4e:39:53:36:57:36:6a:21:52:98:77:91:95:8d:
73:b4:ce:43:91:4f:12:45:eb:e3:a0:51:01:ee:99:94:88:0f:
06:8a:ad:05:f3:14:eb:fb:fc:af:aa:64:ae:c0:9d:90:89:91:
a3:78:71:58:3c:69:0f:c6:e1:f5:82:43:6f:35:08:0d:c8:75:
3c:11:7f:d2:82:21:53:3f:6e:d3:48:e2:17:f3:47:d4:bb:5b:
dc:4d:d2:bf:c9:0b:4b:b1:a7:0c:98:16:35:42:38:de:4d:1b:
c8:a7:39:51:03:04:99:56:a0:ce:8a:2c:b7:a3:5c:50:79:78:
83:7f:48:b1:81:e2:dd:7e:f9:a1:2a:ce:ad:d5:71:8a:74:bf:
40:1a:41:e5:3b:ec:5b:5f:99:57:36:3b:6b:4b:25:1c:c5:f3:
ab:81:33:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYp199r98nxo/oNZA2RasMFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTA4MTgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY4NzA5MjFhMjNiZDBkZmNhODYxNzQ4ZmIzMzllMGUzYTdmMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tTUm002Ia+d944+0SIGenpxUY2f
2XMgYoqB7HV9800bBuBj+4/fAgp98W4tAbSi2tCZjx/x64TFbxsham4WTRnaD4xc
zwD+lPdJ7DICrNzjXP3GMnVvUM7W7sfMwDVYCvHghCaCmtR0rKvx8cBfKemgzNlo
fbEREKkzZZEwleH0g5hUWcOazqGO/Oc5GwAr0olXTTzJG+n6YVbvE1ByaouxAHhp
Wrw488rUPyIEBUzaWFkxl6fmyjrcvGILVBWjmj9aJulAUhKN4wDLfbu+srZEMV2e
MSwl6/FBPVB23gTrkQuAiJ43TPMRdukE0MFH3r3/aEZ755vWo6KRgB0Y1QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG5ocJIaI70N/KhhdI+zOeDjp/DvMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYm1od2tob2p2UTM4cUdGMGo3TTU0T09uOE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEcQXSuiLSIgwCedT3HO
Orr9V7kXVB+CirB7svgcgXyN1SPHEkHNLr+AMFzg+f7PEdiRSvIKiyPBsUGCoOFY
THSPwynKRYQ3ufYVfel8Nu5v0sp9TD3ySsGuKuSwfWVOOVM2VzZqIVKYd5GVjXO0
zkORTxJF6+OgUQHumZSIDwaKrQXzFOv7/K+qZK7AnZCJkaN4cVg8aQ/G4fWCQ281
CA3IdTwRf9KCIVM/btNI4hfzR9S7W9xN0r/JC0uxpwyYFjVCON5NG8inOVEDBJlW
oM6KLLejXFB5eIN/SLGB4t1++aEqzq3VcYp0v0AaQeU77FtfmVc2O2tLJRzF86uB
M3g=
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:31:40 2025 by rpki-client