Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BKeCTeqasvr0iTW_2KjQIwTOXdQ.roa
File: BKeCTeqasvr0iTW_2KjQIwTOXdQ.roa (raw, json)
Hash identifier: 38LjxzUmoMrYGZ0HEUtOzCg8dIYw8mizOgOxqxNAyYY=
Subject key identifier: 04:A7:82:4D:EA:9A:B2:FA:F4:89:35:BF:D8:A8:D0:23:04:CE:5D:D4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C7F2D0606B1B7C8825419A88B56E9DE9B
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BKeCTeqasvr0iTW_2KjQIwTOXdQ.roa
Signing time: Mon 18 Dec 2023 23:05:06 +0000
ROA not before: Mon 18 Dec 2023 23:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64:ffff:0:18c:7f2c:bf40/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7f:2d:06:06:b1:b7:c8:82:54:19:a8:8b:56:e9:de:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 18 23:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=04a7824dea9ab2faf48935bfd8a8d02304ce5dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3a:0b:b5:4c:bb:67:59:92:51:07:50:b2:51:
ea:7f:04:61:b4:03:75:14:3e:39:6a:20:41:19:fc:
44:c1:d2:ef:3e:e3:5a:06:89:1c:49:71:b2:cf:f5:
64:97:a8:51:26:8d:a7:6b:6d:2c:bb:cd:ab:44:78:
4f:02:4f:9e:7c:84:a3:3f:ae:9c:de:6f:c2:50:a5:
0e:52:c0:74:26:b2:e0:64:c9:48:1a:24:25:8f:27:
e3:ca:42:63:fb:3d:d7:2c:60:07:12:c7:86:3e:c9:
ac:f2:59:e3:90:67:1a:3a:89:be:51:26:75:d4:1b:
d3:c7:df:0b:23:de:14:c0:92:ca:4d:84:d9:14:1c:
74:aa:90:5a:79:38:0e:39:a8:f7:61:2d:51:9a:88:
c2:43:ee:c1:3e:61:37:f8:4f:72:a9:6e:25:00:27:
db:41:a7:b1:41:33:12:c6:1d:2f:7f:8d:28:ea:c2:
38:ff:a7:7e:82:21:51:07:cd:d1:01:fd:2c:d3:59:
b2:13:60:7e:df:fe:f3:86:c9:52:ae:15:5b:c7:d1:
39:42:50:41:75:64:03:a7:bc:fe:08:2a:a4:24:74:
3d:9c:4d:eb:21:b3:da:17:86:5f:aa:ec:32:e5:78:
53:ff:b1:7f:1a:06:d3:8e:5a:ed:82:8e:78:ac:f0:
75:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A7:82:4D:EA:9A:B2:FA:F4:89:35:BF:D8:A8:D0:23:04:CE:5D:D4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BKeCTeqasvr0iTW_2KjQIwTOXdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:5b:d3:49:0f:b8:05:41:27:bc:8e:8e:80:eb:7a:59:e1:7e:
05:90:20:b9:e2:40:67:51:17:5c:4c:32:4c:d3:bb:05:ca:c5:
df:de:de:f9:8b:99:7c:d0:b7:ae:31:50:d9:84:c3:05:a5:81:
cf:e5:a9:aa:32:46:f3:3f:42:06:ca:79:04:a5:bd:e4:f5:4e:
6d:e7:b2:ba:57:1f:3e:79:22:63:1d:89:bf:73:63:94:fe:1a:
60:2a:26:e5:4f:24:32:69:ba:d8:dc:33:15:89:af:3c:cc:6d:
92:ed:ba:c7:d0:3c:84:6c:c9:fd:25:bc:d7:2c:a3:1e:ad:31:
94:8e:91:da:63:c0:0a:8b:11:96:a9:dc:61:8e:d4:90:f9:83:
3a:aa:dd:9b:f5:de:9b:e4:cc:3d:e8:fd:1a:4d:bb:62:20:c7:
16:dc:8c:45:38:4c:c0:0b:b2:a8:60:62:f3:e7:be:a2:ca:92:
73:0e:23:4e:d9:0e:4a:49:16:78:5e:01:60:e1:04:84:2a:bb:
d7:d8:52:2b:a9:9c:ef:8b:93:49:c7:c3:ac:77:70:2b:2b:e3:
b8:44:81:2c:fc:46:c2:0c:d5:9f:0b:14:8f:f0:2e:3b:93:0e:
e7:41:77:eb:9d:3c:d2:f3:a2:80:74:3c:0e:60:26:1a:51:cd:
59:20:34:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYx/LQYGsbfIglQZqItW6d6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE4MjMwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGE3ODI0ZGVhOWFiMmZhZjQ4OTM1YmZkOGE4ZDAyMzA0Y2U1ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjoLtUy7Z1mSUQdQslHqfwRhtAN1
FD45aiBBGfxEwdLvPuNaBokcSXGyz/Vkl6hRJo2na20su82rRHhPAk+efISjP66c
3m/CUKUOUsB0JrLgZMlIGiQljyfjykJj+z3XLGAHEseGPsms8lnjkGcaOom+USZ1
1BvTx98LI94UwJLKTYTZFBx0qpBaeTgOOaj3YS1RmojCQ+7BPmE3+E9yqW4lACfb
QaexQTMSxh0vf40o6sI4/6d+giFRB83RAf0s01myE2B+3/7zhslSrhVbx9E5QlBB
dWQDp7z+CCqkJHQ9nE3rIbPaF4Zfquwy5XhT/7F/GgbTjlrtgo54rPB1vwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFASngk3qmrL69Ik1v9io0CMEzl3UMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQktlQ1RlcWFzdnIwaVRXXzJLalFJd1RPWGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVb00kPuAVBJ7yOjoDr
elnhfgWQILniQGdRF1xMMkzTuwXKxd/e3vmLmXzQt64xUNmEwwWlgc/lqaoyRvM/
QgbKeQSlveT1Tm3nsrpXHz55ImMdib9zY5T+GmAqJuVPJDJputjcMxWJrzzMbZLt
usfQPIRsyf0lvNcsox6tMZSOkdpjwAqLEZap3GGO1JD5gzqq3Zv13pvkzD3o/RpN
u2IgxxbcjEU4TMALsqhgYvPnvqLKknMOI07ZDkpJFnheAWDhBIQqu9fYUiupnO+L
k0nHw6x3cCsr47hEgSz8RsIM1Z8LFI/wLjuTDudBd+udPNLzooB0PA5gJhpRzVkg
NN8=
-----END CERTIFICATE-----
Generated at Mon May 12 21:59:14 2025 by rpki-client