Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BcWbfXNHDTKtAiEpw9dflBFJAwg.roa
File: BcWbfXNHDTKtAiEpw9dflBFJAwg.roa (raw, json)
Hash identifier: Igv+I4uBJkgnNxMY/4xbU666r/sFqErm+RHJCF3dO+Q=
Subject key identifier: 05:C5:9B:7D:73:47:0D:32:AD:02:21:29:C3:D7:5F:94:11:49:03:08
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018AFCF82EE4857B2E43BF13FCB3EA130FAD
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BcWbfXNHDTKtAiEpw9dflBFJAwg.roa
Signing time: Wed 04 Oct 2023 23:13:57 +0000
ROA not before: Wed 04 Oct 2023 23:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fc:f8:2e:e4:85:7b:2e:43:bf:13:fc:b3:ea:13:0f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 4 23:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05c59b7d73470d32ad022129c3d75f9411490308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:de:28:e1:ce:d2:67:2b:fc:78:78:2a:fb:44:
62:1d:31:e6:7e:e1:51:22:46:16:79:bf:87:a2:25:
2d:47:d4:62:ad:d7:24:39:53:d4:86:7f:bd:de:e1:
23:f5:c4:c5:e1:7e:bd:e4:8e:0f:57:5a:78:59:9b:
b4:c2:66:0f:31:96:6d:b1:92:fb:2a:bd:89:96:1a:
ce:c3:e7:58:d5:30:23:24:56:9e:c0:e1:10:61:0b:
56:6c:4a:a3:7b:f3:b4:15:cf:3d:43:c1:4a:9b:d0:
70:24:26:86:82:11:08:57:c0:18:54:75:f8:6e:4f:
b1:b1:f7:95:46:98:88:10:00:65:e5:3d:73:d6:12:
76:7c:cb:cb:50:08:72:cc:b0:85:82:a8:43:ae:33:
cd:2f:29:a7:14:d1:fe:0d:45:14:72:f9:8c:97:bb:
00:48:6e:95:13:77:a2:1d:e3:0c:d5:42:87:36:55:
7a:75:a9:f9:5a:ff:b9:6c:c9:53:e3:09:fd:74:3e:
21:a5:cd:a3:0a:63:ae:9b:2f:fe:4f:24:8f:98:87:
56:e7:0d:6c:5d:2d:4e:04:77:c2:8c:c8:3a:5f:ab:
3f:ce:9f:15:ac:43:1d:ff:05:30:1b:70:8c:30:22:
7d:af:58:5b:fb:1c:cc:1f:ae:77:ac:18:77:70:1f:
85:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C5:9B:7D:73:47:0D:32:AD:02:21:29:C3:D7:5F:94:11:49:03:08
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BcWbfXNHDTKtAiEpw9dflBFJAwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:51:32:0f:ec:4e:6d:20:ff:83:98:b9:6e:21:9e:7a:00:76:
2e:cc:a8:cb:fe:05:0c:35:ac:d2:5a:5d:78:25:13:8c:da:db:
24:dd:13:fb:c4:99:5a:d9:da:ca:a2:d1:7e:82:5c:f4:7a:99:
43:c6:62:b2:14:c6:19:f3:ad:aa:7f:2a:61:4b:49:c3:52:d1:
51:83:db:dd:8c:78:b6:48:2f:0c:cc:7f:27:da:b4:ed:f5:55:
c9:58:0f:00:a3:90:55:53:a9:a7:79:1c:f6:d8:16:bb:c5:c8:
06:2b:28:23:64:59:d8:3a:5b:56:e1:c0:fa:18:f2:f1:26:ed:
b8:f2:f5:a3:43:43:f4:9a:df:29:da:8f:a6:01:76:b7:ee:d5:
c8:d4:a5:c8:6b:49:63:1f:ad:63:0a:57:64:c3:aa:3e:d9:dd:
48:f1:27:7f:36:42:69:8c:d9:c0:89:05:ad:96:88:c8:bd:41:
51:12:13:de:00:5c:fd:9a:ff:ca:7b:50:d3:65:7f:3f:8f:15:
af:ab:b6:d6:93:3a:85:22:28:8d:f2:2c:72:60:b5:62:16:76:
a8:0f:56:45:c7:04:66:d5:33:38:3c:c8:b6:97:d1:8c:01:bf:
5e:7d:f8:2f:09:a0:74:72:13:12:21:57:0a:cd:b1:83:34:63:
da:35:5f:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYr8+C7khXsuQ78T/LPqEw+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA0MjMxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM1OWI3ZDczNDcwZDMyYWQwMjIxMjljM2Q3NWY5NDExNDkwMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs94o4c7SZyv8eHgq+0RiHTHmfuFR
IkYWeb+HoiUtR9RirdckOVPUhn+93uEj9cTF4X695I4PV1p4WZu0wmYPMZZtsZL7
Kr2JlhrOw+dY1TAjJFaewOEQYQtWbEqje/O0Fc89Q8FKm9BwJCaGghEIV8AYVHX4
bk+xsfeVRpiIEABl5T1z1hJ2fMvLUAhyzLCFgqhDrjPNLymnFNH+DUUUcvmMl7sA
SG6VE3eiHeMM1UKHNlV6dan5Wv+5bMlT4wn9dD4hpc2jCmOumy/+TySPmIdW5w1s
XS1OBHfCjMg6X6s/zp8VrEMd/wUwG3CMMCJ9r1hb+xzMH653rBh3cB+FBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXFm31zRw0yrQIhKcPXX5QRSQMIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQmNXYmZYTkhEVEt0QWlFcHc5ZGZsQkZKQXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH9RMg/sTm0g/4OYuW4h
nnoAdi7MqMv+BQw1rNJaXXglE4za2yTdE/vEmVrZ2sqi0X6CXPR6mUPGYrIUxhnz
rap/KmFLScNS0VGD292MeLZILwzMfyfatO31VclYDwCjkFVTqad5HPbYFrvFyAYr
KCNkWdg6W1bhwPoY8vEm7bjy9aNDQ/Sa3ynaj6YBdrfu1cjUpchrSWMfrWMKV2TD
qj7Z3UjxJ382QmmM2cCJBa2WiMi9QVESE94AXP2a/8p7UNNlfz+PFa+rttaTOoUi
KI3yLHJgtWIWdqgPVkXHBGbVMzg8yLaX0YwBv159+C8JoHRyExIhVwrNsYM0Y9o1
X0A=
-----END CERTIFICATE-----
Generated at Sun May 11 09:33:36 2025 by rpki-client