Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BchWM09mBl02660sfovLMGXQoG4.roa
File: BchWM09mBl02660sfovLMGXQoG4.roa (raw, json)
Hash identifier: iaGMqmxHnnRxIdaH8QIihm+W2JTQRPej5kbrSUYHoK0=
Subject key identifier: 05:C8:56:33:4F:66:06:5D:36:EB:AD:2C:7E:8B:CB:30:65:D0:A0:6E
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC785CF8524657218BF20699C0D65C2B4
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BchWM09mBl02660sfovLMGXQoG4.roa
Signing time: Mon 13 Nov 2023 07:11:57 +0000
ROA not before: Mon 13 Nov 2023 07:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:85:cf:85:24:65:72:18:bf:20:69:9c:0d:65:c2:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 07:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=05c856334f66065d36ebad2c7e8bcb3065d0a06e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:92:44:cf:57:ee:11:34:9c:3b:08:2c:20:fc:
19:a6:b6:4c:a6:51:4b:62:e2:65:fd:49:bb:3a:1d:
b3:ad:17:37:4c:5c:4a:5a:66:ed:09:36:a6:d6:70:
7e:6b:11:1d:11:5a:50:f7:c5:22:f7:a6:c8:57:16:
15:3a:60:2b:7b:c6:31:04:d5:cb:bd:24:35:c4:bd:
af:82:e8:f9:d4:a0:7a:99:8e:4f:51:48:8e:80:56:
1c:d8:a3:02:2e:10:b1:76:04:c9:b6:b7:1c:c9:8f:
db:09:ba:b2:9d:d6:4d:9c:02:78:ce:74:4e:19:1a:
06:cf:3b:03:5a:fe:84:17:b4:67:2c:2e:e2:ed:6b:
a2:24:0b:d9:d4:d5:37:57:91:cd:6b:f4:b2:38:76:
5e:1f:72:2b:69:dd:e2:ae:9c:19:22:60:e4:d7:66:
78:00:33:ab:51:e4:9f:85:e3:c9:10:c8:1e:fa:be:
ac:77:bf:ae:ee:bc:b2:43:03:6d:f9:c6:91:aa:f8:
09:c2:42:f8:f8:da:dd:be:d9:88:f1:3d:a4:c7:21:
ea:47:5c:38:bc:e5:09:3c:6f:47:48:59:93:8e:26:
fa:83:43:11:67:4e:6f:74:23:4a:a3:9b:0c:a8:33:
8e:cf:2e:0a:01:b7:bf:71:cc:b8:58:9e:95:ea:41:
14:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C8:56:33:4F:66:06:5D:36:EB:AD:2C:7E:8B:CB:30:65:D0:A0:6E
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BchWM09mBl02660sfovLMGXQoG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
08:f1:24:b1:f9:87:48:6b:75:14:47:70:0b:6a:8e:56:05:08:
6a:73:6b:c2:b4:2c:97:2b:96:ce:4e:69:a4:1e:30:83:8c:4d:
dd:cb:07:7c:41:91:94:de:b7:33:3d:47:c0:b5:14:81:ce:8f:
27:f4:df:1a:cb:63:8e:65:7a:be:ff:59:ea:a6:79:3c:24:56:
61:d4:28:e9:ea:af:df:7f:f5:13:c5:21:0e:d9:52:e4:c3:ea:
4c:91:6f:9c:01:80:82:2c:c7:e8:b4:e8:19:3e:f5:15:0b:1a:
5f:8e:1d:2b:e0:2d:15:56:13:3d:01:2c:a8:7b:3c:bf:0f:a3:
73:fc:0d:d0:32:7e:4d:36:75:91:08:3e:8d:e3:ee:e3:8f:7c:
56:f8:22:ec:25:34:f3:9b:03:d9:97:9e:c9:6f:03:2e:c3:06:
b7:92:6c:36:0a:de:15:f1:1c:4b:62:66:6c:e0:7e:86:43:4d:
ae:52:47:37:75:22:26:49:70:d4:21:f9:bb:f8:3b:e9:70:15:
eb:ec:07:15:7f:a4:70:89:7e:9b:c1:4c:b5:f9:65:74:ea:9f:
57:5f:35:44:03:94:98:54:9f:ca:3b:f9:91:f5:23:84:9d:f2:
24:88:c0:6a:b4:99:42:05:3e:7f:40:b5:a7:ab:ad:24:ec:d1:
c1:75:c1:2d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvHhc+FJGVyGL8gaZwNZcK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMDcxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM4NTYzMzRmNjYwNjVkMzZlYmFkMmM3ZThiY2IzMDY1ZDBhMDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJJEz1fuETScOwgsIPwZprZMplFL
YuJl/Um7Oh2zrRc3TFxKWmbtCTam1nB+axEdEVpQ98Ui96bIVxYVOmAre8YxBNXL
vSQ1xL2vguj51KB6mY5PUUiOgFYc2KMCLhCxdgTJtrccyY/bCbqyndZNnAJ4znRO
GRoGzzsDWv6EF7RnLC7i7WuiJAvZ1NU3V5HNa/SyOHZeH3Irad3irpwZImDk12Z4
ADOrUeSfhePJEMge+r6sd7+u7ryyQwNt+caRqvgJwkL4+NrdvtmI8T2kxyHqR1w4
vOUJPG9HSFmTjib6g0MRZ05vdCNKo5sMqDOOzy4KAbe/ccy4WJ6V6kEUTQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAXIVjNPZgZdNuutLH6LyzBl0KBuMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQmNoV00wOW1CbDAyNjYwc2ZvdkxNR1hRb0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAjxJLH5h0hrdRRHcAtq
jlYFCGpza8K0LJcrls5OaaQeMIOMTd3LB3xBkZTetzM9R8C1FIHOjyf03xrLY45l
er7/WeqmeTwkVmHUKOnqr99/9RPFIQ7ZUuTD6kyRb5wBgIIsx+i06Bk+9RULGl+O
HSvgLRVWEz0BLKh7PL8Po3P8DdAyfk02dZEIPo3j7uOPfFb4IuwlNPObA9mXnslv
Ay7DBreSbDYK3hXxHEtiZmzgfoZDTa5SRzd1IiZJcNQh+bv4O+lwFevsBxV/pHCJ
fpvBTLX5ZXTqn1dfNUQDlJhUn8o7+ZH1I4Sd8iSIwGq0mUIFPn9AtaerrSTs0cF1
wS0=
-----END CERTIFICATE-----
Generated at Sat May 10 13:55:17 2025 by rpki-client