Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Bj-KxH6wnOumood6q4b3e9RpS8A.roa
File: Bj-KxH6wnOumood6q4b3e9RpS8A.roa (raw, json)
Hash identifier: tQM+2JAgcrEmISE78urWGYblxcxrszPPzE0DodgAqk0=
Subject key identifier: 06:3F:8A:C4:7E:B0:9C:EB:A6:A2:87:7A:AB:86:F7:7B:D4:69:4B:C0
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B65AC41C553DD5B993B43A7D0BDAE070F
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Bj-KxH6wnOumood6q4b3e9RpS8A.roa
Signing time: Wed 25 Oct 2023 07:11:09 +0000
ROA not before: Wed 25 Oct 2023 07:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:65:ac:41:c5:53:dd:5b:99:3b:43:a7:d0:bd:ae:07:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 25 07:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=063f8ac47eb09ceba6a2877aab86f77bd4694bc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2d:ca:aa:13:ca:d8:89:4a:b5:8e:ad:12:6d:
7a:91:9b:51:dc:4d:38:54:04:ee:61:28:c6:04:85:
ef:75:25:49:d9:56:b7:97:58:04:b6:b4:55:77:58:
da:8f:c5:8b:9d:6c:dc:e2:67:4a:ce:10:17:a4:6f:
09:ff:9d:a3:db:64:1d:bf:4e:e8:84:76:63:7f:6a:
34:77:e7:2d:b9:25:99:f7:08:12:45:ad:fb:bd:07:
0c:ca:8b:45:7b:32:ab:88:a2:3c:4d:a1:29:06:9a:
be:38:8f:6a:17:74:ef:a7:a8:b8:0f:19:54:a6:31:
17:8c:3e:34:8a:6e:b0:7c:44:82:b6:9e:e2:b9:9a:
22:34:b8:80:85:b6:a1:ac:0c:25:db:25:ba:ba:62:
fc:42:26:aa:bd:10:00:58:cb:16:07:90:d4:81:fe:
84:0b:f0:0e:da:a7:d3:5d:7b:12:20:41:4d:c1:09:
3c:b3:26:49:f8:3f:c0:88:ce:81:ae:8e:fb:87:8c:
e5:c4:63:61:53:a5:f7:28:94:50:9c:b6:d8:be:4f:
44:d4:75:75:18:a8:d7:90:6c:c4:2a:6c:f4:ad:85:
2e:ad:2b:17:5d:47:18:b6:5b:c5:77:f1:9a:6c:61:
86:60:d6:37:14:10:f9:a8:15:95:3c:f4:bb:f1:c7:
d6:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3F:8A:C4:7E:B0:9C:EB:A6:A2:87:7A:AB:86:F7:7B:D4:69:4B:C0
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/Bj-KxH6wnOumood6q4b3e9RpS8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:2c:9d:99:b5:c2:6c:fc:ba:56:9c:20:f4:27:d4:37:c6:b4:
cc:cc:63:0a:66:42:fd:b4:49:a3:9c:61:96:fc:95:41:fa:85:
8a:54:7a:d7:dd:7a:09:1c:25:03:51:23:68:12:67:48:f7:1a:
e7:ad:ce:c8:29:e8:52:e1:27:34:96:52:4b:78:bb:c7:0a:fb:
3d:8b:eb:7a:94:57:54:b4:d3:6b:0e:70:ae:41:ed:77:49:8f:
d0:89:8f:e0:14:69:d5:20:9f:02:44:82:6c:2d:a3:19:0b:4b:
62:f9:ad:27:05:69:1e:e6:6e:ac:13:93:4f:94:8f:65:5a:a8:
38:9d:95:36:3b:5a:4d:3b:64:38:39:0d:e6:fe:4a:1e:cf:0e:
91:73:ff:14:f8:23:ee:3c:c8:ad:f3:17:1c:dd:5f:c8:11:ed:
e3:26:d6:13:29:e5:03:67:59:e1:34:9d:0a:76:c6:28:6c:72:
96:e7:d2:03:06:c3:d7:a2:5d:6b:f1:ac:91:ba:7c:97:cc:ee:
b0:a8:6b:6c:f8:db:70:89:06:8e:7a:ae:8b:e9:46:42:b1:a9:
9b:55:4e:36:0f:8c:00:27:57:37:81:9d:94:38:81:0a:f0:dc:
72:7e:5f:4c:79:1f:41:1c:56:1f:93:b7:01:32:ef:59:c9:96:
44:b2:e1:94
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYtlrEHFU91bmTtDp9C9rgcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDI1MDcxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNmOGFjNDdlYjA5Y2ViYTZhMjg3N2FhYjg2Zjc3YmQ0Njk0YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy3KqhPK2IlKtY6tEm16kZtR3E04
VATuYSjGBIXvdSVJ2Va3l1gEtrRVd1jaj8WLnWzc4mdKzhAXpG8J/52j22Qdv07o
hHZjf2o0d+ctuSWZ9wgSRa37vQcMyotFezKriKI8TaEpBpq+OI9qF3Tvp6i4DxlU
pjEXjD40im6wfESCtp7iuZoiNLiAhbahrAwl2yW6umL8QiaqvRAAWMsWB5DUgf6E
C/AO2qfTXXsSIEFNwQk8syZJ+D/AiM6Bro77h4zlxGNhU6X3KJRQnLbYvk9E1HV1
GKjXkGzEKmz0rYUurSsXXUcYtlvFd/GabGGGYNY3FBD5qBWVPPS78cfWqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAY/isR+sJzrpqKHequG93vUaUvAMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQmotS3hINnduT3Vtb29kNnE0YjNlOVJwUzhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA4snZm1wmz8ulacIPQn
1DfGtMzMYwpmQv20SaOcYZb8lUH6hYpUetfdegkcJQNRI2gSZ0j3Guetzsgp6FLh
JzSWUkt4u8cK+z2L63qUV1S002sOcK5B7XdJj9CJj+AUadUgnwJEgmwtoxkLS2L5
rScFaR7mbqwTk0+Uj2VaqDidlTY7Wk07ZDg5Deb+Sh7PDpFz/xT4I+48yK3zFxzd
X8gR7eMm1hMp5QNnWeE0nQp2xihscpbn0gMGw9eiXWvxrJG6fJfM7rCoa2z423CJ
Bo56rovpRkKxqZtVTjYPjAAnVzeBnZQ4gQrw3HJ+X0x5H0EcVh+TtwEy71nJlkSy
4ZQ=
-----END CERTIFICATE-----
Generated at Mon May 12 04:09:43 2025 by rpki-client