Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BjchSyrMLBduJkRxLyCrXFq0H9Q.roa
File: BjchSyrMLBduJkRxLyCrXFq0H9Q.roa (raw, json)
Hash identifier: 92LDZXczzhJFI6AnECBf24O4dHQqUEQAlA15+fkNZBM=
Subject key identifier: 06:37:21:4B:2A:CC:2C:17:6E:26:44:71:2F:20:AB:5C:5A:B4:1F:D4
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B047A93F755E1A47087C06BA6AB9DECDB
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BjchSyrMLBduJkRxLyCrXFq0H9Q.roa
Signing time: Fri 06 Oct 2023 10:13:43 +0000
ROA not before: Fri 06 Oct 2023 10:13:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:04:7a:93:f7:55:e1:a4:70:87:c0:6b:a6:ab:9d:ec:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 6 10:13:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0637214b2acc2c176e2644712f20ab5c5ab41fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6c:2a:2e:4e:16:88:e1:e5:37:f1:86:4f:de:
d0:66:cb:63:48:a5:c9:d0:5f:ea:90:40:16:1d:42:
10:50:02:32:1c:9f:79:e6:67:43:1f:38:9c:f7:ab:
88:9d:bd:b4:73:68:e6:9f:07:e4:47:07:ee:6e:92:
18:5e:3f:8e:a8:25:8e:67:30:26:f1:b0:2c:95:d1:
b7:b3:ae:07:fd:ff:9e:6a:2b:9c:86:5a:4a:87:aa:
59:40:7d:83:f2:2a:e2:ca:6f:2a:1f:14:6e:e5:4a:
40:34:ac:1c:a0:b4:5a:75:68:84:34:e6:4c:08:49:
d5:00:be:e3:be:26:52:cb:4f:83:29:3a:8d:4a:07:
ef:93:23:a8:0a:bd:e0:71:f0:54:14:cb:96:e4:a3:
42:b7:f5:b3:49:a3:c0:b3:7c:36:76:3f:10:64:4e:
0f:da:15:54:b5:5f:f8:10:15:3e:de:2a:16:92:de:
14:76:66:de:32:07:bd:e1:4e:87:2a:eb:37:e2:98:
bb:ea:f0:0e:69:df:fa:da:b6:f0:ac:17:4e:47:58:
6d:6d:a8:0a:86:7d:db:18:57:c7:1c:22:98:79:17:
f1:9b:53:a2:0e:4e:14:c0:87:1d:1b:11:58:ed:20:
b5:d9:62:be:a4:4f:b1:e6:b9:7e:41:2f:6e:ea:82:
1e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:37:21:4B:2A:CC:2C:17:6E:26:44:71:2F:20:AB:5C:5A:B4:1F:D4
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BjchSyrMLBduJkRxLyCrXFq0H9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
d0:cc:49:58:6b:1b:65:17:84:c2:fd:3e:99:81:4c:79:a1:fd:
3a:62:42:80:40:db:80:5c:74:56:b5:2e:89:73:3e:4e:73:36:
c7:6b:57:3d:31:bf:eb:9c:fd:70:84:40:7b:07:c5:4d:a8:d9:
6c:16:c3:48:8b:73:a7:c3:de:62:df:ee:4b:7b:d2:8d:9f:0a:
42:c6:5b:d1:ab:86:6d:6a:33:23:2c:a6:42:e7:3e:67:eb:d0:
23:20:6f:ea:27:c6:cb:64:10:3f:43:e2:bf:97:69:b2:47:90:
0e:39:2a:65:c5:4b:7a:11:fd:55:5e:8d:9f:be:72:39:63:73:
76:77:fb:e2:98:2a:03:3e:3a:28:2c:2f:47:33:47:15:0a:5d:
9e:90:5d:2a:79:f2:66:a5:dd:05:10:e1:84:57:54:16:e1:86:
9a:2c:2f:3f:fc:da:c8:6b:88:c5:d6:e5:e6:c0:67:f6:b5:28:
d0:40:34:d9:e4:d9:20:1d:c7:40:6e:be:99:2e:fc:3d:d6:40:
01:3c:fd:b3:ed:5b:2d:44:fc:bf:6c:05:5e:cb:af:93:ca:9c:
0b:17:24:9c:84:37:54:c3:59:6e:33:fe:97:68:86:4b:e4:61:
7e:78:97:0b:a3:c4:2f:92:9e:0a:7a:88:cb:a3:eb:c2:a8:cc:
ef:13:ef:ce
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYsEepP3VeGkcIfAa6arnezbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDA2MTAxMzQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjM3MjE0YjJhY2MyYzE3NmUyNjQ0NzEyZjIwYWI1YzVhYjQxZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGwqLk4WiOHlN/GGT97QZstjSKXJ
0F/qkEAWHUIQUAIyHJ955mdDHzic96uInb20c2jmnwfkRwfubpIYXj+OqCWOZzAm
8bAsldG3s64H/f+eaiuchlpKh6pZQH2D8iriym8qHxRu5UpANKwcoLRadWiENOZM
CEnVAL7jviZSy0+DKTqNSgfvkyOoCr3gcfBUFMuW5KNCt/WzSaPAs3w2dj8QZE4P
2hVUtV/4EBU+3ioWkt4UdmbeMge94U6HKus34pi76vAOad/62rbwrBdOR1htbagK
hn3bGFfHHCKYeRfxm1OiDk4UwIcdGxFY7SC12WK+pE+x5rl+QS9u6oIeYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAY3IUsqzCwXbiZEcS8gq1xatB/UMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQmpjaFN5ck1MQmR1SmtSeEx5Q3JYRnEwSDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBANDMSVhrG2UXhML9PpmB
THmh/TpiQoBA24BcdFa1LolzPk5zNsdrVz0xv+uc/XCEQHsHxU2o2WwWw0iLc6fD
3mLf7kt70o2fCkLGW9Grhm1qMyMspkLnPmfr0CMgb+onxstkED9D4r+XabJHkA45
KmXFS3oR/VVejZ++cjljc3Z3++KYKgM+OigsL0czRxUKXZ6QXSp58mal3QUQ4YRX
VBbhhposLz/82shriMXW5ebAZ/a1KNBANNnk2SAdx0Buvpku/D3WQAE8/bPtWy1E
/L9sBV7Lr5PKnAsXJJyEN1TDWW4z/pdohkvkYX54lwujxC+Sngp6iMuj68KozO8T
784=
-----END CERTIFICATE-----
Generated at Sat May 10 14:54:52 2025 by rpki-client