Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bNNRyictIRXRZh2hc3it-7U-bbs.roa
File: bNNRyictIRXRZh2hc3it-7U-bbs.roa (raw, json)
Hash identifier: 1LopG4BSXJyHJjweC8UyIWdwEHSCdbPLRJP++NcShTM=
Subject key identifier: 6C:D3:51:CA:27:2D:21:15:D1:66:1D:A1:73:78:AD:FB:B5:3E:6D:BB
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B25177353C8F9C6F7F1361757D803AF2D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bNNRyictIRXRZh2hc3it-7U-bbs.roa
Signing time: Thu 12 Oct 2023 18:12:55 +0000
ROA not before: Thu 12 Oct 2023 18:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:25:17:73:53:c8:f9:c6:f7:f1:36:17:57:d8:03:af:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Oct 12 18:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6cd351ca272d2115d1661da17378adfbb53e6dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:35:66:69:44:64:fd:3c:14:c8:8f:f0:06:50:
3c:46:d4:d3:51:2d:fb:d1:59:b0:45:d1:90:bd:5b:
90:e6:d7:82:f5:7e:59:54:28:a5:78:18:92:16:42:
54:5a:6c:65:3f:1d:3f:e7:9f:d2:05:6d:df:e2:d0:
db:86:a5:42:75:19:de:2b:bd:f6:61:ae:9c:1e:e4:
bc:d6:e4:c8:f7:2f:42:0e:a8:63:bd:a2:f4:db:e9:
2f:86:2e:fd:ea:84:50:f8:6b:03:4c:0d:2c:c5:3b:
9f:c8:0c:34:73:27:51:5e:9a:0b:69:0c:56:b3:0b:
4b:7a:a3:26:38:79:85:6d:62:c4:a1:96:32:be:49:
58:fa:dc:db:62:57:83:ca:c1:8b:5e:48:86:1a:37:
d8:73:0d:43:da:eb:ed:1d:39:7b:12:1b:5d:7c:07:
21:fd:ba:ad:87:69:c1:36:da:c5:4c:65:d2:50:93:
bb:46:28:f2:a0:2c:c0:b2:33:60:71:ce:54:73:b3:
9b:9c:91:b5:1c:fe:0c:b2:43:ab:61:ae:6b:a2:54:
da:c6:5b:68:dd:2e:6e:90:59:93:15:77:05:90:09:
8f:87:0a:30:57:42:c8:a0:8f:77:50:36:6c:a1:5f:
89:d0:c4:64:5f:61:3f:12:1c:f8:e7:72:73:00:63:
f3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D3:51:CA:27:2D:21:15:D1:66:1D:A1:73:78:AD:FB:B5:3E:6D:BB
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bNNRyictIRXRZh2hc3it-7U-bbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a6:95:15:16:ea:c3:65:aa:27:20:3b:ae:04:6c:4d:d8:9a:48:
c0:49:cb:ee:c4:e6:bc:e6:76:60:cc:dc:49:ea:18:c9:6c:b5:
26:5a:7a:a0:83:ca:45:96:d9:a2:45:f1:15:d9:c1:f2:d9:9e:
a7:5b:68:1c:2f:b7:a9:70:6d:d0:65:52:7f:11:8c:9a:0e:97:
05:a1:ea:63:64:1b:20:27:f6:f3:2c:53:12:db:9c:ec:8c:69:
ca:3a:a4:cb:24:d4:54:8f:23:84:a6:4b:af:de:92:84:0e:6d:
ae:8e:05:65:27:56:58:96:5b:7a:52:58:ec:f6:6a:32:85:9e:
45:51:b6:e8:f7:1f:3d:a4:bd:e8:f7:2a:69:91:5c:14:46:83:
2b:d3:b9:08:ce:31:32:46:41:77:55:18:11:bd:09:35:34:8c:
8b:39:94:9c:4f:c5:1f:79:82:64:41:8d:96:24:32:0f:d6:9f:
39:8f:c7:9e:90:4d:57:e8:ee:41:81:18:fe:94:52:c9:6c:37:
1c:de:b9:43:92:ac:4f:14:74:21:73:dd:d7:7f:16:3e:5a:7f:
65:9e:24:12:62:f2:1d:88:54:b2:79:54:3f:e6:9f:9c:8d:72:
0b:62:6d:c3:71:df:ce:43:8e:57:82:0d:5b:2d:a7:5d:de:3d:
6e:96:5e:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYslF3NTyPnG9/E2F1fYA68tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMDEyMTgxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2QzNTFjYTI3MmQyMTE1ZDE2NjFkYTE3Mzc4YWRmYmI1M2U2ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DVmaURk/TwUyI/wBlA8RtTTUS37
0VmwRdGQvVuQ5teC9X5ZVCileBiSFkJUWmxlPx0/55/SBW3f4tDbhqVCdRneK732
Ya6cHuS81uTI9y9CDqhjvaL02+kvhi796oRQ+GsDTA0sxTufyAw0cydRXpoLaQxW
swtLeqMmOHmFbWLEoZYyvklY+tzbYleDysGLXkiGGjfYcw1D2uvtHTl7EhtdfAch
/bqth2nBNtrFTGXSUJO7RijyoCzAsjNgcc5Uc7ObnJG1HP4MskOrYa5rolTaxlto
3S5ukFmTFXcFkAmPhwowV0LIoI93UDZsoV+J0MRkX2E/Ehz453JzAGPzrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGzTUconLSEV0WYdoXN4rfu1Pm27MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYk5OUnlpY3RJUlhSWmgyaGMzaXQtN1UtYmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKaVFRbqw2WqJyA7rgRs
TdiaSMBJy+7E5rzmdmDM3EnqGMlstSZaeqCDykWW2aJF8RXZwfLZnqdbaBwvt6lw
bdBlUn8RjJoOlwWh6mNkGyAn9vMsUxLbnOyMaco6pMsk1FSPI4SmS6/ekoQOba6O
BWUnVliWW3pSWOz2ajKFnkVRtuj3Hz2kvej3KmmRXBRGgyvTuQjOMTJGQXdVGBG9
CTU0jIs5lJxPxR95gmRBjZYkMg/WnzmPx56QTVfo7kGBGP6UUslsNxzeuUOSrE8U
dCFz3dd/Fj5af2WeJBJi8h2IVLJ5VD/mn5yNcgtibcNx385DjleCDVstp13ePW6W
XgQ=
-----END CERTIFICATE-----
Generated at Sat May 10 11:20:54 2025 by rpki-client