Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bfyRYm2RyF6L7C0kQZkM89VKVEw.roa
File: bfyRYm2RyF6L7C0kQZkM89VKVEw.roa (raw, json)
Hash identifier: ZwRMbiracLfvoLjaTrIkdXQWlI+SEl/7vLP0eRbfLsc=
Subject key identifier: 6D:FC:91:62:6D:91:C8:5E:8B:EC:2D:24:41:99:0C:F3:D5:4A:54:4C
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3BD406065944298758398405C1C0FBAF
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bfyRYm2RyF6L7C0kQZkM89VKVEw.roa
Signing time: Tue 05 Dec 2023 21:13:19 +0000
ROA not before: Tue 05 Dec 2023 21:13:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:d4:06:06:59:44:29:87:58:39:84:05:c1:c0:fb:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 21:13:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dfc91626d91c85e8bec2d2441990cf3d54a544c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:59:76:e3:fc:b2:1f:d1:c7:74:09:41:72:1a:
d7:10:39:a5:bb:76:f1:f2:b3:b2:23:c0:e1:d9:7c:
ac:3e:43:50:32:82:22:9e:3f:09:b8:79:33:a1:77:
0a:1f:65:01:58:ea:a9:ac:29:42:ca:5b:98:6a:94:
fb:2c:f3:e1:36:67:f6:f6:ef:3b:22:3e:e3:52:75:
a1:ce:e5:c6:23:75:59:27:e2:19:9a:39:6d:d3:12:
07:af:9b:0f:a9:7e:34:43:1f:5a:98:37:01:c6:99:
fa:18:99:c3:3e:97:45:58:17:05:0d:bc:c8:45:58:
46:10:59:ee:2a:2c:c7:34:37:82:42:68:93:67:f7:
e3:87:f4:a2:e8:92:e3:04:5b:c4:33:43:30:d8:c7:
a7:aa:f0:b0:8a:64:92:06:47:0a:5a:b8:a5:58:5b:
3d:6e:1e:a8:9b:f8:3f:fe:6b:57:f8:65:40:f8:a6:
5f:d2:97:9c:ae:30:22:d9:0d:a6:9f:76:f1:62:a2:
8f:73:f5:0b:ca:d8:6f:f4:a9:36:11:3b:55:c3:81:
4f:af:3c:f5:36:47:0d:e8:40:b9:47:ef:1e:9d:d2:
57:2b:51:46:80:0c:b6:05:be:a1:90:53:0e:c4:8f:
b7:39:87:43:48:9c:ba:68:cc:17:a2:8c:b9:01:dd:
5c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:FC:91:62:6D:91:C8:5E:8B:EC:2D:24:41:99:0C:F3:D5:4A:54:4C
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bfyRYm2RyF6L7C0kQZkM89VKVEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
19:a6:c1:44:99:5f:a0:56:fa:eb:ee:d8:7e:d0:23:0c:dc:d1:
a4:d8:6b:76:d9:71:4f:29:a9:19:98:10:4c:dd:6b:28:f6:ec:
b6:e2:bc:84:8a:e2:8c:a1:d3:95:20:5b:8d:ed:06:63:18:33:
9e:d3:f5:a0:ae:7d:62:ca:67:81:6f:bf:a0:14:4e:df:15:7b:
2d:77:64:b3:02:e9:4d:f0:0b:9a:e2:ee:d8:ce:b1:37:11:fd:
46:2a:78:ad:e2:3c:b9:c5:8e:0c:be:f0:9e:c4:07:0e:88:41:
e3:bf:56:b6:65:be:f8:6a:d4:8f:30:66:09:26:a5:37:07:9b:
db:4d:79:14:ac:d8:3d:84:46:16:5f:e8:41:c1:18:9e:15:b2:
c0:6b:02:02:76:f2:eb:96:73:b5:7c:94:70:c9:95:22:23:b1:
5f:62:79:71:4c:e1:74:2d:f9:59:21:47:84:48:93:60:c4:55:
22:e2:84:b6:18:b5:a5:22:24:9c:5f:6e:e2:15:4f:f0:c2:4e:
3a:e8:8e:b4:13:97:dc:4a:74:f2:b2:b3:e2:a1:76:c7:71:a5:
12:0e:85:36:b0:15:e4:1a:59:c9:6c:c0:1d:07:d2:1a:01:66:
35:8a:51:69:d5:48:31:e3:12:95:c2:4a:21:04:03:65:4c:21:
7a:9c:34:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw71AYGWUQph1g5hAXBwPuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MjExMzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGZjOTE2MjZkOTFjODVlOGJlYzJkMjQ0MTk5MGNmM2Q1NGE1NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1l24/yyH9HHdAlBchrXEDmlu3bx
8rOyI8Dh2XysPkNQMoIinj8JuHkzoXcKH2UBWOqprClCyluYapT7LPPhNmf29u87
Ij7jUnWhzuXGI3VZJ+IZmjlt0xIHr5sPqX40Qx9amDcBxpn6GJnDPpdFWBcFDbzI
RVhGEFnuKizHNDeCQmiTZ/fjh/Si6JLjBFvEM0Mw2MenqvCwimSSBkcKWrilWFs9
bh6om/g//mtX+GVA+KZf0pecrjAi2Q2mn3bxYqKPc/ULythv9Kk2ETtVw4FPrzz1
NkcN6EC5R+8endJXK1FGgAy2Bb6hkFMOxI+3OYdDSJy6aMwXooy5Ad1cGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG38kWJtkchei+wtJEGZDPPVSlRMMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYmZ5UlltMlJ5RjZMN0Mwa1Faa004OVZLVkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABmmwUSZX6BW+uvu2H7Q
Iwzc0aTYa3bZcU8pqRmYEEzdayj27LbivISK4oyh05UgW43tBmMYM57T9aCufWLK
Z4Fvv6AUTt8Vey13ZLMC6U3wC5ri7tjOsTcR/UYqeK3iPLnFjgy+8J7EBw6IQeO/
VrZlvvhq1I8wZgkmpTcHm9tNeRSs2D2ERhZf6EHBGJ4VssBrAgJ28uuWc7V8lHDJ
lSIjsV9ieXFM4XQt+VkhR4RIk2DEVSLihLYYtaUiJJxfbuIVT/DCTjrojrQTl9xK
dPKys+KhdsdxpRIOhTawFeQaWclswB0H0hoBZjWKUWnVSDHjEpXCSiEEA2VMIXqc
NJg=
-----END CERTIFICATE-----
Generated at Wed May 14 11:27:21 2025 by rpki-client