Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bm49xO1RQKKHzWHZppVjQlb1ypE.roa
File: bm49xO1RQKKHzWHZppVjQlb1ypE.roa (raw, json)
Hash identifier: uSK2oZ9Pvew+F0jWos5mnCgQiYiGvM5MdTOK81Ix8zI=
Subject key identifier: 6E:6E:3D:C4:ED:51:40:A2:87:CD:61:D9:A6:95:63:42:56:F5:CA:91
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C71A8545EF1D7065136AA692D1DE577D6
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bm49xO1RQKKHzWHZppVjQlb1ypE.roa
Signing time: Sat 16 Dec 2023 08:05:06 +0000
ROA not before: Sat 16 Dec 2023 08:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:71a7:8b4c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:71:a8:54:5e:f1:d7:06:51:36:aa:69:2d:1d:e5:77:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 16 08:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e6e3dc4ed5140a287cd61d9a695634256f5ca91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:65:9f:60:03:3d:50:23:dc:53:e9:f3:63:7b:
f2:ad:4a:8d:4f:b5:21:e0:c1:14:8e:ec:95:4c:8e:
79:2f:25:b8:13:c6:30:90:dc:fe:56:00:59:0d:4e:
3f:76:62:76:61:b8:35:68:2e:60:52:c7:36:bf:82:
06:bb:32:83:27:89:49:38:d2:97:63:dc:fd:8f:73:
85:1c:9b:62:85:1c:2a:82:8c:94:f1:8e:40:cf:9e:
75:16:49:f4:79:a8:d8:f3:70:7d:63:03:eb:54:21:
25:cf:83:21:e7:12:3f:6d:b3:20:1e:56:b8:74:1d:
9b:ef:d3:21:15:57:92:7d:dc:ac:10:b8:27:5c:c2:
3f:cb:4a:b0:0e:24:f8:f8:65:08:9b:04:61:55:a0:
4f:de:c4:14:23:5d:6a:94:59:66:8c:04:b3:c0:f9:
93:c4:5b:ff:d0:69:b7:74:69:d0:25:35:4d:4a:f2:
2d:dd:2b:3e:61:de:e0:93:b8:2c:d1:00:ee:cf:9e:
13:9a:2e:df:fc:4d:73:d8:66:a8:9c:0b:00:a1:aa:
85:8e:e4:94:15:39:d9:e4:cf:7d:88:82:18:53:84:
4b:26:e3:01:1a:79:22:c7:1d:12:56:77:7a:37:a5:
61:a0:5c:70:ef:75:50:5d:04:db:5d:14:56:1b:02:
4c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6E:3D:C4:ED:51:40:A2:87:CD:61:D9:A6:95:63:42:56:F5:CA:91
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/bm49xO1RQKKHzWHZppVjQlb1ypE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:2a:72:0b:f8:9e:9c:c4:6a:f6:bf:80:1c:b6:84:f8:1d:95:
91:e0:1f:76:ef:3c:92:61:2a:66:9b:56:48:c6:b0:fc:c1:7a:
03:14:c6:fb:2f:84:80:1a:10:9f:3b:36:10:75:fb:50:eb:79:
6f:91:01:71:2f:c9:1c:d7:d5:d4:df:bd:49:d5:8e:74:ad:d2:
6f:7a:3e:eb:bf:51:85:52:3f:6f:74:90:04:75:3c:e7:50:67:
c5:40:c0:cd:2d:d5:d2:e6:35:3c:ea:eb:e7:77:de:c6:3a:2f:
1b:98:d4:ad:53:81:e0:65:d4:e6:37:b0:fe:f2:7c:25:ee:70:
3d:56:f5:b0:ac:a9:4f:f2:06:aa:2b:e3:49:4a:06:10:26:dd:
92:8e:de:d9:89:c1:a0:d2:28:1e:12:26:dd:97:fc:aa:05:18:
f4:9f:b7:7b:10:07:31:cc:72:d1:3d:85:95:32:ae:b0:5b:ab:
08:e1:d6:73:e4:26:6a:37:06:74:3c:ca:59:dc:9a:0c:75:d2:
3a:b9:d9:90:32:a0:d0:24:25:ef:eb:27:70:5e:b7:1b:86:2b:
9a:c1:63:7e:38:db:35:c2:2a:26:a7:c0:10:a7:d9:86:fd:63:
ce:c6:5a:24:c3:f6:92:01:59:cb:06:12:80:04:f8:44:cb:03:
6f:d4:57:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYxxqFRe8dcGUTaqaS0d5XfWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjE2MDgwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZlM2RjNGVkNTE0MGEyODdjZDYxZDlhNjk1NjM0MjU2ZjVjYTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGWfYAM9UCPcU+nzY3vyrUqNT7Uh
4MEUjuyVTI55LyW4E8YwkNz+VgBZDU4/dmJ2Ybg1aC5gUsc2v4IGuzKDJ4lJONKX
Y9z9j3OFHJtihRwqgoyU8Y5Az551Fkn0eajY83B9YwPrVCElz4Mh5xI/bbMgHla4
dB2b79MhFVeSfdysELgnXMI/y0qwDiT4+GUImwRhVaBP3sQUI11qlFlmjASzwPmT
xFv/0Gm3dGnQJTVNSvIt3Ss+Yd7gk7gs0QDuz54Tmi7f/E1z2GaonAsAoaqFjuSU
FTnZ5M99iIIYU4RLJuMBGnkixx0SVnd6N6VhoFxw73VQXQTbXRRWGwJM0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG5uPcTtUUCih81h2aaVY0JW9cqRMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvYm00OXhPMVJRS0tIeldIWnBwVmpRbGIxeXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACYqcgv4npzEava/gBy2
hPgdlZHgH3bvPJJhKmabVkjGsPzBegMUxvsvhIAaEJ87NhB1+1DreW+RAXEvyRzX
1dTfvUnVjnSt0m96Puu/UYVSP290kAR1POdQZ8VAwM0t1dLmNTzq6+d33sY6LxuY
1K1TgeBl1OY3sP7yfCXucD1W9bCsqU/yBqor40lKBhAm3ZKO3tmJwaDSKB4SJt2X
/KoFGPSft3sQBzHMctE9hZUyrrBbqwjh1nPkJmo3BnQ8ylncmgx10jq52ZAyoNAk
Je/rJ3BetxuGK5rBY3442zXCKianwBCn2Yb9Y87GWiTD9pIBWcsGEoAE+ETLA2/U
Vxs=
-----END CERTIFICATE-----
Generated at Wed May 14 11:13:26 2025 by rpki-client