Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bshsioI3O2M51zfyECW1UpDeI.roa
File: 1-bshsioI3O2M51zfyECW1UpDeI.roa (raw, json)
Hash identifier: MKzXeZKHAB7EdjsSa+w31cHL6dYONJ2kHXtq6g91rZA=
Subject key identifier: D7:E6:EC:86:C8:A8:23:73:B6:33:9D:73:7F:21:02:5B:55:29:0D:E2
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018B984FE20301A6B91501E74809A7B9321D
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bshsioI3O2M51zfyECW1UpDeI.roa
Signing time: Sat 04 Nov 2023 03:10:53 +0000
ROA not before: Sat 04 Nov 2023 03:10:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:9849:dbd6/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:98:4f:e2:03:01:a6:b9:15:01:e7:48:09:a7:b9:32:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 4 03:10:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7e6ec86c8a82373b6339d737f21025b55290de2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:16:56:02:16:9c:18:fe:c0:0f:06:92:55:2e:
77:9a:99:f1:52:a8:6f:39:d1:f2:a5:c1:97:71:bd:
f9:ac:f6:58:47:33:8a:b1:53:29:41:55:4e:3d:30:
e7:2f:a0:3e:62:f6:60:3e:ae:0f:f3:81:26:7e:4a:
c9:28:b2:45:1b:69:20:3f:c1:24:20:05:d9:d1:9f:
1e:c5:1d:02:dc:42:59:17:08:3b:3a:63:31:06:40:
3b:01:7a:f4:53:1c:0b:e7:4c:8d:e6:8b:a5:91:df:
be:70:45:92:31:aa:a5:e2:9a:3f:e5:b8:44:02:ce:
f7:97:d5:2c:84:c1:00:fe:01:43:48:ce:49:88:45:
12:33:d7:e7:dd:5d:15:4f:c8:8e:6d:4f:ab:8c:c8:
6e:bc:0a:88:0d:85:e2:11:8f:de:20:a5:78:15:67:
a0:8b:33:14:35:1f:75:24:f7:d1:ee:12:eb:3a:1b:
85:8a:ce:32:a4:d4:fa:30:d5:63:02:77:8d:c8:80:
dc:df:d1:f3:5e:d5:55:67:ff:c7:05:58:89:d5:36:
79:95:11:b0:9e:e2:b6:79:ea:bd:f4:b1:3a:5a:d1:
3f:2f:3e:2d:ba:41:88:e4:a2:62:61:76:44:28:c3:
6c:6e:be:4b:e3:3e:58:65:a6:73:95:13:56:38:51:
dd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:E6:EC:86:C8:A8:23:73:B6:33:9D:73:7F:21:02:5B:55:29:0D:E2
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/1-bshsioI3O2M51zfyECW1UpDeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
84:e3:b8:d6:af:2e:a3:c2:74:ae:2a:20:26:6d:24:85:5a:02:
46:37:a7:76:5a:a7:18:f6:e5:4e:01:de:4f:d5:a3:58:60:39:
01:b3:86:5c:a4:da:d5:04:45:ee:c8:b6:41:26:12:0f:0d:9c:
69:d5:96:29:82:c9:d3:0a:d8:64:eb:b9:c2:05:d1:93:a2:94:
4d:9c:a1:55:a7:bf:a5:24:44:2f:ff:9b:21:aa:01:db:d1:8b:
53:99:39:ff:4e:88:2a:d8:0c:72:8b:56:bb:99:7a:07:f0:c6:
37:95:01:39:df:43:25:3a:31:2a:29:72:71:88:33:70:e8:5d:
9a:b9:44:1b:33:72:fb:e8:df:78:f7:ad:61:f8:2d:cb:c7:8b:
f0:52:31:7a:2e:5e:c6:1a:19:be:8a:62:cc:d3:58:e4:fd:29:
82:af:4d:a3:30:62:30:74:89:6e:ef:a3:26:3e:88:a2:13:65:
28:13:71:5c:c0:ca:6e:55:66:1a:93:f5:be:74:05:14:de:32:
41:77:27:f8:c8:20:26:6d:7d:7d:db:3b:da:c6:a5:8c:54:4e:
5d:fb:b9:e5:3a:1b:a9:f5:4d:47:25:bc:55:49:07:eb:f1:bf:
27:7f:88:8d:c8:f7:f6:2d:6a:f5:68:7c:ea:a4:b5:30:4b:30:
fc:2f:37:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYuYT+IDAaa5FQHnSAmnuTIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTA0MDMxMDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2U2ZWM4NmM4YTgyMzczYjYzMzlkNzM3ZjIxMDI1YjU1MjkwZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxZWAhacGP7ADwaSVS53mpnxUqhv
OdHypcGXcb35rPZYRzOKsVMpQVVOPTDnL6A+YvZgPq4P84EmfkrJKLJFG2kgP8Ek
IAXZ0Z8exR0C3EJZFwg7OmMxBkA7AXr0UxwL50yN5oulkd++cEWSMaql4po/5bhE
As73l9UshMEA/gFDSM5JiEUSM9fn3V0VT8iObU+rjMhuvAqIDYXiEY/eIKV4FWeg
izMUNR91JPfR7hLrOhuFis4ypNT6MNVjAneNyIDc39HzXtVVZ//HBViJ1TZ5lRGw
nuK2eeq99LE6WtE/Lz4tukGI5KJiYXZEKMNsbr5L4z5YZaZzlRNWOFHd8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNfm7IbIqCNztjOdc38hAltVKQ3iMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvMS1ic2hzaW9JM08yTTUxemZ5RUNXMVVwRGVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAITjuNavLqPCdK4qICZt
JIVaAkY3p3Zapxj25U4B3k/Vo1hgOQGzhlyk2tUERe7ItkEmEg8NnGnVlimCydMK
2GTrucIF0ZOilE2coVWnv6UkRC//myGqAdvRi1OZOf9OiCrYDHKLVruZegfwxjeV
ATnfQyU6MSopcnGIM3DoXZq5RBszcvvo33j3rWH4LcvHi/BSMXouXsYaGb6KYszT
WOT9KYKvTaMwYjB0iW7voyY+iKITZSgTcVzAym5VZhqT9b50BRTeMkF3J/jIICZt
fX3bO9rGpYxUTl37ueU6G6n1TUclvFVJB+vxvyd/iI3I9/YtavVofOqktTBLMPwv
N7A=
-----END CERTIFICATE-----
Generated at Fri Jun 20 16:25:56 2025 by rpki-client