Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BI5X6mLSRd6UQRHGCqkqTUADFps.roa
File: BI5X6mLSRd6UQRHGCqkqTUADFps.roa (raw, json)
Hash identifier: eYilFFdqdmF9RCKr2Dd8sNDty2Osf1I6E534I9WYGPo=
Subject key identifier: 04:8E:57:EA:62:D2:45:DE:94:41:11:C6:0A:A9:2A:4D:40:03:16:9B
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018ACC44189F1798C107CD022726958BF444
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BI5X6mLSRd6UQRHGCqkqTUADFps.roa
Signing time: Mon 25 Sep 2023 12:15:29 +0000
ROA not before: Mon 25 Sep 2023 12:15:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:44:18:9f:17:98:c1:07:cd:02:27:26:95:8b:f4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Sep 25 12:15:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=048e57ea62d245de944111c60aa92a4d4003169b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b8:e7:32:a2:81:e5:3e:05:61:4c:87:8c:cd:
51:5b:eb:87:4b:11:c5:70:15:95:a2:07:1f:e9:72:
95:5f:1c:1b:fe:15:35:07:a7:20:1d:7f:3b:a9:30:
7f:ac:f2:4b:ea:e0:3c:9c:10:23:06:30:8b:74:46:
3b:35:b6:c6:eb:51:b9:7c:1e:b9:38:c4:9c:ce:20:
95:37:89:d0:62:c3:4e:82:5a:23:24:c1:1a:f2:fd:
15:b2:15:1f:1a:be:00:af:26:b5:4e:d0:45:69:43:
eb:0c:49:44:1b:2f:36:7f:6a:d9:b7:6b:7a:07:4a:
26:93:8f:0c:2d:80:f4:97:c3:a8:48:82:e7:cf:16:
30:ef:6d:fc:e3:63:42:f0:39:d5:39:9a:e9:c7:98:
18:ca:d7:75:3e:bb:9c:fa:57:11:09:c2:33:b9:a7:
c1:32:2e:f0:78:34:4b:ea:84:55:84:c4:d1:47:b7:
84:10:89:66:8d:57:e4:90:64:e0:6c:9c:f2:42:e3:
e3:40:c0:86:92:41:6f:0b:f4:66:da:f6:12:16:b9:
9d:b1:1f:d2:1a:92:df:f8:39:0b:83:94:a4:f7:36:
dc:67:9e:44:9c:9a:d3:c3:26:68:c2:e1:72:17:a1:
48:d8:60:9e:5a:fd:e8:d8:c3:21:1d:bc:18:80:58:
8e:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8E:57:EA:62:D2:45:DE:94:41:11:C6:0A:A9:2A:4D:40:03:16:9B
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BI5X6mLSRd6UQRHGCqkqTUADFps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:24:a6:9b:48:3b:d2:7c:eb:45:3a:de:7b:a1:af:ef:50:e5:
34:c4:b9:2b:cb:49:a3:65:1f:e7:66:d7:21:76:33:24:a3:d7:
19:a0:d3:67:68:fe:d5:14:10:1e:44:81:34:66:33:b3:c2:89:
4f:75:b0:8f:2b:aa:ba:71:82:97:77:de:f3:a7:47:f7:25:38:
35:5e:53:9a:3b:e4:88:07:a3:94:e5:0f:ae:88:79:1e:9a:4d:
b5:d9:94:28:68:24:37:d2:94:05:86:40:86:d4:0b:1e:0c:f2:
8e:06:ec:b0:d9:3a:11:fb:f8:a7:40:9a:fd:8e:f8:5b:09:36:
af:ea:91:5d:20:ab:37:63:a2:90:41:80:d6:87:fe:8b:21:c9:
fd:26:8e:f0:65:35:39:60:33:e2:35:7f:fd:ad:53:8f:cf:22:
8a:74:08:8d:d3:1e:d3:c8:4e:09:d3:b8:82:7f:61:ff:d6:34:
e9:df:9b:88:cb:4e:cd:56:33:45:7f:fa:0c:bc:75:38:3a:36:
19:bf:fd:6e:c4:75:a2:cb:60:b2:77:29:32:ff:89:21:bd:6c:
51:90:ff:19:45:ec:7b:b9:c8:95:85:5f:a1:9c:53:30:f5:2b:
52:22:f9:02:2a:5a:5c:61:a5:11:7e:a4:09:58:af:89:09:ae:
fa:8a:81:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYrMRBifF5jBB80CJyaVi/REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMwOTI1MTIxNTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDhlNTdlYTYyZDI0NWRlOTQ0MTExYzYwYWE5MmE0ZDQwMDMxNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprjnMqKB5T4FYUyHjM1RW+uHSxHF
cBWVogcf6XKVXxwb/hU1B6cgHX87qTB/rPJL6uA8nBAjBjCLdEY7NbbG61G5fB65
OMScziCVN4nQYsNOglojJMEa8v0VshUfGr4Arya1TtBFaUPrDElEGy82f2rZt2t6
B0omk48MLYD0l8OoSILnzxYw723842NC8DnVOZrpx5gYytd1Pruc+lcRCcIzuafB
Mi7weDRL6oRVhMTRR7eEEIlmjVfkkGTgbJzyQuPjQMCGkkFvC/Rm2vYSFrmdsR/S
GpLf+DkLg5Sk9zbcZ55EnJrTwyZowuFyF6FI2GCeWv3o2MMhHbwYgFiOGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFASOV+pi0kXelEERxgqpKk1AAxabMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQkk1WDZtTFNSZDZVUVJIR0Nxa3FUVUFERnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGUkpptIO9J860U63nuh
r+9Q5TTEuSvLSaNlH+dm1yF2MySj1xmg02do/tUUEB5EgTRmM7PCiU91sI8rqrpx
gpd33vOnR/clODVeU5o75IgHo5TlD66IeR6aTbXZlChoJDfSlAWGQIbUCx4M8o4G
7LDZOhH7+KdAmv2O+FsJNq/qkV0gqzdjopBBgNaH/oshyf0mjvBlNTlgM+I1f/2t
U4/PIop0CI3THtPITgnTuIJ/Yf/WNOnfm4jLTs1WM0V/+gy8dTg6Nhm//W7EdaLL
YLJ3KTL/iSG9bFGQ/xlF7Hu5yJWFX6GcUzD1K1Ii+QIqWlxhpRF+pAlYr4kJrvqK
gXs=
-----END CERTIFICATE-----
Generated at Tue Jun 17 12:53:07 2025 by rpki-client