Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BQvPENYGV-Wq6lF38_2Kob-tmv0.roa
File: BQvPENYGV-Wq6lF38_2Kob-tmv0.roa (raw, json)
Hash identifier: /MwBitsLmijIsh4wkqcT+zCZu7/le5i/viOgOmc/eNE=
Subject key identifier: 05:0B:CF:10:D6:06:57:E5:AA:EA:51:77:F3:FD:8A:A1:BF:AD:9A:FD
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018C3781AEC7B7902088AEC38F43C9A499F8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BQvPENYGV-Wq6lF38_2Kob-tmv0.roa
Signing time: Tue 05 Dec 2023 01:04:54 +0000
ROA not before: Tue 05 Dec 2023 01:04:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18b:caf2:ca7a/128 maxlen: 128
2001:67c:64:ffff:0:18c:3781:4cff/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:37:81:ae:c7:b7:90:20:88:ae:c3:8f:43:c9:a4:99:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Dec 5 01:04:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=050bcf10d60657e5aaea5177f3fd8aa1bfad9afd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:37:05:13:ee:05:f6:a4:ad:93:ac:b2:8b:e6:
5a:30:ae:68:22:42:d5:3c:9c:ac:70:a8:3c:9b:53:
7b:6f:ca:c8:8e:4a:76:1a:84:e2:47:16:62:dc:ee:
52:57:92:c5:b4:0b:a9:13:21:d4:99:af:78:cf:f0:
d6:07:03:1b:17:c0:69:79:ec:a2:3d:32:08:43:01:
03:86:49:04:47:07:8e:6c:ec:13:ee:2b:1b:aa:82:
ac:28:e2:89:c7:d8:cb:16:d4:f1:c9:21:70:96:cc:
8d:e6:8b:37:56:6f:31:f0:d4:6f:6f:35:0c:aa:77:
bb:b8:e7:4f:2c:71:84:3c:3d:8c:62:de:a0:93:11:
6a:ce:e0:94:73:35:53:31:49:4b:78:b7:7c:7e:b4:
6d:b6:66:e0:a5:88:54:28:09:0f:14:a2:58:68:3d:
b7:ad:d9:c8:74:c2:58:82:92:4b:3c:56:2d:0f:75:
26:8a:a7:c5:98:42:ce:ae:54:91:16:bc:ac:4b:36:
93:94:42:ff:a4:72:b0:f6:c0:f1:40:87:a7:6f:4e:
d5:14:9a:99:74:c6:35:aa:7c:92:71:cb:2a:37:68:
01:60:16:d7:9e:46:50:06:da:2f:a2:99:16:ed:c1:
d3:c3:ba:74:f2:75:82:23:f2:11:9f:13:a7:d3:32:
83:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0B:CF:10:D6:06:57:E5:AA:EA:51:77:F3:FD:8A:A1:BF:AD:9A:FD
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BQvPENYGV-Wq6lF38_2Kob-tmv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
c9:6c:ac:86:79:9c:e9:ba:6d:4b:69:df:b2:96:ba:26:7a:88:
5f:4e:63:b3:e1:23:08:4a:59:2f:98:a5:b6:ce:08:2f:62:cf:
9c:a2:72:42:0d:69:6d:53:fb:ec:b7:38:91:13:a1:b4:5c:42:
1c:f3:0b:3a:17:20:61:22:f3:80:1f:0d:6e:a4:5e:da:19:4b:
63:fa:f7:49:c4:77:26:c9:42:28:41:3a:df:4a:28:4e:81:33:
e4:a5:26:3a:74:2f:80:75:d8:68:a2:d2:f2:01:19:b5:cd:62:
1f:bc:0f:10:17:22:b6:37:f8:d4:55:28:24:ac:b1:62:ba:5d:
49:3e:57:04:b3:93:0a:35:a4:c3:4c:ca:70:e3:a8:f3:72:2c:
3e:f9:d9:15:b0:47:05:16:f5:c1:47:a7:54:3a:db:30:6b:64:
90:da:1e:c9:e7:0b:a8:3c:b5:d7:26:90:cb:e1:6f:3d:21:85:
68:8e:af:46:31:67:fc:1e:57:45:11:82:3c:a2:d1:97:ea:f7:
2f:af:15:49:53:0c:ca:2a:3b:c7:28:da:08:47:20:e9:f6:34:
3b:7f:9f:8b:6a:25:48:7e:78:bc:43:ec:65:cf:83:5e:04:30:
c1:f4:5b:37:b4:5b:c7:6f:86:88:a8:f9:6b:f6:02:a7:8f:be:
c8:b9:f6:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYw3ga7Ht5AgiK7Dj0PJpJn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMjA1MDEwNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTBiY2YxMGQ2MDY1N2U1YWFlYTUxNzdmM2ZkOGFhMWJmYWQ5YWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozcFE+4F9qStk6yyi+ZaMK5oIkLV
PJyscKg8m1N7b8rIjkp2GoTiRxZi3O5SV5LFtAupEyHUma94z/DWBwMbF8Bpeeyi
PTIIQwEDhkkERweObOwT7isbqoKsKOKJx9jLFtTxySFwlsyN5os3Vm8x8NRvbzUM
qne7uOdPLHGEPD2MYt6gkxFqzuCUczVTMUlLeLd8frRttmbgpYhUKAkPFKJYaD23
rdnIdMJYgpJLPFYtD3UmiqfFmELOrlSRFrysSzaTlEL/pHKw9sDxQIenb07VFJqZ
dMY1qnySccsqN2gBYBbXnkZQBtovopkW7cHTw7p08nWCI/IRnxOn0zKDdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAULzxDWBlflqupRd/P9iqG/rZr9MB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQlF2UEVOWUdWLVdxNmxGMzhfMktvYi10bXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAMlsrIZ5nOm6bUtp37KW
uiZ6iF9OY7PhIwhKWS+YpbbOCC9iz5yickINaW1T++y3OJETobRcQhzzCzoXIGEi
84AfDW6kXtoZS2P690nEdybJQihBOt9KKE6BM+SlJjp0L4B12Gii0vIBGbXNYh+8
DxAXIrY3+NRVKCSssWK6XUk+VwSzkwo1pMNMynDjqPNyLD752RWwRwUW9cFHp1Q6
2zBrZJDaHsnnC6g8tdcmkMvhbz0hhWiOr0YxZ/weV0URgjyi0Zfq9y+vFUlTDMoq
O8co2ghHIOn2NDt/n4tqJUh+eLxD7GXPg14EMMH0Wze0W8dvhoio+Wv2AqePvsi5
9qo=
-----END CERTIFICATE-----
Generated at Fri Jun 20 04:01:00 2025 by rpki-client