Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BuOlIHPEjv60B0gedHqlMlTaWgU.roa
File: BuOlIHPEjv60B0gedHqlMlTaWgU.roa (raw, json)
Hash identifier: ITiHNLP0mciFvVjPnCUWYAUo2Nr1m612/CzHK6RDXiQ=
Subject key identifier: 06:E3:A5:20:73:C4:8E:FE:B4:07:48:1E:74:7A:A5:32:54:DA:5A:05
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC717F1C710C32DE8EF9A034B21AD94D8
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BuOlIHPEjv60B0gedHqlMlTaWgU.roa
Signing time: Mon 13 Nov 2023 05:11:57 +0000
ROA not before: Mon 13 Nov 2023 05:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c7:17:f1:c7:10:c3:2d:e8:ef:9a:03:4b:21:ad:94:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 05:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06e3a52073c48efeb407481e747aa53254da5a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:47:4b:92:a2:9e:d9:19:91:b7:39:9d:90:56:
ce:1d:27:52:b8:df:40:e2:93:d3:d2:71:fd:4a:2f:
15:91:2b:19:04:3f:28:39:42:f0:1b:d8:78:11:3d:
f2:de:82:a6:5c:23:27:dc:5b:25:02:e5:91:14:e1:
76:a8:e0:3c:f7:9a:c5:43:31:4b:27:fb:45:b0:8d:
10:2d:e7:ae:fe:b4:47:39:67:44:b5:5f:a9:2b:0b:
4c:f1:99:64:b6:e9:14:fa:0b:a7:3a:8e:92:61:6e:
43:08:4b:95:bf:9f:bd:4e:f4:8b:a3:78:fc:92:d5:
27:ef:22:38:91:70:03:0e:a2:84:97:47:a4:b1:6a:
5a:ff:11:2e:3e:fa:ce:b1:d9:2f:7d:0f:de:0f:4f:
19:2d:f0:71:41:f1:5a:ae:cf:89:86:4f:83:fa:df:
7e:42:71:6c:78:de:23:f6:b7:9f:fa:dc:7d:ec:f4:
2a:58:cb:e8:e0:e9:44:9d:32:cf:f6:21:bf:db:67:
44:55:4c:c5:5f:09:65:81:04:3e:bd:f1:99:f3:61:
37:a4:03:78:55:ad:29:a4:6b:0b:a8:25:1c:c2:d5:
28:38:08:ac:c7:f3:12:16:2d:0c:db:fd:a9:d7:1d:
fd:bf:f6:34:d4:93:4c:a4:a8:09:3c:c3:d9:8c:09:
4a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E3:A5:20:73:C4:8E:FE:B4:07:48:1E:74:7A:A5:32:54:DA:5A:05
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/BuOlIHPEjv60B0gedHqlMlTaWgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:15:a9:0c:a1:67:20:7c:ef:5b:db:50:a1:d5:6b:0d:30:4c:
8f:a8:54:76:6b:73:04:ab:e3:08:ba:34:12:ca:95:2b:99:be:
4c:ff:24:05:b3:a8:87:f4:18:df:c6:23:cf:1e:b4:ad:b0:5d:
70:0e:55:f6:57:3e:10:12:8b:41:1a:1e:c0:c7:30:76:61:3d:
b4:75:2b:27:ac:2a:05:86:a3:4f:14:f4:79:d2:3f:55:b7:a4:
07:46:dd:94:ec:f4:1e:90:38:c7:21:a8:58:99:33:3d:bd:91:
ac:23:41:59:95:c8:4a:b4:24:29:7f:63:1d:ac:89:35:92:2c:
a7:5c:7d:f4:13:41:20:6d:ab:bf:45:ba:a1:30:a1:25:21:50:
09:80:ac:9d:e2:42:0c:a2:5d:2a:be:df:4d:96:11:95:33:95:
26:f6:3b:87:a1:80:02:aa:90:d3:ee:16:13:fc:c2:e0:b5:40:
b8:b6:3c:e7:49:d3:9b:31:ea:9c:89:74:db:8a:27:b3:c9:ce:
3b:69:c1:65:97:a2:e1:7b:ea:e5:0b:1b:91:ba:cf:15:fc:ad:
c9:09:fb:a3:6f:b8:21:dd:44:9c:4e:20:96:7f:8b:3d:4a:ec:
d8:b5:95:d0:6a:6f:b7:cd:6f:53:be:94:d9:82:13:9a:9d:39:
93:17:e2:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvHF/HHEMMt6O+aA0shrZTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMDUxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmUzYTUyMDczYzQ4ZWZlYjQwNzQ4MWU3NDdhYTUzMjU0ZGE1YTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEdLkqKe2RmRtzmdkFbOHSdSuN9A
4pPT0nH9Si8VkSsZBD8oOULwG9h4ET3y3oKmXCMn3FslAuWRFOF2qOA895rFQzFL
J/tFsI0QLeeu/rRHOWdEtV+pKwtM8ZlktukU+gunOo6SYW5DCEuVv5+9TvSLo3j8
ktUn7yI4kXADDqKEl0eksWpa/xEuPvrOsdkvfQ/eD08ZLfBxQfFars+Jhk+D+t9+
QnFseN4j9ref+tx97PQqWMvo4OlEnTLP9iG/22dEVUzFXwllgQQ+vfGZ82E3pAN4
Va0ppGsLqCUcwtUoOAisx/MSFi0M2/2p1x39v/Y01JNMpKgJPMPZjAlKnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAbjpSBzxI7+tAdIHnR6pTJU2loFMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvQnVPbElIUEVqdjYwQjBnZWRIcWxNbFRhV2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHEVqQyhZyB871vbUKHV
aw0wTI+oVHZrcwSr4wi6NBLKlSuZvkz/JAWzqIf0GN/GI88etK2wXXAOVfZXPhAS
i0EaHsDHMHZhPbR1KyesKgWGo08U9HnSP1W3pAdG3ZTs9B6QOMchqFiZMz29kawj
QVmVyEq0JCl/Yx2siTWSLKdcffQTQSBtq79FuqEwoSUhUAmArJ3iQgyiXSq+302W
EZUzlSb2O4ehgAKqkNPuFhP8wuC1QLi2POdJ05sx6pyJdNuKJ7PJzjtpwWWXouF7
6uULG5G6zxX8rckJ+6NvuCHdRJxOIJZ/iz1K7Ni1ldBqb7fNb1O+lNmCE5qdOZMX
4nI=
-----END CERTIFICATE-----
Generated at Wed Jun 18 19:54:44 2025 by rpki-client