Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/BDC-hfee9w0wLbiv4AKP4wEb-WA.roa
File: BDC-hfee9w0wLbiv4AKP4wEb-WA.roa (raw, json)
Hash identifier: avdjgy4rX60ZUblRW4UlpKh7EnHil0xgNHWZpK8ik3M=
Subject key identifier: 04:30:BE:85:F7:9E:F7:0D:30:2D:B8:AF:E0:02:8F:E3:01:1B:F9:60
Certificate issuer: /CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Certificate serial: 018EFB35C422DA11E73A4977B3968623EF1E
Authority key identifier: B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/BDC-hfee9w0wLbiv4AKP4wEb-WA.roa
Signing time: Sat 20 Apr 2024 11:13:08 +0000
ROA not before: Sat 20 Apr 2024 11:13:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fb:35:c4:22:da:11:e7:3a:49:77:b3:96:86:23:ef:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2bec41bd2f3b179de09514306530bd3fbac707b
Validity
Not Before: Apr 20 11:13:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0430be85f79ef70d302db8afe0028fe3011bf960
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5d:b7:00:4a:5c:94:79:4b:23:d9:77:40:32:
e1:fe:01:67:81:c3:e3:a4:21:f4:45:30:ae:7a:cb:
df:43:93:c5:64:75:eb:eb:9a:a0:5e:21:72:71:49:
7a:91:da:11:70:cd:79:44:88:29:ec:3d:15:08:28:
16:ed:3d:8b:5a:b5:c9:8f:65:34:43:e1:c3:61:92:
86:a1:1d:fa:3d:e1:32:61:91:27:55:ba:c1:1f:e4:
db:3b:d6:aa:0a:8b:4b:7d:6e:b2:56:a7:7e:1c:18:
22:b8:33:09:72:3a:a5:0c:83:de:22:8c:90:bf:b6:
fa:50:6e:5e:6f:0d:30:ff:2c:ab:77:f4:2d:f2:3b:
6d:d4:ae:f8:f1:03:d8:5a:2f:bd:04:87:ec:ba:4a:
e9:e0:27:e3:84:67:2c:a1:91:d9:7e:df:d5:ec:d5:
23:14:54:fd:18:df:e8:2d:f8:62:c7:06:9e:89:24:
4b:70:6e:67:cd:64:60:60:96:e5:d3:3b:5c:60:a2:
05:0d:7f:19:b6:1a:68:19:05:c4:9e:5c:5b:0d:2d:
fa:c8:3b:1f:22:3e:d9:06:bd:d4:a7:8f:22:5a:3b:
43:b1:38:22:71:d3:82:0c:17:f6:0a:3e:ec:5d:9f:
a3:93:b3:dc:b6:6a:02:d1:05:b0:b9:10:94:c3:71:
56:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:30:BE:85:F7:9E:F7:0D:30:2D:B8:AF:E0:02:8F:E3:01:1B:F9:60
X509v3 Authority Key Identifier:
keyid:B2:BE:C4:1B:D2:F3:B1:79:DE:09:51:43:06:53:0B:D3:FB:AC:70:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sr7EG9LzsXneCVFDBlML0_uscHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/BDC-hfee9w0wLbiv4AKP4wEb-WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d89025-d6f3-4891-9d86-d12f039db2c9/1/sr7EG9LzsXneCVFDBlML0_uscHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
Signature Algorithm: sha256WithRSAEncryption
50:8b:81:e2:9c:ac:cc:1e:33:f4:74:34:e5:54:8c:29:e4:8b:
20:cd:5e:92:40:e7:5c:66:4b:ab:84:56:23:fb:1e:a6:af:44:
0c:61:16:fb:c4:bb:52:ec:1d:8b:43:c5:0d:0e:7e:d3:57:9d:
cd:55:73:b2:5f:c4:7a:3f:68:fe:60:0a:cc:60:a0:4e:63:54:
7e:f3:26:72:c1:cc:fa:86:11:1f:69:bc:67:ea:e7:56:7d:7e:
22:43:56:9f:c7:7d:3c:44:dd:e7:fa:76:28:4f:14:de:ef:bf:
9d:35:02:40:d0:64:92:b0:f8:43:71:0a:aa:96:99:ae:0f:3f:
d0:59:72:6b:71:98:c2:33:70:af:e2:12:8c:7f:59:80:bc:6f:
b6:90:09:39:63:a2:7d:72:8f:6f:49:58:2e:50:fe:41:a5:b8:
15:22:ff:69:2c:4e:4e:f9:d6:ad:60:b2:d0:24:61:a4:c1:7f:
d7:23:78:79:b8:20:05:28:69:18:6d:67:af:14:dc:ed:0d:15:
9d:73:06:c9:6a:99:f0:35:3e:a5:cf:c3:34:81:e2:34:60:2b:
a0:0f:71:b7:46:80:2d:32:de:38:5d:d1:ed:9d:e5:0a:08:6c:
b5:39:55:fd:76:a0:97:2f:b4:20:a5:67:a0:d2:bf:bb:69:86:
31:4d:8d:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY77NcQi2hHnOkl3s5aGI+8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYmVjNDFiZDJmM2IxNzlkZTA5NTE0MzA2NTMwYmQzZmJh
YzcwN2IwHhcNMjQwNDIwMTExMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDMwYmU4NWY3OWVmNzBkMzAyZGI4YWZlMDAyOGZlMzAxMWJmOTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl23AEpclHlLI9l3QDLh/gFngcPj
pCH0RTCuesvfQ5PFZHXr65qgXiFycUl6kdoRcM15RIgp7D0VCCgW7T2LWrXJj2U0
Q+HDYZKGoR36PeEyYZEnVbrBH+TbO9aqCotLfW6yVqd+HBgiuDMJcjqlDIPeIoyQ
v7b6UG5ebw0w/yyrd/Qt8jtt1K748QPYWi+9BIfsukrp4CfjhGcsoZHZft/V7NUj
FFT9GN/oLfhixwaeiSRLcG5nzWRgYJbl0ztcYKIFDX8ZthpoGQXEnlxbDS36yDsf
Ij7ZBr3Up48iWjtDsTgicdOCDBf2Cj7sXZ+jk7PctmoC0QWwuRCUw3FWVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAQwvoX3nvcNMC24r+ACj+MBG/lgMB8GA1UdIwQY
MBaAFLK+xBvS87F53glRQwZTC9P7rHB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYt
ZDEyZjAzOWRiMmM5LzEvQkRDLWhmZWU5dzB3TGJpdjRBS1A0d0ViLVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kODkwMjUtZDZmMy00ODkxLTlkODYtZDEyZjAzOWRiMmM5
LzEvc3I3RUc5THpzWG5lQ1ZGREJsTUwwX3VzY0hzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwQAYMA0G
CSqGSIb3DQEBCwUAA4IBAQBQi4HinKzMHjP0dDTlVIwp5IsgzV6SQOdcZkurhFYj
+x6mr0QMYRb7xLtS7B2LQ8UNDn7TV53NVXOyX8R6P2j+YArMYKBOY1R+8yZywcz6
hhEfabxn6udWfX4iQ1afx308RN3n+nYoTxTe77+dNQJA0GSSsPhDcQqqlpmuDz/Q
WXJrcZjCM3Cv4hKMf1mAvG+2kAk5Y6J9co9vSVguUP5BpbgVIv9pLE5O+datYLLQ
JGGkwX/XI3h5uCAFKGkYbWevFNztDRWdcwbJapnwNT6lz8M0geI0YCugD3G3RoAt
Mt44XdHtneUKCGy1OVX9dqCXL7QgpWeg0r+7aYYxTY13
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:04 2024 by rpki-client on console-fra.rpki-client.org