Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0tZ4SewuLN0D2P1mPHYt44h_BLY.roa
File: 0tZ4SewuLN0D2P1mPHYt44h_BLY.roa (raw, json)
Hash identifier: tpZ5Tz7QdyTUHjh6ZgH2sYYcYGrD22QizaEOzjkCDIM=
Subject key identifier: D2:D6:78:49:EC:2E:2C:DD:03:D8:FD:66:3C:76:2D:E3:88:7F:04:B6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D279D87190782516B79CE14B9B17F0317
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0tZ4SewuLN0D2P1mPHYt44h_BLY.roa
Signing time: Sat 20 Jan 2024 16:04:11 +0000
ROA not before: Sat 20 Jan 2024 16:04:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:279d:77a9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:27:9d:87:19:07:82:51:6b:79:ce:14:b9:b1:7f:03:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 16:04:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2d67849ec2e2cdd03d8fd663c762de3887f04b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4c:84:04:0b:05:5f:d4:80:b3:a9:96:7d:c7:
17:ed:5c:d2:8a:fc:51:35:c6:e1:d2:58:8a:1e:01:
76:18:9a:83:5a:ee:e0:d1:a5:b8:51:f6:35:da:e6:
7a:5f:4c:28:ff:f7:85:79:95:16:e2:fa:a6:bf:5f:
eb:f7:10:c4:2e:62:a2:8c:75:c6:c3:e9:66:ff:66:
aa:7a:b2:d9:b4:97:a0:69:5b:bf:81:05:a3:18:a5:
a9:32:2c:bb:6d:05:d4:cd:b9:63:f6:d2:0a:55:64:
79:eb:af:17:88:da:d3:16:6a:6c:93:b4:bd:1b:58:
b1:af:5f:1c:f7:98:90:4a:49:99:22:28:c6:2d:07:
c7:4e:43:8b:f8:75:ef:bf:2e:0f:13:d1:5a:6c:03:
76:8e:a9:82:ea:9b:3f:7a:eb:1a:c3:72:04:5e:7a:
0a:06:25:a9:c3:fe:ce:dd:ad:37:79:99:fc:73:9a:
7a:8f:44:6e:fa:f7:31:90:db:78:a9:5a:9b:47:e4:
de:e8:3e:36:b4:3e:f2:19:93:f9:6a:cf:4b:64:c5:
2e:13:28:4d:fc:4d:db:91:41:54:4d:b9:ef:1c:c7:
3b:aa:e0:3f:29:92:8c:80:f1:56:30:c4:d1:57:84:
be:11:84:ec:60:83:41:10:9a:58:7e:dd:83:83:fd:
5e:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D6:78:49:EC:2E:2C:DD:03:D8:FD:66:3C:76:2D:E3:88:7F:04:B6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0tZ4SewuLN0D2P1mPHYt44h_BLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:a7:51:3e:95:b9:a5:dc:0f:2e:4c:01:60:e0:6d:fe:0d:f5:
eb:b6:f2:0b:49:d0:84:b3:ef:dd:26:68:ef:c9:9f:e9:45:f2:
d3:41:13:05:08:04:f6:48:c8:e1:30:d2:5c:c7:63:67:6b:bc:
b7:2b:80:3d:77:01:e3:47:60:79:01:1a:75:fc:71:e7:80:bb:
05:25:a7:7e:26:32:48:c1:fc:cf:76:58:1b:47:17:f7:d3:65:
4c:0b:56:df:c0:a1:96:2e:6e:3a:bd:75:86:eb:1b:71:ed:9e:
bc:e4:e4:de:c4:66:61:09:fc:47:29:ad:70:c4:8e:6e:bf:c6:
62:03:af:7b:0d:43:7d:a5:a3:24:4b:f6:88:5c:cc:e9:b8:e6:
67:54:56:46:00:f6:f9:fc:6f:c7:6c:66:4d:45:98:0e:04:a9:
de:07:2b:3d:7d:53:12:de:69:7f:b8:11:c8:64:0d:35:58:b0:
fa:20:85:92:33:8f:bd:9c:3f:da:c2:4d:5d:52:b9:21:9c:9b:
56:92:70:f5:58:be:02:16:62:ba:58:a8:22:94:1a:0a:94:55:
71:5f:8a:e7:72:97:c7:e0:2e:ac:33:4e:58:fc:17:ab:bd:37:
b2:0b:c2:ae:bc:73:5d:c0:66:53:e8:39:08:8a:bf:73:71:ef:
f6:96:6b:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0nnYcZB4JRa3nOFLmxfwMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMTYwNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmQ2Nzg0OWVjMmUyY2RkMDNkOGZkNjYzYzc2MmRlMzg4N2YwNGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0yEBAsFX9SAs6mWfccX7VzSivxR
Ncbh0liKHgF2GJqDWu7g0aW4UfY12uZ6X0wo//eFeZUW4vqmv1/r9xDELmKijHXG
w+lm/2aqerLZtJegaVu/gQWjGKWpMiy7bQXUzblj9tIKVWR5668XiNrTFmpsk7S9
G1ixr18c95iQSkmZIijGLQfHTkOL+HXvvy4PE9FabAN2jqmC6ps/eusaw3IEXnoK
BiWpw/7O3a03eZn8c5p6j0Ru+vcxkNt4qVqbR+Te6D42tD7yGZP5as9LZMUuEyhN
/E3bkUFUTbnvHMc7quA/KZKMgPFWMMTRV4S+EYTsYINBEJpYft2Dg/1exQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNLWeEnsLizdA9j9Zjx2LeOIfwS2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMHRaNFNld3VMTjBEMlAxbVBIWXQ0NGhfQkxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB+nUT6VuaXcDy5MAWDg
bf4N9eu28gtJ0ISz790maO/Jn+lF8tNBEwUIBPZIyOEw0lzHY2drvLcrgD13AeNH
YHkBGnX8ceeAuwUlp34mMkjB/M92WBtHF/fTZUwLVt/AoZYubjq9dYbrG3Htnrzk
5N7EZmEJ/EcprXDEjm6/xmIDr3sNQ32loyRL9ohczOm45mdUVkYA9vn8b8dsZk1F
mA4Eqd4HKz19UxLeaX+4EchkDTVYsPoghZIzj72cP9rCTV1SuSGcm1aScPVYvgIW
YrpYqCKUGgqUVXFfiudyl8fgLqwzTlj8F6u9N7ILwq68c13AZlPoOQiKv3Nx7/aW
a2Q=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:58:02 2025 by rpki-client