Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-BH-N7_xvMUBfgXPozZzwFxMWPY.roa
File: 1-BH-N7_xvMUBfgXPozZzwFxMWPY.roa (raw, json)
Hash identifier: 3NNA74Te/iGk2c4nfxorP+P58nth/ALSoqhWeqhGRZg=
Subject key identifier: F8:11:FE:37:BF:F1:BC:C5:01:7E:05:CF:A3:36:73:C0:5C:4C:58:F6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2703B7D6481A98FF6E57CF95E3289368
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-BH-N7_xvMUBfgXPozZzwFxMWPY.roa
Signing time: Sat 20 Jan 2024 13:16:11 +0000
ROA not before: Sat 20 Jan 2024 13:16:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:27:03:b7:d6:48:1a:98:ff:6e:57:cf:95:e3:28:93:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 13:16:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f811fe37bff1bcc5017e05cfa33673c05c4c58f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:58:da:3a:7a:82:95:ae:dd:d1:b6:47:1b:ee:
d3:4f:92:73:11:c0:71:9a:54:09:2f:30:1a:11:48:
c5:be:aa:47:7d:ff:56:44:7a:bf:ec:47:9a:aa:3e:
16:30:34:e5:30:26:42:e5:b9:b9:2b:4a:1b:f7:bd:
86:f0:e2:f1:ef:2e:99:10:9e:8a:fc:76:57:7a:c8:
75:1f:f1:bc:9c:7d:3f:74:a5:63:01:ba:73:60:b1:
d7:aa:dc:c5:20:be:61:61:eb:8b:ba:32:3b:5f:d6:
1b:3d:4c:44:c7:e2:63:9e:1f:89:18:78:7d:51:2f:
af:36:1f:7a:33:b6:74:71:10:47:bc:94:59:b2:ed:
93:de:71:b9:c6:14:a2:a0:ae:0c:75:8d:6b:6e:b1:
1b:a9:dc:80:23:84:d4:ad:bd:c5:27:64:09:a2:49:
43:8c:b7:a8:64:a5:26:bd:a9:5e:1a:81:8c:88:a2:
ec:7b:cf:24:41:75:22:53:48:73:2b:af:11:dd:d5:
5f:4c:13:5d:13:13:36:82:f6:3b:a5:0e:48:14:1c:
69:3e:3d:7e:90:71:dd:43:97:ec:09:35:c4:57:cf:
a6:cc:ad:38:f1:7f:9f:fb:f1:5c:68:71:9d:63:8d:
dc:98:b6:e0:50:1a:59:6c:a7:7b:c8:e8:67:2e:97:
09:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:11:FE:37:BF:F1:BC:C5:01:7E:05:CF:A3:36:73:C0:5C:4C:58:F6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-BH-N7_xvMUBfgXPozZzwFxMWPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:ae:cd:d6:5c:c4:b7:fd:00:92:f3:b7:1e:8f:a5:4e:2c:99:
16:88:1d:d7:1f:ee:d8:15:46:ad:89:ca:41:95:6d:bc:81:ec:
88:79:bd:fc:78:ad:7e:02:5a:fb:6e:77:7d:c0:0c:70:a4:a2:
57:64:f4:bd:27:f0:27:50:ae:c6:46:5f:bd:e5:16:5f:99:7a:
54:67:15:e0:3f:9d:28:68:30:f6:59:67:e2:cb:b1:f5:58:f7:
d0:e3:f9:3a:82:f2:76:86:e9:92:df:8b:73:f3:9c:3e:3a:08:
1f:ef:6e:66:c6:af:68:6c:5d:a3:c9:5c:40:c9:1d:c5:2c:d3:
12:e7:21:e4:db:ec:ec:04:bd:89:67:7e:78:e5:0c:ce:4e:2b:
09:10:35:12:09:dc:c5:93:fa:1c:59:ca:50:de:82:f1:f9:9a:
9e:e3:d7:38:8e:ba:f3:27:8b:0f:05:2d:01:62:a3:c8:8b:ed:
19:46:0d:7f:49:fb:ee:6e:d6:cb:14:35:f4:70:60:03:98:f8:
6b:cf:41:a8:e1:55:f8:5f:c9:43:72:7f:4f:15:5a:d2:65:1b:
0d:72:b7:1c:fa:ba:08:4f:6e:f7:a6:b1:4a:e0:3e:1b:81:bc:
97:0a:57:da:51:07:c7:99:5b:09:e6:ff:b2:19:94:cc:7b:9c:
35:8a:cf:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY0nA7fWSBqY/25Xz5XjKJNoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMTMxNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODExZmUzN2JmZjFiY2M1MDE3ZTA1Y2ZhMzM2NzNjMDVjNGM1OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1jaOnqCla7d0bZHG+7TT5JzEcBx
mlQJLzAaEUjFvqpHff9WRHq/7Eeaqj4WMDTlMCZC5bm5K0ob972G8OLx7y6ZEJ6K
/HZXesh1H/G8nH0/dKVjAbpzYLHXqtzFIL5hYeuLujI7X9YbPUxEx+Jjnh+JGHh9
US+vNh96M7Z0cRBHvJRZsu2T3nG5xhSioK4MdY1rbrEbqdyAI4TUrb3FJ2QJoklD
jLeoZKUmvaleGoGMiKLse88kQXUiU0hzK68R3dVfTBNdExM2gvY7pQ5IFBxpPj1+
kHHdQ5fsCTXEV8+mzK048X+f+/FcaHGdY43cmLbgUBpZbKd7yOhnLpcJgQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPgR/je/8bzFAX4Fz6M2c8BcTFj2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1CSC1ON194dk1VQmZnWFBvelp6d0Z4TVdQWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCWrs3WXMS3/QCS87ce
j6VOLJkWiB3XH+7YFUaticpBlW28geyIeb38eK1+Alr7bnd9wAxwpKJXZPS9J/An
UK7GRl+95RZfmXpUZxXgP50oaDD2WWfiy7H1WPfQ4/k6gvJ2humS34tz85w+Oggf
725mxq9obF2jyVxAyR3FLNMS5yHk2+zsBL2JZ3545QzOTisJEDUSCdzFk/ocWcpQ
3oLx+Zqe49c4jrrzJ4sPBS0BYqPIi+0ZRg1/SfvubtbLFDX0cGADmPhrz0Go4VX4
X8lDcn9PFVrSZRsNcrcc+roIT273prFK4D4bgbyXClfaUQfHmVsJ5v+yGZTMe5w1
is+c
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:00:55 2025 by rpki-client