Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-bkcwsHdvk1JFXjxkSDbGKFK100.roa
File: 1-bkcwsHdvk1JFXjxkSDbGKFK100.roa (raw, json)
Hash identifier: c04nJApg3ASJIAc8J7EAW5LROnosLd6UmQQTyRggGRg=
Subject key identifier: F9:B9:1C:C2:C1:DD:BE:4D:49:15:78:F1:91:20:DB:18:A1:4A:D7:4D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9CC977E32474EFF565EBDE2B66503879
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-bkcwsHdvk1JFXjxkSDbGKFK100.roa
Signing time: Sun 24 Dec 2023 17:04:58 +0000
ROA not before: Sun 24 Dec 2023 17:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:9cc8:e12c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:c9:77:e3:24:74:ef:f5:65:eb:de:2b:66:50:38:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 17:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9b91cc2c1ddbe4d491578f19120db18a14ad74d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a8:42:8d:5c:4b:46:07:63:bc:49:14:b7:47:
04:3c:fb:29:7b:95:3b:00:33:1d:25:fc:00:6c:14:
54:ef:ce:6a:5a:de:9e:0a:05:01:26:e4:5f:f1:9f:
90:e9:93:c4:4b:ae:60:a0:c3:3a:8a:e8:2b:64:75:
57:d5:95:64:f2:ad:a9:41:22:3e:b5:8d:c4:7a:df:
ea:35:22:39:d0:89:82:7c:23:bc:20:2f:b8:09:91:
95:b3:c1:65:c1:07:7a:a3:b7:ce:4a:fa:62:03:87:
40:8f:4f:4b:b6:aa:42:b3:8a:e5:a1:43:79:af:9a:
ce:2a:64:fd:f4:87:b9:fb:42:b9:f7:f7:f9:8b:ab:
a5:be:ee:e1:60:76:0c:f5:a2:1c:31:0b:13:48:19:
34:67:44:25:50:6c:07:d0:f0:c0:e7:2d:97:87:8a:
8e:38:ae:0d:cd:84:c7:6d:74:68:34:18:92:72:5d:
45:1b:af:3b:3e:30:bc:a2:b8:c4:0a:be:65:71:51:
b2:9e:d4:d6:f5:1d:e2:fd:65:f1:85:89:c3:33:aa:
76:5e:8e:3d:25:cf:b7:d9:7d:25:69:14:98:03:e2:
6b:48:af:58:42:d6:61:48:1f:84:3d:33:f6:38:4b:
d4:14:3c:b0:0b:b6:a6:5a:85:5a:4e:40:bc:ad:40:
a4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B9:1C:C2:C1:DD:BE:4D:49:15:78:F1:91:20:DB:18:A1:4A:D7:4D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-bkcwsHdvk1JFXjxkSDbGKFK100.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:30:14:db:15:48:15:2e:0d:8d:5c:97:4d:35:76:e7:f1:5a:
8c:c7:a8:15:4e:99:3e:8a:d9:8d:5a:27:42:de:00:69:92:6e:
c0:ef:f2:2f:94:da:a3:5f:9a:4d:18:a2:f0:f3:94:3a:ec:4b:
78:f6:e0:35:50:ab:6d:af:49:4d:84:aa:ca:5c:db:4a:dd:cb:
91:ab:d9:ff:f1:77:eb:c9:65:91:78:44:16:98:2b:19:e6:1f:
1f:cf:ea:a7:54:48:a5:de:60:d6:a9:c3:93:05:68:a8:27:fe:
f4:16:2e:ad:5d:43:27:b4:f5:87:03:60:1c:00:06:9f:32:65:
21:f5:fd:73:3f:89:c8:03:ff:cb:0f:52:26:f4:3a:fa:2f:ef:
05:4c:47:4b:20:dd:b0:b6:30:b6:66:e8:60:7f:45:b2:9d:26:
fe:1e:f3:fa:e5:e4:73:12:a4:3a:fb:4b:83:c6:a8:5e:52:89:
3c:b8:98:c0:f7:be:1a:41:38:28:52:b7:67:ad:4b:43:d0:f9:
be:a1:7c:62:a7:b1:02:99:b8:35:0d:14:3b:93:0d:34:a0:77:
f2:dd:b1:59:87:f1:af:5d:18:f1:f8:90:eb:96:29:62:9b:75:
c8:0b:26:5d:38:cd:8e:86:f6:2d:80:6d:4a:b0:a0:6b:f6:45:
ca:56:87:be
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYycyXfjJHTv9WXr3itmUDh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MTcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWI5MWNjMmMxZGRiZTRkNDkxNTc4ZjE5MTIwZGIxOGExNGFkNzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKhCjVxLRgdjvEkUt0cEPPspe5U7
ADMdJfwAbBRU785qWt6eCgUBJuRf8Z+Q6ZPES65goMM6iugrZHVX1ZVk8q2pQSI+
tY3Eet/qNSI50ImCfCO8IC+4CZGVs8FlwQd6o7fOSvpiA4dAj09LtqpCs4rloUN5
r5rOKmT99Ie5+0K59/f5i6ulvu7hYHYM9aIcMQsTSBk0Z0QlUGwH0PDA5y2Xh4qO
OK4NzYTHbXRoNBiScl1FG687PjC8orjECr5lcVGyntTW9R3i/WXxhYnDM6p2Xo49
Jc+32X0laRSYA+JrSK9YQtZhSB+EPTP2OEvUFDywC7amWoVaTkC8rUCkXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPm5HMLB3b5NSRV48ZEg2xihStdNMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1ia2N3c0hkdmsxSkZYanhrU0RiR0tGSzEwMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQB8MBTbFUgVLg2NXJdN
NXbn8VqMx6gVTpk+itmNWidC3gBpkm7A7/IvlNqjX5pNGKLw85Q67Et49uA1UKtt
r0lNhKrKXNtK3cuRq9n/8XfryWWReEQWmCsZ5h8fz+qnVEil3mDWqcOTBWioJ/70
Fi6tXUMntPWHA2AcAAafMmUh9f1zP4nIA//LD1Im9Dr6L+8FTEdLIN2wtjC2Zuhg
f0WynSb+HvP65eRzEqQ6+0uDxqheUok8uJjA974aQTgoUrdnrUtD0Pm+oXxip7EC
mbg1DRQ7kw00oHfy3bFZh/GvXRjx+JDrlilim3XICyZdOM2OhvYtgG1KsKBr9kXK
Voe+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:49 2025 by rpki-client