Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BCAVjo2Ps4JFiRdSfxNptXO-_Wk.roa
File: BCAVjo2Ps4JFiRdSfxNptXO-_Wk.roa (raw, json)
Hash identifier: qkKcRCzfKID3zrACrz/8fkLcmGF0Pll4eRLEx+UD+sE=
Subject key identifier: 04:20:15:8E:8D:8F:B3:82:45:89:17:52:7F:13:69:B5:73:BE:FD:69
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC17C9A23C572C22E0909989DBAA5BE28
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BCAVjo2Ps4JFiRdSfxNptXO-_Wk.roa
Signing time: Tue 09 Apr 2024 06:12:32 +0000
ROA not before: Tue 09 Apr 2024 06:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c1:7c:9a:23:c5:72:c2:2e:09:09:98:9d:ba:a5:be:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 9 06:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0420158e8d8fb382458917527f1369b573befd69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d0:d4:c4:5e:2d:c4:7f:09:83:ce:31:bc:30:
56:c5:1a:5c:26:fa:eb:f3:5f:d5:a0:8f:2c:59:53:
c6:cd:cd:61:9a:bf:59:45:d8:46:f0:fe:cd:05:23:
d3:e7:4e:d2:cb:b3:8d:19:30:7d:5e:42:87:03:b7:
0a:72:6b:84:ae:73:ca:1b:67:e8:02:c0:3e:5e:59:
a1:11:da:22:5a:cc:61:0e:0a:48:ca:33:bc:11:87:
ef:9b:6a:d3:42:91:ee:a3:88:e9:22:4d:7c:aa:ce:
4b:b2:6f:14:19:54:f4:83:24:e0:e4:3b:f6:18:34:
9a:bd:1b:41:4b:35:b8:1f:8f:58:59:68:e6:65:3f:
e6:63:cc:31:c6:dd:07:a7:55:8b:fa:35:a8:38:d9:
ac:26:1f:bb:34:a6:9c:49:17:6f:31:ed:01:dd:79:
88:13:d4:50:09:9a:08:b9:85:67:3b:e7:52:05:70:
df:56:89:16:2c:7d:de:be:49:48:7e:02:e5:64:24:
30:47:42:6b:d9:f0:98:01:dc:e8:4f:11:df:6b:bc:
ec:29:51:a2:dd:85:6f:67:74:bc:c2:69:8a:11:45:
cc:80:f4:a2:6a:35:a1:8d:02:e3:d0:72:e0:cf:64:
05:60:f9:61:98:50:2c:3f:20:5e:f4:ec:10:01:59:
34:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:20:15:8E:8D:8F:B3:82:45:89:17:52:7F:13:69:B5:73:BE:FD:69
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BCAVjo2Ps4JFiRdSfxNptXO-_Wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:bb:3c:5d:3b:48:58:5b:77:96:73:73:6b:ad:a2:1c:e0:05:
23:50:96:9c:8e:38:77:71:53:f2:7c:5d:3e:65:cc:ce:ca:ab:
be:4a:34:db:cf:87:ee:c1:b9:02:46:8d:da:bc:e7:7a:25:88:
f4:2a:55:a7:d4:e4:d8:e3:81:72:52:e4:49:59:c5:60:1a:83:
a0:83:a3:e1:09:bc:32:f6:54:18:fd:ba:08:6d:54:3d:78:89:
64:d9:d8:5f:14:bf:b8:8a:e1:59:51:ac:1a:37:d7:10:e3:cd:
75:1d:83:77:f2:bd:37:95:d8:1c:c8:3a:19:20:c9:b2:73:b8:
8e:ec:47:0c:dd:29:f5:8d:16:c5:3e:69:a0:47:35:a1:6f:73:
0b:40:56:a1:89:ed:ac:0c:70:2f:34:31:00:f5:b7:b4:0f:9f:
72:60:f3:9e:ef:6d:fa:10:bf:01:bf:e5:f9:3f:f6:2f:da:3b:
33:6f:ad:ae:96:23:f4:cb:aa:6a:84:9d:d2:57:ed:6d:32:a0:
06:b8:1b:8f:3b:34:f8:79:42:aa:b9:07:86:d3:8a:82:15:99:
e7:0d:d2:a0:37:17:38:8f:71:38:a8:3f:0f:98:44:d3:c8:6d:
c7:4e:5a:de:f6:c0:29:2f:c4:70:0f:35:11:2c:24:42:47:1c:
d9:e6:96:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7BfJojxXLCLgkJmJ26pb4oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA5MDYxMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDIwMTU4ZThkOGZiMzgyNDU4OTE3NTI3ZjEzNjliNTczYmVmZDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztDUxF4txH8Jg84xvDBWxRpcJvrr
81/VoI8sWVPGzc1hmr9ZRdhG8P7NBSPT507Sy7ONGTB9XkKHA7cKcmuErnPKG2fo
AsA+XlmhEdoiWsxhDgpIyjO8EYfvm2rTQpHuo4jpIk18qs5Lsm8UGVT0gyTg5Dv2
GDSavRtBSzW4H49YWWjmZT/mY8wxxt0Hp1WL+jWoONmsJh+7NKacSRdvMe0B3XmI
E9RQCZoIuYVnO+dSBXDfVokWLH3evklIfgLlZCQwR0Jr2fCYAdzoTxHfa7zsKVGi
3YVvZ3S8wmmKEUXMgPSiajWhjQLj0HLgz2QFYPlhmFAsPyBe9OwQAVk09wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAQgFY6Nj7OCRYkXUn8TabVzvv1pMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQkNBVmpvMlBzNEpGaVJkU2Z4TnB0WE8tX1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABq7PF07SFhbd5Zzc2ut
ohzgBSNQlpyOOHdxU/J8XT5lzM7Kq75KNNvPh+7BuQJGjdq853oliPQqVafU5Njj
gXJS5ElZxWAag6CDo+EJvDL2VBj9ughtVD14iWTZ2F8Uv7iK4VlRrBo31xDjzXUd
g3fyvTeV2BzIOhkgybJzuI7sRwzdKfWNFsU+aaBHNaFvcwtAVqGJ7awMcC80MQD1
t7QPn3Jg857vbfoQvwG/5fk/9i/aOzNvra6WI/TLqmqEndJX7W0yoAa4G487NPh5
Qqq5B4bTioIVmecN0qA3FziPcTioPw+YRNPIbcdOWt72wCkvxHAPNREsJEJHHNnm
lnQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:37:26 2025 by rpki-client