Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BOSqMoy1YUt3bR5gs4EI3q4TeoU.roa
File: BOSqMoy1YUt3bR5gs4EI3q4TeoU.roa (raw, json)
Hash identifier: EQQVb7BA7NpATLCZNd7uBYU8tab2XowTHR4PwHoYy1A=
Subject key identifier: 04:E4:AA:32:8C:B5:61:4B:77:6D:1E:60:B3:81:08:DE:AE:13:7A:85
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E91A21FE9D34442B487CC96262F762B18
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BOSqMoy1YUt3bR5gs4EI3q4TeoU.roa
Signing time: Sat 30 Mar 2024 23:11:45 +0000
ROA not before: Sat 30 Mar 2024 23:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:91:a2:1f:e9:d3:44:42:b4:87:cc:96:26:2f:76:2b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 23:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04e4aa328cb5614b776d1e60b38108deae137a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e0:d9:dc:a3:3c:7b:df:2c:41:28:43:0f:6c:
ea:04:e0:22:a1:05:2c:2e:96:90:a8:66:f8:03:b5:
55:69:b5:9c:e8:4b:dd:ef:f7:21:6b:0f:ff:0f:bb:
24:1c:07:19:7f:22:59:9a:c6:f1:31:bb:1c:20:59:
9e:2b:51:c0:41:64:da:60:dd:c4:51:b5:d7:1a:98:
48:06:66:83:4e:ee:40:93:6f:a6:d3:c9:1a:8f:a0:
56:9b:63:fb:1f:f0:3c:f0:85:52:80:d7:07:9c:34:
8e:03:8b:f0:d3:24:f7:3c:6c:7f:2c:c7:8a:94:f6:
36:ff:af:d9:87:49:84:02:17:cf:5c:dd:22:96:e9:
65:2b:20:4a:c3:f7:11:1d:f6:bd:79:72:e3:be:f4:
ca:56:d0:c4:3e:ce:1b:79:59:2b:4f:ca:94:40:23:
1e:14:70:1a:50:37:f5:57:ff:ce:1b:4c:25:0c:fa:
e2:c2:af:2a:a2:96:48:fd:fb:a3:dd:ff:e7:af:cf:
8a:d7:da:45:3f:2f:92:d9:ee:5a:93:4e:cc:45:8a:
c5:67:ef:de:7d:f5:f8:f4:f3:4e:80:90:53:ea:9d:
8c:fd:84:63:9e:b6:52:79:fd:81:8c:9b:a1:14:30:
c2:d7:02:84:1d:8a:52:1a:e1:cd:11:5e:98:09:84:
21:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E4:AA:32:8C:B5:61:4B:77:6D:1E:60:B3:81:08:DE:AE:13:7A:85
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BOSqMoy1YUt3bR5gs4EI3q4TeoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:54:ec:c6:16:0f:fa:35:ad:dc:1e:41:e0:51:c6:f7:8e:6e:
e2:5f:5b:36:d3:3b:cd:90:12:e4:05:84:af:17:3a:66:b1:89:
5f:90:12:bb:41:c0:4e:55:4c:98:2e:02:c7:49:23:95:a1:48:
9e:15:8b:36:1e:ff:0e:ca:9d:a4:ec:1a:3a:9b:6c:af:67:60:
ae:8b:64:60:96:ab:46:0c:34:08:b9:da:a1:61:9c:8c:a1:20:
c7:c3:74:11:43:6b:b0:29:e5:2d:61:57:e5:6a:62:e5:6c:dd:
a7:5b:a4:c6:4a:e9:31:2b:3a:32:cb:77:ce:1b:6b:07:93:b6:
77:10:3f:68:97:a2:90:10:2c:00:12:37:cc:eb:bd:de:a1:c3:
3c:f4:2f:68:1c:42:27:af:7a:10:03:46:ce:2a:b3:18:d3:d0:
5c:ba:91:91:70:71:fc:5d:01:42:4f:ab:25:d6:02:b2:48:66:
a1:c9:1f:9b:c2:0e:19:85:f1:82:a8:d9:1c:6c:81:fa:d7:fc:
11:8e:82:69:ba:d5:c5:2e:40:a8:d0:21:af:60:d9:3d:57:cf:
b6:59:50:cc:ea:24:76:66:ac:f5:cf:23:9c:e1:15:15:e4:2f:
37:7a:c8:61:1f:25:62:fa:f1:a2:d0:d0:50:90:93:46:c4:c9:
dd:e3:79:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6Roh/p00RCtIfMliYvdisYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMjMxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU0YWEzMjhjYjU2MTRiNzc2ZDFlNjBiMzgxMDhkZWFlMTM3YTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eDZ3KM8e98sQShDD2zqBOAioQUs
LpaQqGb4A7VVabWc6Evd7/chaw//D7skHAcZfyJZmsbxMbscIFmeK1HAQWTaYN3E
UbXXGphIBmaDTu5Ak2+m08kaj6BWm2P7H/A88IVSgNcHnDSOA4vw0yT3PGx/LMeK
lPY2/6/Zh0mEAhfPXN0ilullKyBKw/cRHfa9eXLjvvTKVtDEPs4beVkrT8qUQCMe
FHAaUDf1V//OG0wlDPriwq8qopZI/fuj3f/nr8+K19pFPy+S2e5ak07MRYrFZ+/e
ffX49PNOgJBT6p2M/YRjnrZSef2BjJuhFDDC1wKEHYpSGuHNEV6YCYQhzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFATkqjKMtWFLd20eYLOBCN6uE3qFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQk9TcU1veTFZVXQzYlI1Z3M0RUkzcTRUZW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG5U7MYWD/o1rdweQeBR
xveObuJfWzbTO82QEuQFhK8XOmaxiV+QErtBwE5VTJguAsdJI5WhSJ4VizYe/w7K
naTsGjqbbK9nYK6LZGCWq0YMNAi52qFhnIyhIMfDdBFDa7Ap5S1hV+VqYuVs3adb
pMZK6TErOjLLd84baweTtncQP2iXopAQLAASN8zrvd6hwzz0L2gcQievehADRs4q
sxjT0Fy6kZFwcfxdAUJPqyXWArJIZqHJH5vCDhmF8YKo2RxsgfrX/BGOgmm61cUu
QKjQIa9g2T1Xz7ZZUMzqJHZmrPXPI5zhFRXkLzd6yGEfJWL68aLQ0FCQk0bEyd3j
eSc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:58 2025 by rpki-client