Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BSSuLGOeIk4a6XHSERuHd9M5nYs.roa
File: BSSuLGOeIk4a6XHSERuHd9M5nYs.roa (raw, json)
Hash identifier: vCOXQrHrhRJtouzTjtNq5OZlq+uSWMQKlsVM/36Uqms=
Subject key identifier: 05:24:AE:2C:63:9E:22:4E:1A:E9:71:D2:11:1B:87:77:D3:39:9D:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9F9CBC9332A1CA58B4C71ADD8A831F33
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BSSuLGOeIk4a6XHSERuHd9M5nYs.roa
Signing time: Mon 25 Dec 2023 06:14:58 +0000
ROA not before: Mon 25 Dec 2023 06:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9f:9c:bc:93:32:a1:ca:58:b4:c7:1a:dd:8a:83:1f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 06:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0524ae2c639e224e1ae971d2111b8777d3399d8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c3:af:13:69:fd:e3:eb:20:7b:bd:a3:35:8d:
e7:c0:ce:37:71:c3:24:ae:e9:0d:d1:f7:8a:10:0a:
41:a3:fe:15:93:f0:05:68:fc:b6:a4:a6:1b:ca:d6:
ea:03:45:97:70:dd:5a:58:30:b0:71:3d:6e:c0:e3:
41:03:41:0f:23:93:5f:b1:15:33:21:86:d6:fe:4f:
72:29:55:90:1c:9d:7d:59:5c:6f:00:17:a9:0a:50:
cd:31:22:86:6d:ee:33:a4:7b:c1:68:2e:e2:87:97:
38:7e:99:89:9b:2d:a8:5f:77:d1:08:41:1a:55:13:
0b:bf:b1:96:44:74:93:cd:ea:48:55:06:f4:7b:43:
b1:db:a6:13:1f:40:92:d4:6e:6d:62:e3:8f:8e:71:
1e:59:b5:dd:e8:06:0f:ea:e4:05:e4:7d:f2:bc:d6:
35:4b:dc:9d:d8:b8:e2:ed:5b:c0:3b:bc:06:fd:be:
d6:b5:e3:78:ca:74:4a:94:d9:17:94:99:f2:7f:c5:
5d:13:e4:af:2b:ce:bc:32:0f:1e:d4:b3:9c:a8:c9:
45:ca:4e:ca:4a:52:b8:3e:bd:67:6d:3f:e3:6d:fd:
58:16:0d:8e:7a:a7:7b:39:9f:94:bd:b6:8d:f6:d7:
a4:76:83:f0:1b:2b:b1:55:6e:0e:af:4a:e7:2c:f2:
0a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:24:AE:2C:63:9E:22:4E:1A:E9:71:D2:11:1B:87:77:D3:39:9D:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BSSuLGOeIk4a6XHSERuHd9M5nYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:e0:63:d0:64:c7:82:9f:ff:65:45:5b:12:73:3c:3f:f5:eb:
0c:13:23:d9:17:fa:8e:72:bc:54:34:f3:c1:43:42:a0:ce:9c:
6c:42:73:7e:37:c4:32:76:68:3e:db:6b:ef:c2:8d:c1:17:54:
4f:2b:68:51:f0:f4:e9:2c:e8:92:5e:da:0c:e0:f9:f3:b1:a2:
0d:a0:df:d7:8e:99:f0:1c:29:96:e2:ca:bf:ab:ca:bc:63:b1:
93:83:3b:f8:6b:1b:72:2f:ce:07:77:57:d1:9b:6d:5b:2a:22:
61:67:ad:61:7f:52:0e:79:c7:87:30:44:b6:3b:22:1c:dd:46:
34:d9:0f:d7:b2:ab:44:49:7e:d9:4b:04:78:79:d5:80:ea:8d:
87:e5:4e:1d:5a:a0:a1:f3:73:ae:51:97:35:5c:27:c1:af:82:
e4:fc:46:a4:a3:89:8f:f2:39:f9:06:ae:0e:c7:70:62:90:11:
e0:73:fc:dc:93:93:c1:45:be:dd:23:7a:41:64:69:45:91:cf:
1d:1a:5c:89:8e:91:cf:9f:45:63:29:d9:54:04:d6:ec:00:3f:
a0:6f:b6:a9:cc:64:32:b0:12:c5:d9:85:63:1b:25:69:f3:00:
cf:04:a9:63:af:81:0e:ef:fa:d1:5a:c5:99:f1:eb:fd:1a:75:
00:b7:a0:bf
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyfnLyTMqHKWLTHGt2Kgx8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MDYxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTI0YWUyYzYzOWUyMjRlMWFlOTcxZDIxMTFiODc3N2QzMzk5ZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8OvE2n94+sge72jNY3nwM43ccMk
rukN0feKEApBo/4Vk/AFaPy2pKYbytbqA0WXcN1aWDCwcT1uwONBA0EPI5NfsRUz
IYbW/k9yKVWQHJ19WVxvABepClDNMSKGbe4zpHvBaC7ih5c4fpmJmy2oX3fRCEEa
VRMLv7GWRHSTzepIVQb0e0Ox26YTH0CS1G5tYuOPjnEeWbXd6AYP6uQF5H3yvNY1
S9yd2Lji7VvAO7wG/b7WteN4ynRKlNkXlJnyf8VdE+SvK868Mg8e1LOcqMlFyk7K
SlK4Pr1nbT/jbf1YFg2Oeqd7OZ+UvbaN9tekdoPwGyuxVW4Or0rnLPIKnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAUkrixjniJOGulx0hEbh3fTOZ2LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQlNTdUxHT2VJazRhNlhIU0VSdUhkOU01bllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACDgY9Bkx4Kf/2VFWxJz
PD/16wwTI9kX+o5yvFQ088FDQqDOnGxCc343xDJ2aD7ba+/CjcEXVE8raFHw9Oks
6JJe2gzg+fOxog2g39eOmfAcKZbiyr+ryrxjsZODO/hrG3Ivzgd3V9GbbVsqImFn
rWF/Ug55x4cwRLY7IhzdRjTZD9eyq0RJftlLBHh51YDqjYflTh1aoKHzc65RlzVc
J8GvguT8RqSjiY/yOfkGrg7HcGKQEeBz/NyTk8FFvt0jekFkaUWRzx0aXImOkc+f
RWMp2VQE1uwAP6BvtqnMZDKwEsXZhWMbJWnzAM8EqWOvgQ7v+tFaxZnx6/0adQC3
oL8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:06 2025 by rpki-client