Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BU85BOZBP4NkvcWhit-IQxNkNWc.roa
File: BU85BOZBP4NkvcWhit-IQxNkNWc.roa (raw, json)
Hash identifier: yn05AXcmx9UfMG2FM4wEN/2GokBZ9JlsiSbfWqjkNto=
Subject key identifier: 05:4F:39:04:E6:41:3F:83:64:BD:C5:A1:8A:DF:88:43:13:64:35:67
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E130335D818AEC302CA49A96399C6950E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BU85BOZBP4NkvcWhit-IQxNkNWc.roa
Signing time: Wed 06 Mar 2024 09:06:01 +0000
ROA not before: Wed 06 Mar 2024 09:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:1302:e235/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:13:03:35:d8:18:ae:c3:02:ca:49:a9:63:99:c6:95:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 6 09:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=054f3904e6413f8364bdc5a18adf884313643567
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:9d:28:f0:a9:f9:f5:b5:73:35:1f:cb:aa:ef:
58:14:bf:c5:60:f7:80:fe:8a:ab:91:b9:3d:56:ea:
b4:d4:94:b2:20:bc:ed:9d:54:cc:5b:41:b9:43:57:
e5:11:f1:91:02:2b:64:b1:d5:14:1d:8e:65:dd:ef:
2b:b5:d3:be:da:94:f4:39:2a:2a:ae:4b:7d:fb:e2:
62:d6:09:9a:43:63:64:59:83:8e:8f:46:c5:8a:39:
37:60:80:7c:2d:64:b6:45:82:72:91:8f:94:87:ce:
fd:62:b2:e1:5d:5b:0d:91:14:5e:6c:24:1d:1f:51:
f1:b2:db:c8:27:27:33:71:a0:a9:9f:b7:15:14:fc:
1c:87:ea:3e:6b:14:8f:08:ae:32:19:a7:2b:2b:6e:
dc:57:83:f9:c5:f1:88:2e:d8:9f:1e:0d:45:bb:25:
3f:e9:dc:7f:50:01:0b:19:e3:20:94:ab:f5:16:6d:
d2:ce:c8:78:ae:b1:1e:77:50:07:5b:64:01:6d:54:
8a:21:fd:b0:86:b8:d0:09:1c:47:30:2f:53:11:40:
db:e5:6c:26:be:a7:ba:79:41:8f:4d:2f:39:74:af:
16:cf:e5:66:88:02:a0:5c:74:42:10:1d:f1:40:29:
c1:7a:b4:79:cd:41:b9:a9:70:57:34:8b:8b:71:9e:
26:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4F:39:04:E6:41:3F:83:64:BD:C5:A1:8A:DF:88:43:13:64:35:67
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BU85BOZBP4NkvcWhit-IQxNkNWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:70:9c:f6:61:8f:18:78:71:63:ee:9d:01:e4:a9:fe:e5:a7:
cb:cf:26:a2:3a:0b:41:61:c3:db:78:11:b1:9c:a3:35:4f:09:
6f:a5:fb:0c:d9:dc:2e:43:40:3a:f2:4c:f6:e8:cb:e5:98:ba:
94:02:c4:c4:4e:9d:47:81:95:6e:b0:d4:72:61:8a:ca:20:70:
ea:2e:ed:7d:58:08:87:fa:6d:c1:0a:10:33:92:4c:19:27:60:
e3:c1:96:de:15:5e:a9:42:cf:69:18:01:9c:e4:ff:5a:85:4c:
3d:a2:f1:00:58:67:9d:13:3b:b9:fb:6f:1d:80:16:ea:05:da:
5f:f1:54:d2:c5:4b:d5:72:78:23:30:91:e6:84:2e:11:ee:44:
37:74:52:20:1b:3f:ac:0d:86:a1:ae:b8:a0:b2:4b:5b:39:db:
0e:b5:20:ff:53:07:ef:7a:f1:07:42:29:f2:3c:f5:18:55:49:
a2:c2:72:2d:38:e3:ed:b4:36:f2:39:c8:eb:4a:6b:e1:40:e0:
35:30:22:5d:f0:b3:9b:a1:fd:db:bb:07:62:8c:33:32:83:bd:
77:c7:69:4e:7e:68:a1:15:ce:8c:f1:8e:84:1b:41:70:77:53:
fb:d7:e4:df:6c:34:54:e7:7b:ec:95:1d:68:89:a8:68:8f:d5:
c7:df:0f:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4TAzXYGK7DAspJqWOZxpUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA2MDkwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTRmMzkwNGU2NDEzZjgzNjRiZGM1YTE4YWRmODg0MzEzNjQzNTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJ0o8Kn59bVzNR/Lqu9YFL/FYPeA
/oqrkbk9Vuq01JSyILztnVTMW0G5Q1flEfGRAitksdUUHY5l3e8rtdO+2pT0OSoq
rkt9++Ji1gmaQ2NkWYOOj0bFijk3YIB8LWS2RYJykY+Uh879YrLhXVsNkRRebCQd
H1HxstvIJyczcaCpn7cVFPwch+o+axSPCK4yGacrK27cV4P5xfGILtifHg1FuyU/
6dx/UAELGeMglKv1Fm3Szsh4rrEed1AHW2QBbVSKIf2whrjQCRxHMC9TEUDb5Wwm
vqe6eUGPTS85dK8Wz+VmiAKgXHRCEB3xQCnBerR5zUG5qXBXNIuLcZ4mmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAVPOQTmQT+DZL3FoYrfiEMTZDVnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQlU4NUJPWkJQNE5rdmNXaGl0LUlReE5rTldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKdwnPZhjxh4cWPunQHk
qf7lp8vPJqI6C0Fhw9t4EbGcozVPCW+l+wzZ3C5DQDryTPboy+WYupQCxMROnUeB
lW6w1HJhisogcOou7X1YCIf6bcEKEDOSTBknYOPBlt4VXqlCz2kYAZzk/1qFTD2i
8QBYZ50TO7n7bx2AFuoF2l/xVNLFS9VyeCMwkeaELhHuRDd0UiAbP6wNhqGuuKCy
S1s52w61IP9TB+968QdCKfI89RhVSaLCci044+20NvI5yOtKa+FA4DUwIl3ws5uh
/du7B2KMMzKDvXfHaU5+aKEVzozxjoQbQXB3U/vX5N9sNFTne+yVHWiJqGiP1cff
D0c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:22 2025 by rpki-client