Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BlphVnyVkLzYCP-89xEL22O3mac.roa
File: BlphVnyVkLzYCP-89xEL22O3mac.roa (raw, json)
Hash identifier: hZuslHnKzFlMx32abLdVM0YF3kI3DefKQcxVTZOjeq0=
Subject key identifier: 06:5A:61:56:7C:95:90:BC:D8:08:FF:BC:F7:11:0B:DB:63:B7:99:A7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D39090FB1D470A6D885F47697FCE274F4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BlphVnyVkLzYCP-89xEL22O3mac.roa
Signing time: Wed 24 Jan 2024 01:15:11 +0000
ROA not before: Wed 24 Jan 2024 01:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:39:09:0f:b1:d4:70:a6:d8:85:f4:76:97:fc:e2:74:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 24 01:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=065a61567c9590bcd808ffbcf7110bdb63b799a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:85:38:de:dd:e8:85:39:94:12:31:c1:e2:c7:
88:f3:e3:09:31:43:55:75:92:fd:e5:19:18:54:e7:
83:b8:1c:0c:d0:78:cf:db:53:ff:48:ff:34:16:74:
47:43:a8:ee:ab:5d:95:04:fe:4d:5f:8c:4e:d3:ec:
79:ec:0f:20:85:f3:a7:c1:5c:4b:c9:f2:34:57:f3:
30:c7:27:78:fd:10:aa:80:e3:1f:02:d4:d4:15:89:
61:7a:ca:20:fe:1c:4c:ba:10:b5:ef:d9:45:0b:a2:
0b:42:3b:8a:db:e9:e0:a4:b9:0d:53:f7:78:ae:b1:
e1:a8:f9:b8:ff:b0:f8:4a:00:25:4d:43:aa:c2:28:
72:c3:c5:52:4a:0e:a2:fb:14:16:cc:a3:29:6d:f2:
68:f8:94:3f:10:d4:e6:67:26:91:38:95:6d:a9:7a:
01:92:a2:96:3a:b0:e7:92:22:4c:30:10:18:f2:ea:
7b:52:e0:57:24:2e:7d:45:26:7f:29:5c:b2:90:da:
fd:4b:b8:45:7c:5c:9c:a4:a8:e9:cb:0d:d3:c3:be:
ea:99:63:8c:4e:ec:d4:7f:0a:68:ce:49:b9:83:22:
a8:70:a8:c2:7e:f6:8b:d8:a3:44:08:72:05:34:a9:
29:89:ac:f7:6b:91:97:c9:74:c1:60:04:bb:c6:2f:
f6:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5A:61:56:7C:95:90:BC:D8:08:FF:BC:F7:11:0B:DB:63:B7:99:A7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BlphVnyVkLzYCP-89xEL22O3mac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:b6:0e:7b:91:85:4f:79:c8:45:be:8b:2f:5e:3b:cb:af:dd:
0b:62:cb:a5:b1:3c:e5:15:fd:f1:9b:c0:98:34:de:0c:77:cb:
6b:1e:b0:05:44:92:0a:df:5f:2f:e8:60:99:2b:68:b2:87:73:
3f:b4:1a:59:26:e0:e7:9c:7b:04:22:85:9f:bf:4b:03:c0:99:
92:5a:a1:18:44:b1:36:12:89:87:3e:f5:c1:65:47:61:b9:d0:
fb:8b:70:a7:54:88:f0:c8:c7:54:3a:1b:c4:e0:9c:80:69:12:
22:66:a0:7c:73:d1:8d:27:ab:33:80:00:d8:53:c4:16:0b:8a:
f1:73:82:f0:cc:ab:8a:28:fd:2e:1c:d1:3b:8b:66:65:54:c3:
db:a0:29:ec:9d:ea:f2:7b:c1:21:7d:df:86:e5:a8:6f:bf:aa:
8f:d0:ef:ab:44:1b:dd:57:6a:40:c9:d3:8d:36:46:46:a7:9f:
90:e5:5a:ae:62:33:e4:3d:3b:57:3e:bd:d8:06:48:6f:b8:ac:
12:af:78:26:e5:ca:1e:30:57:94:88:4e:0f:f9:29:54:02:01:
6e:99:39:be:eb:9a:82:7a:aa:1b:22:da:42:e8:15:2e:b4:1c:
42:1b:81:1a:f9:04:4b:8a:a0:0b:4c:f3:66:0b:52:6e:8e:b9:
b1:c2:62:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY05CQ+x1HCm2IX0dpf84nT0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI0MDExNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjVhNjE1NjdjOTU5MGJjZDgwOGZmYmNmNzExMGJkYjYzYjc5OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoU43t3ohTmUEjHB4seI8+MJMUNV
dZL95RkYVOeDuBwM0HjP21P/SP80FnRHQ6juq12VBP5NX4xO0+x57A8ghfOnwVxL
yfI0V/Mwxyd4/RCqgOMfAtTUFYlhesog/hxMuhC179lFC6ILQjuK2+ngpLkNU/d4
rrHhqPm4/7D4SgAlTUOqwihyw8VSSg6i+xQWzKMpbfJo+JQ/ENTmZyaROJVtqXoB
kqKWOrDnkiJMMBAY8up7UuBXJC59RSZ/KVyykNr9S7hFfFycpKjpyw3Tw77qmWOM
TuzUfwpozkm5gyKocKjCfvaL2KNECHIFNKkpiaz3a5GXyXTBYAS7xi/2fQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAZaYVZ8lZC82Aj/vPcRC9tjt5mnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQmxwaFZueVZrTHpZQ1AtODl4RUwyMk8zbWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGK2DnuRhU95yEW+iy9e
O8uv3Qtiy6WxPOUV/fGbwJg03gx3y2sesAVEkgrfXy/oYJkraLKHcz+0Glkm4Oec
ewQihZ+/SwPAmZJaoRhEsTYSiYc+9cFlR2G50PuLcKdUiPDIx1Q6G8TgnIBpEiJm
oHxz0Y0nqzOAANhTxBYLivFzgvDMq4oo/S4c0TuLZmVUw9ugKeyd6vJ7wSF934bl
qG+/qo/Q76tEG91XakDJ0402Rkann5DlWq5iM+Q9O1c+vdgGSG+4rBKveCblyh4w
V5SITg/5KVQCAW6ZOb7rmoJ6qhsi2kLoFS60HEIbgRr5BEuKoAtM82YLUm6OubHC
Yok=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:56:18 2025 by rpki-client