Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bDzF-6btsIRfRcYkkuqZ37MycpU.roa
File: bDzF-6btsIRfRcYkkuqZ37MycpU.roa (raw, json)
Hash identifier: kdJ1vtSi/F7kdI+kty3CpYWvbstQSPpg9wFYGKOR9Ec=
Subject key identifier: 6C:3C:C5:FB:A6:ED:B0:84:5F:45:C6:24:92:EA:99:DF:B3:32:72:95
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D12D6A790F12EB05A2C803593E7723954
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bDzF-6btsIRfRcYkkuqZ37MycpU.roa
Signing time: Tue 16 Jan 2024 15:14:33 +0000
ROA not before: Tue 16 Jan 2024 15:14:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:12:d6:a7:90:f1:2e:b0:5a:2c:80:35:93:e7:72:39:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 16 15:14:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c3cc5fba6edb0845f45c62492ea99dfb3327295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:21:e6:57:03:77:07:97:a3:dc:83:62:fc:72:
36:da:b6:b3:33:fc:8a:f3:4f:64:4c:1b:12:f8:cb:
d2:64:c9:06:29:5b:4f:8b:72:ab:77:ec:a2:d4:2b:
37:0c:a4:38:8d:ff:3f:83:37:27:24:dc:67:0a:db:
8e:53:a2:3e:22:68:42:e9:fb:2c:95:cc:6a:1a:4d:
1f:9a:cb:c7:64:ce:68:42:61:e6:a3:b4:9f:eb:4d:
8a:92:c7:90:ac:ed:c8:a2:39:4e:5a:5d:ea:7f:54:
57:5b:91:2c:c2:87:cf:cd:d9:85:3b:e2:6e:d2:83:
2d:a8:4f:66:0c:e8:32:cc:3c:fb:b2:a9:a5:d9:86:
e3:6c:e0:53:c8:73:08:ec:db:cb:aa:c5:b7:d7:62:
fe:12:06:76:f1:74:32:a1:6c:ee:4d:29:10:c3:11:
29:3c:b4:55:0d:04:c1:61:2c:0b:f4:7e:f1:f9:31:
e7:8c:e4:25:2d:4c:40:6d:aa:2e:4e:63:0e:a1:f0:
44:39:42:2a:38:24:e4:90:d3:d2:08:38:45:e7:4c:
7a:66:2d:f6:12:ea:67:b6:91:f7:8d:f0:3a:2b:ab:
c3:d0:7b:5e:2b:5d:c5:43:f3:96:2e:de:30:b3:a4:
f8:e4:49:b5:09:60:ae:f5:46:e4:86:25:36:04:85:
f9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:3C:C5:FB:A6:ED:B0:84:5F:45:C6:24:92:EA:99:DF:B3:32:72:95
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bDzF-6btsIRfRcYkkuqZ37MycpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
25:f9:c3:5b:fc:25:99:93:69:e7:ff:5b:e5:76:e0:53:05:53:
f6:29:86:3d:a5:a8:e3:41:c7:e7:3f:fb:bc:3c:ba:8e:9c:3c:
78:d1:ea:3b:e7:43:fc:cd:37:d5:d5:5d:28:bd:6c:61:22:80:
fb:88:e3:95:9c:10:62:a9:55:8f:54:28:69:8c:3e:15:e5:f1:
f1:d5:1c:14:4b:9c:1e:5c:3b:a7:70:17:12:d6:fe:1e:75:c0:
9f:82:15:8e:d6:a1:d6:62:5c:08:07:09:3c:65:b3:7e:33:c5:
a7:61:1c:b5:4b:d2:cb:92:0c:f4:ff:2b:09:33:e7:29:4c:05:
44:a6:2e:a8:12:53:af:a1:8e:cf:8d:bf:39:cc:5e:a7:1c:b7:
57:23:92:62:33:3e:cb:1c:64:ca:5b:cf:cd:26:65:9e:ed:0c:
16:5a:02:4d:94:23:3d:3d:aa:8c:e3:4c:41:5c:5d:c2:51:ee:
85:11:80:45:af:39:97:6e:44:4a:3d:2d:11:60:4f:4b:e0:60:
d8:1d:b8:2b:c3:1e:ed:aa:4a:54:4c:ef:cc:65:05:da:44:7a:
ff:6c:f7:0b:7e:12:9e:35:bd:4e:11:39:62:6f:84:03:cc:94:
6f:89:9d:ee:72:c4:15:92:14:bc:8f:ac:3c:d4:a2:00:62:d4:
a1:88:1d:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0S1qeQ8S6wWiyANZPncjlUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE2MTUxNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzNjYzVmYmE2ZWRiMDg0NWY0NWM2MjQ5MmVhOTlkZmIzMzI3Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CHmVwN3B5ej3INi/HI22razM/yK
809kTBsS+MvSZMkGKVtPi3Krd+yi1Cs3DKQ4jf8/gzcnJNxnCtuOU6I+ImhC6fss
lcxqGk0fmsvHZM5oQmHmo7Sf602KkseQrO3IojlOWl3qf1RXW5EswofPzdmFO+Ju
0oMtqE9mDOgyzDz7sqml2YbjbOBTyHMI7NvLqsW312L+EgZ28XQyoWzuTSkQwxEp
PLRVDQTBYSwL9H7x+THnjOQlLUxAbaouTmMOofBEOUIqOCTkkNPSCDhF50x6Zi32
EupntpH3jfA6K6vD0HteK13FQ/OWLt4ws6T45Em1CWCu9UbkhiU2BIX5PwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGw8xfum7bCEX0XGJJLqmd+zMnKVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYkR6Ri02YnRzSVJmUmNZa2t1cVozN015Y3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACX5w1v8JZmTaef/W+V2
4FMFU/Yphj2lqONBx+c/+7w8uo6cPHjR6jvnQ/zNN9XVXSi9bGEigPuI45WcEGKp
VY9UKGmMPhXl8fHVHBRLnB5cO6dwFxLW/h51wJ+CFY7WodZiXAgHCTxls34zxadh
HLVL0suSDPT/Kwkz5ylMBUSmLqgSU6+hjs+NvznMXqcct1cjkmIzPsscZMpbz80m
ZZ7tDBZaAk2UIz09qozjTEFcXcJR7oURgEWvOZduREo9LRFgT0vgYNgduCvDHu2q
SlRM78xlBdpEev9s9wt+Ep41vU4ROWJvhAPMlG+Jne5yxBWSFLyPrDzUogBi1KGI
HQg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:38 2025 by rpki-client