Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bIPP6QI0ph8RW8KgVCjLE4SxEik.roa
File: bIPP6QI0ph8RW8KgVCjLE4SxEik.roa (raw, json)
Hash identifier: vEH7wgIWNapAqZpJi0VjOB3mehrFZv/wrjs+ICv7cGk=
Subject key identifier: 6C:83:CF:E9:02:34:A6:1F:11:5B:C2:A0:54:28:CB:13:84:B1:12:29
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D02C28BE83568DB82B68B78DA52E9FA45
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bIPP6QI0ph8RW8KgVCjLE4SxEik.roa
Signing time: Sat 13 Jan 2024 12:18:40 +0000
ROA not before: Sat 13 Jan 2024 12:18:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:2c1:de3d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:02:c2:8b:e8:35:68:db:82:b6:8b:78:da:52:e9:fa:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 13 12:18:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c83cfe90234a61f115bc2a05428cb1384b11229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:65:1f:da:5e:70:d9:78:77:ae:06:65:69:8a:
d2:f7:c7:48:e0:d4:0e:04:9e:e3:26:74:7a:db:f6:
39:c8:fa:6a:5a:06:5a:07:12:93:c3:93:a1:cf:30:
58:44:80:bf:83:d5:97:c3:eb:6f:75:d5:64:1b:c9:
70:24:27:d0:ed:db:9f:38:46:05:9b:20:f5:76:ba:
31:63:d7:46:cb:8b:17:e0:40:27:e0:95:98:8c:ca:
86:2e:3a:7c:28:ad:18:ef:c4:a5:d0:1c:6d:21:d9:
f7:b7:32:0c:1b:72:95:23:32:20:a1:84:aa:79:03:
a4:cc:e8:0a:38:81:6e:f2:2a:cc:2d:b3:ae:ff:47:
a8:43:be:15:f9:74:9e:83:b1:f2:80:b0:27:4e:f6:
ff:01:75:3e:a3:52:f0:ea:d9:2c:64:b5:f2:1a:32:
5c:ed:97:c5:95:9d:a0:44:69:9e:08:07:e3:fb:ed:
2d:a9:9c:4b:96:37:13:9a:f2:39:4f:0c:31:22:e6:
3e:ed:f8:38:a2:36:86:76:09:c0:da:32:61:cb:1c:
30:41:61:c8:6d:89:be:5d:14:35:af:65:2b:c8:16:
48:66:c8:00:6c:5f:4b:2e:06:34:39:5b:2e:ab:de:
8c:f3:d2:ab:b8:e6:4a:cb:0c:23:ef:2a:4e:67:e4:
0f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:83:CF:E9:02:34:A6:1F:11:5B:C2:A0:54:28:CB:13:84:B1:12:29
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bIPP6QI0ph8RW8KgVCjLE4SxEik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:18:e7:59:1a:9d:c3:5b:d1:39:ce:7e:26:52:f0:c7:9c:35:
43:cb:ff:2a:fb:55:ed:1b:83:4f:b6:dc:2f:9b:52:f7:dd:f1:
3b:a6:0a:21:75:23:35:9a:fc:86:3c:ab:d6:c2:ed:7f:b7:a5:
47:7e:41:48:bd:6f:0f:cb:4d:5f:39:57:a2:f1:25:a6:e7:34:
45:5b:0d:c4:e9:e4:61:16:87:39:ef:3c:9e:3e:e4:5c:4b:86:
34:76:aa:8e:42:e8:90:e1:36:cd:d6:b6:7a:a8:ad:17:25:3b:
3c:6c:4b:b0:b5:2d:f4:09:cc:b5:02:46:fb:e0:c6:df:58:14:
2e:4a:11:47:b3:f2:0a:2f:d6:a4:79:b8:9e:ea:16:a2:95:88:
eb:e3:bc:c3:b6:2c:c7:79:fa:bd:e6:cd:76:d8:cf:df:04:42:
3e:0b:29:4b:95:ce:da:8f:45:04:45:cf:e3:bf:0e:56:8a:36:
88:33:bb:28:f2:50:df:f9:cd:ff:27:c7:2e:65:0d:06:05:19:
13:32:60:7a:f6:5e:9a:bb:70:7a:91:68:8a:ca:61:a0:c4:f5:
b2:d3:43:00:88:c1:53:0a:5d:4d:eb:c9:5f:aa:54:75:46:bf:
ce:d0:8a:e9:d2:9c:96:be:e7:35:de:11:9c:e5:1e:d6:9b:8a:
2b:63:19:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0CwovoNWjbgraLeNpS6fpFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEzMTIxODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzgzY2ZlOTAyMzRhNjFmMTE1YmMyYTA1NDI4Y2IxMzg0YjExMjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWUf2l5w2Xh3rgZlaYrS98dI4NQO
BJ7jJnR62/Y5yPpqWgZaBxKTw5OhzzBYRIC/g9WXw+tvddVkG8lwJCfQ7dufOEYF
myD1droxY9dGy4sX4EAn4JWYjMqGLjp8KK0Y78Sl0BxtIdn3tzIMG3KVIzIgoYSq
eQOkzOgKOIFu8irMLbOu/0eoQ74V+XSeg7HygLAnTvb/AXU+o1Lw6tksZLXyGjJc
7ZfFlZ2gRGmeCAfj++0tqZxLljcTmvI5TwwxIuY+7fg4ojaGdgnA2jJhyxwwQWHI
bYm+XRQ1r2UryBZIZsgAbF9LLgY0OVsuq96M89KruOZKywwj7ypOZ+QPBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGyDz+kCNKYfEVvCoFQoyxOEsRIpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYklQUDZRSTBwaDhSVzhLZ1ZDakxFNFN4RWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGgY51kancNb0TnOfiZS
8MecNUPL/yr7Ve0bg0+23C+bUvfd8TumCiF1IzWa/IY8q9bC7X+3pUd+QUi9bw/L
TV85V6LxJabnNEVbDcTp5GEWhznvPJ4+5FxLhjR2qo5C6JDhNs3WtnqorRclOzxs
S7C1LfQJzLUCRvvgxt9YFC5KEUez8gov1qR5uJ7qFqKViOvjvMO2LMd5+r3mzXbY
z98EQj4LKUuVztqPRQRFz+O/DlaKNogzuyjyUN/5zf8nxy5lDQYFGRMyYHr2Xpq7
cHqRaIrKYaDE9bLTQwCIwVMKXU3ryV+qVHVGv87QiunSnJa+5zXeEZzlHtabiitj
Ga8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:18:57 2025 by rpki-client