Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bIgnMT7t0AXJ90eCiD0_9QORFHk.roa
File: bIgnMT7t0AXJ90eCiD0_9QORFHk.roa (raw, json)
Hash identifier: BUxw7ucGNpbBnwQgGxTmx5Y/7CE6kvhnEuxuSG2NH14=
Subject key identifier: 6C:88:27:31:3E:ED:D0:05:C9:F7:47:82:88:3D:3F:F5:03:91:14:79
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4FC131B5903F157DCA7397BE29F7DC6A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bIgnMT7t0AXJ90eCiD0_9QORFHk.roa
Signing time: Mon 18 Mar 2024 04:10:44 +0000
ROA not before: Mon 18 Mar 2024 04:10:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4f:c1:31:b5:90:3f:15:7d:ca:73:97:be:29:f7:dc:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 04:10:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c8827313eedd005c9f74782883d3ff503911479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ce:a0:eb:a4:ce:61:b2:f6:d2:f3:0d:7a:6b:
1e:6c:c1:43:b2:22:95:47:8e:6f:66:af:af:7f:23:
24:fc:eb:60:15:c5:b8:52:6e:06:32:e8:5c:f7:b4:
5c:b7:4c:49:df:52:e9:23:d3:7f:f5:d7:46:90:f7:
5e:4c:ba:d4:32:98:58:0c:5b:02:32:54:2d:19:cd:
8e:8a:5a:4d:c4:1e:d5:34:2d:d0:36:5d:05:25:e0:
b8:23:d5:6d:7d:66:9a:ec:01:af:61:79:4c:23:f5:
1b:56:6c:54:5c:ca:04:59:e0:45:d1:d8:29:38:27:
3a:71:56:ee:ed:9a:c2:69:35:2d:1b:f8:9b:65:50:
d4:4a:7b:f3:0f:e1:55:74:32:a9:84:53:60:ce:77:
8d:63:5c:48:5e:5a:09:34:db:b1:0a:9d:8f:86:ce:
69:17:eb:85:0d:5e:1f:f1:64:88:92:29:1c:86:08:
ea:29:82:91:3f:49:31:28:f1:20:41:b9:9c:ff:7f:
32:17:14:ea:e2:b4:31:1a:0c:29:70:e7:57:06:bd:
26:72:a7:b9:17:25:13:78:0d:2d:8f:76:68:9e:38:
2d:1c:bc:36:51:85:49:c7:71:2f:ed:ce:6d:20:1b:
03:66:7a:3c:ac:6d:37:14:91:5e:6f:e0:24:2c:7e:
51:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:88:27:31:3E:ED:D0:05:C9:F7:47:82:88:3D:3F:F5:03:91:14:79
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bIgnMT7t0AXJ90eCiD0_9QORFHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4c:49:b0:fb:1b:0d:47:28:6d:dc:ec:6f:54:af:b4:f0:0a:80:
63:ea:22:70:3c:6f:98:73:81:d6:fe:6c:39:dd:0f:10:c0:ec:
bd:12:ce:f0:da:c9:37:62:e8:fb:e7:be:8f:79:f1:88:99:e8:
2c:9d:66:8f:aa:05:5c:c6:bd:21:fc:35:94:09:a3:a5:80:d0:
f7:f9:ae:63:4b:76:e5:01:c0:dc:40:16:dd:fa:67:cd:6b:31:
e5:2c:51:b4:8c:57:b7:cc:38:5f:e3:55:0d:83:1d:b8:ab:ca:
7e:c3:ee:77:2a:0b:25:71:b5:f7:f2:85:34:75:50:1a:7e:7b:
68:21:d6:14:53:35:94:e6:54:3b:b1:ca:7e:1b:50:32:a4:ae:
63:5b:49:40:77:fc:2f:5a:a8:e8:7c:5e:dc:a0:00:0e:4c:06:
f0:9a:e7:e5:f2:35:0a:f9:e0:0a:31:85:1b:43:8d:58:f1:61:
04:35:11:8e:a3:f9:4b:3c:19:c1:96:53:40:a5:24:d3:2f:2f:
1f:05:63:46:62:76:94:30:55:72:d4:a8:7b:11:62:95:c2:c5:
5b:88:07:a9:7c:8b:df:66:6a:ca:92:95:f1:0b:3c:b1:da:30:
4b:94:a4:c1:01:47:3b:c9:f5:ad:cf:df:00:62:de:9f:71:ef:
95:09:fb:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5PwTG1kD8Vfcpzl74p99xqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MDQxMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg4MjczMTNlZWRkMDA1YzlmNzQ3ODI4ODNkM2ZmNTAzOTExNDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAts6g66TOYbL20vMNemsebMFDsiKV
R45vZq+vfyMk/OtgFcW4Um4GMuhc97Rct0xJ31LpI9N/9ddGkPdeTLrUMphYDFsC
MlQtGc2OilpNxB7VNC3QNl0FJeC4I9VtfWaa7AGvYXlMI/UbVmxUXMoEWeBF0dgp
OCc6cVbu7ZrCaTUtG/ibZVDUSnvzD+FVdDKphFNgzneNY1xIXloJNNuxCp2Phs5p
F+uFDV4f8WSIkikchgjqKYKRP0kxKPEgQbmc/38yFxTq4rQxGgwpcOdXBr0mcqe5
FyUTeA0tj3ZonjgtHLw2UYVJx3Ev7c5tIBsDZno8rG03FJFeb+AkLH5R5wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGyIJzE+7dAFyfdHgog9P/UDkRR5MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYklnbk1UN3QwQVhKOTBlQ2lEMF85UU9SRkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAExJsPsbDUcobdzsb1Sv
tPAKgGPqInA8b5hzgdb+bDndDxDA7L0SzvDayTdi6Pvnvo958YiZ6CydZo+qBVzG
vSH8NZQJo6WA0Pf5rmNLduUBwNxAFt36Z81rMeUsUbSMV7fMOF/jVQ2DHbiryn7D
7ncqCyVxtffyhTR1UBp+e2gh1hRTNZTmVDuxyn4bUDKkrmNbSUB3/C9aqOh8Xtyg
AA5MBvCa5+XyNQr54AoxhRtDjVjxYQQ1EY6j+Us8GcGWU0ClJNMvLx8FY0ZidpQw
VXLUqHsRYpXCxVuIB6l8i99masqSlfELPLHaMEuUpMEBRzvJ9a3P3wBi3p9x75UJ
+28=
-----END CERTIFICATE-----
Generated at Sun Jun 8 09:01:16 2025 by rpki-client