Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bKD_uqcVMyXndZaGFcQ241TqQ3Q.roa
File: bKD_uqcVMyXndZaGFcQ241TqQ3Q.roa (raw, json)
Hash identifier: knXTVGXxeMCkCii5bqVR1hrEYnLhvYU1DXoT0iLU2co=
Subject key identifier: 6C:A0:FF:BA:A7:15:33:25:E7:75:96:86:15:C4:36:E3:54:EA:43:74
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E07E0F98C662B7F906E7ACFF2DE7256C8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bKD_uqcVMyXndZaGFcQ241TqQ3Q.roa
Signing time: Mon 04 Mar 2024 05:12:48 +0000
ROA not before: Mon 04 Mar 2024 05:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:07:e0:f9:8c:66:2b:7f:90:6e:7a:cf:f2:de:72:56:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 05:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ca0ffbaa7153325e775968615c436e354ea4374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f2:fa:e2:0c:2d:16:63:4e:88:35:ac:ba:97:
57:9c:3f:d5:58:83:10:4f:34:45:5b:09:cd:29:df:
5a:11:ec:2b:5e:33:a2:04:55:df:9b:ee:d0:48:75:
33:d5:5b:2e:34:da:a1:9a:c0:df:5f:4b:32:c4:41:
be:84:db:42:9d:ce:f4:6c:f5:01:f6:d8:78:32:de:
5f:a3:9f:8d:d9:76:20:e0:f3:aa:06:63:08:54:3e:
f3:92:35:47:5e:17:65:98:33:d9:57:0c:3c:c7:9d:
c1:a9:92:87:e6:bc:76:85:2d:90:f3:9b:23:e8:2b:
60:25:75:78:ca:0b:8d:8e:7a:d6:95:6e:0c:d4:bd:
df:67:13:1d:45:4d:ac:2b:1f:e0:3d:c2:aa:29:4c:
18:52:7c:be:17:1a:02:70:ae:af:51:79:a1:cf:b4:
ec:e4:5b:f2:a0:b1:f8:a4:4d:50:b4:e1:52:85:b2:
ea:45:54:37:7f:fc:a2:fa:86:0b:b3:2b:2b:b3:84:
13:e9:1f:57:47:66:8e:a4:bb:00:b9:5b:af:60:ca:
09:24:44:fc:eb:17:17:b2:92:7e:e9:a9:62:13:80:
f4:96:4e:fd:00:a3:54:d9:64:72:77:de:42:59:ea:
b8:52:9c:5d:ef:eb:a9:eb:a6:67:d4:2a:68:f9:c6:
5b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A0:FF:BA:A7:15:33:25:E7:75:96:86:15:C4:36:E3:54:EA:43:74
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bKD_uqcVMyXndZaGFcQ241TqQ3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
77:bd:54:0e:72:7b:aa:16:70:83:00:35:7d:75:d0:ab:96:7c:
e9:13:7d:88:f3:d4:c8:af:9e:02:67:6d:dc:d6:c2:ab:33:1a:
61:6a:7c:b7:4a:2c:c6:63:61:85:29:36:89:d9:75:9e:44:28:
2e:4f:ff:35:21:ef:db:16:c2:e9:57:9b:33:bb:60:16:94:21:
8d:2c:fd:b0:df:0e:0f:60:a9:c6:72:f1:52:63:2d:49:88:a2:
fb:cc:46:1b:de:e4:1e:73:fb:61:f3:bb:53:82:73:b9:cc:45:
f9:1c:21:7f:b3:f4:7b:eb:d1:10:32:5c:06:85:2e:5d:bb:2f:
25:07:c0:7f:6e:2e:94:3e:b4:d4:a9:10:b0:9b:ee:87:90:29:
84:9e:b1:ca:64:57:0d:a8:da:c7:d2:7d:a7:18:b9:58:48:f9:
95:a2:da:b3:b4:09:df:7d:0b:bf:3b:50:41:b2:d0:56:01:ea:
ea:2f:f8:f5:25:e4:12:58:66:ec:d2:fb:34:33:04:c1:d2:16:
80:82:9a:f4:b6:3a:4f:1e:c0:1d:0b:6b:a7:eb:9b:f4:ad:b4:
cd:ac:f2:95:fb:93:8a:a6:43:cb:58:d1:8c:59:c9:0e:35:dc:
7f:a3:de:fb:cf:9a:a2:24:9a:8f:dd:cb:40:e6:6c:5a:e4:1a:
05:5a:b8:23
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4H4PmMZit/kG56z/LeclbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MDUxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2EwZmZiYWE3MTUzMzI1ZTc3NTk2ODYxNWM0MzZlMzU0ZWE0Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvL64gwtFmNOiDWsupdXnD/VWIMQ
TzRFWwnNKd9aEewrXjOiBFXfm+7QSHUz1VsuNNqhmsDfX0syxEG+hNtCnc70bPUB
9th4Mt5fo5+N2XYg4POqBmMIVD7zkjVHXhdlmDPZVww8x53BqZKH5rx2hS2Q85sj
6CtgJXV4yguNjnrWlW4M1L3fZxMdRU2sKx/gPcKqKUwYUny+FxoCcK6vUXmhz7Ts
5FvyoLH4pE1QtOFShbLqRVQ3f/yi+oYLsysrs4QT6R9XR2aOpLsAuVuvYMoJJET8
6xcXspJ+6aliE4D0lk79AKNU2WRyd95CWeq4Upxd7+up66Zn1Cpo+cZb1wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGyg/7qnFTMl53WWhhXENuNU6kN0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYktEX3VxY1ZNeVhuZFphR0ZjUTI0MVRxUTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHe9VA5ye6oWcIMANX11
0KuWfOkTfYjz1MivngJnbdzWwqszGmFqfLdKLMZjYYUpNonZdZ5EKC5P/zUh79sW
wulXmzO7YBaUIY0s/bDfDg9gqcZy8VJjLUmIovvMRhve5B5z+2Hzu1OCc7nMRfkc
IX+z9Hvr0RAyXAaFLl27LyUHwH9uLpQ+tNSpELCb7oeQKYSescpkVw2o2sfSfacY
uVhI+ZWi2rO0Cd99C787UEGy0FYB6uov+PUl5BJYZuzS+zQzBMHSFoCCmvS2Ok8e
wB0La6frm/SttM2s8pX7k4qmQ8tY0YxZyQ413H+j3vvPmqIkmo/dy0DmbFrkGgVa
uCM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:35:56 2025 by rpki-client