Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bQaooPgYwJ5GsBq4KVY5uTbyepM.roa
File: bQaooPgYwJ5GsBq4KVY5uTbyepM.roa (raw, json)
Hash identifier: bU/YoJGUITujzEXsfyc9d93wqgnqQ3V6lstG6SQg6DI=
Subject key identifier: 6D:06:A8:A0:F8:18:C0:9E:46:B0:1A:B8:29:56:39:B9:36:F2:7A:93
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D22EF1A0CEFE8DFD272917FCD46CDDB9A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bQaooPgYwJ5GsBq4KVY5uTbyepM.roa
Signing time: Fri 19 Jan 2024 18:15:11 +0000
ROA not before: Fri 19 Jan 2024 18:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:22:ef:1a:0c:ef:e8:df:d2:72:91:7f:cd:46:cd:db:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 19 18:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d06a8a0f818c09e46b01ab8295639b936f27a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:49:5c:b1:d8:8b:23:73:44:10:ee:49:12:31:
3c:67:4c:c6:18:a7:39:4b:4b:b8:cd:d1:8c:db:95:
c6:02:23:cb:aa:3e:b8:bd:35:d8:11:bc:c0:3a:96:
d0:c8:64:2d:0b:e1:c8:49:e1:db:34:f1:cb:37:ca:
30:f3:aa:4b:71:64:b1:70:bb:4b:61:25:23:78:ac:
7a:ce:e0:16:7f:18:93:ca:d4:d5:d3:bb:75:50:1d:
6d:35:ef:fb:02:8a:7d:0a:34:bb:1f:79:bc:73:20:
eb:87:8e:40:49:7e:37:77:06:83:51:be:cc:ae:0c:
5f:26:f7:b8:b3:0e:51:df:b4:0a:1e:c5:44:4f:98:
06:8d:16:db:1a:aa:86:78:4c:29:30:79:65:3e:a2:
4c:fb:5f:e0:01:ce:10:b1:95:14:be:8a:e1:b4:70:
4f:37:d8:e6:57:bb:b1:ab:25:d4:d5:a6:ce:4f:08:
01:43:b9:b9:ab:59:77:bd:85:fe:65:bd:b9:69:f8:
da:28:2a:f0:13:26:f6:d8:20:8e:41:8a:5f:9b:34:
8d:97:cd:7a:e0:de:b4:93:b3:d8:38:3d:16:32:65:
6c:b2:4e:86:12:db:70:f9:0e:a6:6e:16:53:7e:79:
36:02:57:67:d8:d3:21:5b:27:0a:d2:b3:d9:fa:0a:
5e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:06:A8:A0:F8:18:C0:9E:46:B0:1A:B8:29:56:39:B9:36:F2:7A:93
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bQaooPgYwJ5GsBq4KVY5uTbyepM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:0c:14:aa:2e:ac:88:7d:d6:c1:59:34:26:a7:09:3d:50:f6:
dc:2e:48:53:fa:0c:c0:45:71:d6:e8:f2:68:f6:0b:dd:85:35:
97:a9:b3:9a:3e:ef:da:e1:51:90:b3:7b:49:90:17:47:d3:5b:
7e:9b:c7:ac:43:71:5a:c6:22:d0:18:fe:7b:55:1d:ac:01:45:
04:76:82:72:95:e9:6a:72:92:ef:6b:69:96:63:1f:bb:89:88:
dc:6e:14:5d:12:4c:d4:57:0b:bf:0e:d9:9b:9d:af:62:8c:2b:
68:cb:f5:a3:13:6b:27:fa:35:4b:0d:1b:ef:93:1b:cb:07:fc:
0a:bd:8d:4b:be:e4:74:3e:0e:8b:74:3f:af:90:6e:5a:cf:49:
64:12:cc:8e:0b:27:0a:f0:b3:6e:f8:c9:91:06:34:98:9e:07:
de:b7:ee:d1:38:fb:fa:d3:7b:16:63:00:c4:c5:7b:27:78:7b:
87:ab:1b:f8:88:d5:55:4b:14:2f:cd:fa:fe:45:12:0f:65:67:
54:a3:9b:be:c4:35:b4:30:5a:da:aa:1b:e3:c3:07:70:7e:08:
8a:d6:ad:6e:34:a5:f4:4d:10:fc:b4:c0:e0:c0:f4:95:2b:7d:
89:5a:33:b5:69:3a:b9:06:35:41:40:51:fc:c6:d0:fd:d9:76:
25:de:c0:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0i7xoM7+jf0nKRf81GzduaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE5MTgxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA2YThhMGY4MThjMDllNDZiMDFhYjgyOTU2MzliOTM2ZjI3YTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoElcsdiLI3NEEO5JEjE8Z0zGGKc5
S0u4zdGM25XGAiPLqj64vTXYEbzAOpbQyGQtC+HISeHbNPHLN8ow86pLcWSxcLtL
YSUjeKx6zuAWfxiTytTV07t1UB1tNe/7Aop9CjS7H3m8cyDrh45ASX43dwaDUb7M
rgxfJve4sw5R37QKHsVET5gGjRbbGqqGeEwpMHllPqJM+1/gAc4QsZUUvorhtHBP
N9jmV7uxqyXU1abOTwgBQ7m5q1l3vYX+Zb25afjaKCrwEyb22CCOQYpfmzSNl816
4N60k7PYOD0WMmVssk6GEttw+Q6mbhZTfnk2Aldn2NMhWycK0rPZ+gpeDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG0GqKD4GMCeRrAauClWObk28nqTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYlFhb29QZ1l3SjVHc0JxNEtWWTV1VGJ5ZXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFoMFKourIh91sFZNCan
CT1Q9twuSFP6DMBFcdbo8mj2C92FNZeps5o+79rhUZCze0mQF0fTW36bx6xDcVrG
ItAY/ntVHawBRQR2gnKV6Wpyku9raZZjH7uJiNxuFF0STNRXC78O2Zudr2KMK2jL
9aMTayf6NUsNG++TG8sH/Aq9jUu+5HQ+Dot0P6+QblrPSWQSzI4LJwrws274yZEG
NJieB9637tE4+/rTexZjAMTFeyd4e4erG/iI1VVLFC/N+v5FEg9lZ1Sjm77ENbQw
WtqqG+PDB3B+CIrWrW40pfRNEPy0wODA9JUrfYlaM7VpOrkGNUFAUfzG0P3ZdiXe
wIQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:26 2025 by rpki-client