Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bZIaLg4BSKxihny4wD3ezTAvHCM.roa
File: bZIaLg4BSKxihny4wD3ezTAvHCM.roa (raw, json)
Hash identifier: 0tKbdxDrZoN5o81tyX9wXA4NKccbKgHSM5/335Ng7fw=
Subject key identifier: 6D:92:1A:2E:0E:01:48:AC:62:86:7C:B8:C0:3D:DE:CD:30:2F:1C:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDD9508BF2C659E49DD3D39DEF40A9E19
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bZIaLg4BSKxihny4wD3ezTAvHCM.roa
Signing time: Sun 25 Feb 2024 00:05:48 +0000
ROA not before: Sun 25 Feb 2024 00:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:dd94:2c14/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:dd:95:08:bf:2c:65:9e:49:dd:3d:39:de:f4:0a:9e:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 00:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d921a2e0e0148ac62867cb8c03ddecd302f1c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6e:83:1c:99:b2:2d:37:c3:e3:90:82:23:a2:
c6:72:8e:37:f4:36:2f:c1:ed:a2:f3:5b:a8:6b:b4:
3d:b5:52:2a:4d:ea:b3:26:49:ce:02:1e:e5:76:d9:
f0:9e:2b:86:a5:5f:5e:af:24:df:d0:b0:06:15:3d:
0d:11:76:33:ab:fa:8f:90:c8:3b:00:3f:d1:50:99:
a5:8c:7f:32:5d:d1:20:d2:10:26:71:a0:6f:d8:03:
bc:9d:40:6f:06:4a:04:be:30:91:51:b5:e4:d1:81:
b4:ea:c7:d8:0b:d7:82:4d:28:cb:d0:91:99:21:1b:
01:32:fa:e0:56:b8:b6:c1:f8:e0:08:ca:6d:9a:c5:
8d:18:2a:3f:35:c3:90:a4:5a:94:97:7c:59:e9:48:
a7:4d:a9:c0:ef:a8:0e:e6:94:f5:55:ae:b7:ec:7d:
87:74:86:95:6a:13:60:3e:63:5f:05:49:d1:85:41:
3f:b0:83:ab:8c:b7:03:8f:6a:cc:cf:07:c5:e7:ce:
6c:d6:b5:3c:04:dc:2f:d0:b7:96:a3:fe:7f:40:93:
b0:99:da:30:9c:0d:16:64:9f:37:05:ba:ac:9a:e2:
ba:4f:14:dd:69:58:1b:87:0b:bf:20:c7:28:85:40:
53:0b:95:f0:0e:d9:6f:10:11:7f:52:64:24:8c:4e:
dd:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:92:1A:2E:0E:01:48:AC:62:86:7C:B8:C0:3D:DE:CD:30:2F:1C:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bZIaLg4BSKxihny4wD3ezTAvHCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:42:24:6f:42:98:89:39:86:cb:35:e4:af:8b:17:aa:01:ac:
99:35:33:81:7a:fe:3f:60:9f:29:8f:6e:26:d2:f1:7a:58:05:
f2:17:52:18:33:2e:e2:f4:02:31:70:99:69:8c:dd:e4:ab:6d:
c4:26:44:04:d7:95:6b:40:e2:9c:fe:67:4c:35:21:7c:19:2f:
95:5f:06:fd:f9:7e:31:b7:7c:e9:b0:82:b4:3b:9e:e6:74:23:
61:9d:f6:e0:dc:b3:81:34:cc:00:d5:97:d1:71:4b:65:b1:f4:
70:4e:84:92:c5:de:e2:23:82:3a:5a:2a:f2:78:f5:ed:59:a2:
22:f5:22:18:9b:90:4b:ec:40:09:fa:48:d4:a7:aa:24:d4:f4:
0b:89:47:fd:07:b0:85:ba:46:22:aa:00:ec:4d:f6:e1:bc:be:
49:06:b3:92:c4:92:2d:63:b9:3e:e7:f1:a3:da:59:b7:13:d2:
3f:9f:0f:12:8d:0b:ad:d0:cd:9d:53:39:1c:72:c2:f6:59:fe:
33:6b:5d:87:1a:14:a3:04:1b:b5:02:83:f0:fe:94:cd:78:1a:
10:b1:bc:2d:55:dc:cc:e5:33:1a:9f:43:2c:b9:bc:96:87:1f:
ac:d8:90:b3:0e:c6:81:19:9c:01:57:44:78:c6:ff:12:1b:3c:
40:81:96:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3dlQi/LGWeSd09Od70Cp4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MDAwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDkyMWEyZTBlMDE0OGFjNjI4NjdjYjhjMDNkZGVjZDMwMmYxYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm6DHJmyLTfD45CCI6LGco439DYv
we2i81uoa7Q9tVIqTeqzJknOAh7ldtnwniuGpV9eryTf0LAGFT0NEXYzq/qPkMg7
AD/RUJmljH8yXdEg0hAmcaBv2AO8nUBvBkoEvjCRUbXk0YG06sfYC9eCTSjL0JGZ
IRsBMvrgVri2wfjgCMptmsWNGCo/NcOQpFqUl3xZ6UinTanA76gO5pT1Va637H2H
dIaVahNgPmNfBUnRhUE/sIOrjLcDj2rMzwfF585s1rU8BNwv0LeWo/5/QJOwmdow
nA0WZJ83BbqsmuK6TxTdaVgbhwu/IMcohUBTC5XwDtlvEBF/UmQkjE7dUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG2SGi4OAUisYoZ8uMA93s0wLxwjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYlpJYUxnNEJTS3hpaG55NHdEM2V6VEF2SENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZCJG9CmIk5hss15K+L
F6oBrJk1M4F6/j9gnymPbibS8XpYBfIXUhgzLuL0AjFwmWmM3eSrbcQmRATXlWtA
4pz+Z0w1IXwZL5VfBv35fjG3fOmwgrQ7nuZ0I2Gd9uDcs4E0zADVl9FxS2Wx9HBO
hJLF3uIjgjpaKvJ49e1ZoiL1IhibkEvsQAn6SNSnqiTU9AuJR/0HsIW6RiKqAOxN
9uG8vkkGs5LEki1juT7n8aPaWbcT0j+fDxKNC63QzZ1TORxywvZZ/jNrXYcaFKME
G7UCg/D+lM14GhCxvC1V3MzlMxqfQyy5vJaHH6zYkLMOxoEZnAFXRHjG/xIbPECB
lq8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:53:56 2025 by rpki-client