Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bdU8PRBrVL97SBAKWxW_XbNkJzg.roa
File: bdU8PRBrVL97SBAKWxW_XbNkJzg.roa (raw, json)
Hash identifier: a1PVijTfKySl9dq1SNwEA1m3bD8+ShlyBLOf5s7ZsKI=
Subject key identifier: 6D:D5:3C:3D:10:6B:54:BF:7B:48:10:0A:5B:15:BF:5D:B3:64:27:38
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC527F0EA03F2C0B1981BCFD396E31636
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bdU8PRBrVL97SBAKWxW_XbNkJzg.roa
Signing time: Mon 01 Jan 2024 13:12:58 +0000
ROA not before: Mon 01 Jan 2024 13:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:27:f0:ea:03:f2:c0:b1:98:1b:cf:d3:96:e3:16:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 1 13:12:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6dd53c3d106b54bf7b48100a5b15bf5db3642738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c6:b1:15:65:60:d5:b1:df:48:97:95:5f:88:
e1:ef:30:44:16:29:ea:87:c1:0c:90:ae:3c:31:aa:
03:5b:8d:11:82:d2:9b:be:7c:a3:d3:b0:5a:92:df:
d2:5d:72:0b:b5:68:a5:2b:f9:10:29:15:51:b6:41:
c5:4e:e0:02:4d:68:8b:f4:75:70:d5:e2:2c:a6:a4:
d5:27:86:c8:bf:a5:d3:93:c6:70:13:9a:db:b3:18:
ad:eb:c0:7a:5f:6b:cf:94:e0:d1:b0:d2:32:0e:4d:
a8:67:1d:af:31:df:5f:de:55:1f:f7:ef:f7:ba:f9:
03:90:61:b5:a8:6b:4c:f7:1c:98:f7:e6:31:28:4c:
93:5b:59:7d:6e:f4:57:bb:04:0c:ac:b7:77:f3:ef:
35:ef:6c:14:d1:4a:a7:e1:01:f4:df:8d:1d:32:76:
a6:fc:29:20:73:e0:b3:0b:4a:7c:8f:8a:32:39:67:
e1:50:65:37:3c:d5:59:db:50:dd:da:f2:d4:e6:ff:
91:5f:af:0a:ff:e9:f9:bb:6b:78:ed:58:07:a4:27:
ee:6a:c2:c4:f9:c2:3b:ab:54:a1:ce:6a:c2:a6:74:
0d:a0:2f:d7:8f:c7:8d:5f:00:ff:a9:c7:9a:b6:7a:
0a:49:0d:92:15:39:7d:f1:54:f1:8a:81:0b:43:58:
82:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:D5:3C:3D:10:6B:54:BF:7B:48:10:0A:5B:15:BF:5D:B3:64:27:38
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bdU8PRBrVL97SBAKWxW_XbNkJzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
62:13:8a:54:8d:0f:f3:f8:51:28:5e:e6:80:d6:69:db:b2:ee:
68:f6:91:49:26:49:93:af:96:a7:00:59:bc:66:bd:9d:51:3a:
e7:28:38:54:d6:9c:76:9d:44:1e:93:e4:83:1c:1b:01:4f:c2:
2c:56:b1:e9:20:91:4e:a3:26:62:6b:a9:4b:8e:e8:f6:4a:d9:
09:78:91:68:9a:24:c9:9c:17:1e:0b:d0:5d:fe:f0:5e:b5:86:
5e:aa:b7:fa:2d:ee:2e:20:38:76:c4:65:ed:73:9c:dc:84:ca:
5a:1c:a0:a3:58:c5:20:d8:7e:11:fb:52:e9:19:47:80:43:56:
59:1b:69:ea:1e:2e:0c:cd:14:c9:9f:b0:66:59:86:92:0b:b3:
4b:6e:1e:e8:e7:7b:de:cf:bb:1a:15:1f:64:e4:81:1e:d7:d0:
b1:d8:f5:98:4d:7a:80:3e:cb:e7:5b:14:d8:f0:0e:a0:5d:c4:
b4:e5:02:44:a7:32:23:80:3f:bf:c5:59:5c:ae:10:81:39:ba:
c4:9f:52:48:9a:3b:ce:2a:7d:5c:82:35:75:4c:c0:96:dc:17:
9b:6a:4d:2f:3a:18:eb:d2:88:63:4e:21:a1:2c:6c:ae:de:08:
38:e0:92:11:d4:78:66:66:2a:c9:af:b3:a2:24:18:99:bd:3f:
e9:80:3a:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFJ/DqA/LAsZgbz9OW4xY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAxMTMxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGQ1M2MzZDEwNmI1NGJmN2I0ODEwMGE1YjE1YmY1ZGIzNjQyNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsaxFWVg1bHfSJeVX4jh7zBEFinq
h8EMkK48MaoDW40RgtKbvnyj07Bakt/SXXILtWilK/kQKRVRtkHFTuACTWiL9HVw
1eIspqTVJ4bIv6XTk8ZwE5rbsxit68B6X2vPlODRsNIyDk2oZx2vMd9f3lUf9+/3
uvkDkGG1qGtM9xyY9+YxKEyTW1l9bvRXuwQMrLd38+8172wU0Uqn4QH0340dMnam
/Ckgc+CzC0p8j4oyOWfhUGU3PNVZ21Dd2vLU5v+RX68K/+n5u2t47VgHpCfuasLE
+cI7q1ShzmrCpnQNoC/Xj8eNXwD/qceatnoKSQ2SFTl98VTxioELQ1iCJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG3VPD0Qa1S/e0gQClsVv12zZCc4MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYmRVOFBSQnJWTDk3U0JBS1d4V19YYk5rSnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGITilSND/P4UShe5oDW
aduy7mj2kUkmSZOvlqcAWbxmvZ1ROucoOFTWnHadRB6T5IMcGwFPwixWsekgkU6j
JmJrqUuO6PZK2Ql4kWiaJMmcFx4L0F3+8F61hl6qt/ot7i4gOHbEZe1znNyEyloc
oKNYxSDYfhH7UukZR4BDVlkbaeoeLgzNFMmfsGZZhpILs0tuHujne97PuxoVH2Tk
gR7X0LHY9ZhNeoA+y+dbFNjwDqBdxLTlAkSnMiOAP7/FWVyuEIE5usSfUkiaO84q
fVyCNXVMwJbcF5tqTS86GOvSiGNOIaEsbK7eCDjgkhHUeGZmKsmvs6IkGJm9P+mA
Olg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:33 2025 by rpki-client