Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bhcR0-MMb7JD42AxRiv2GipMzGU.roa
File: bhcR0-MMb7JD42AxRiv2GipMzGU.roa (raw, json)
Hash identifier: DiLN3lj3/hfYXG9ggChJS4izUK3qVkKHZZ/mIdJdqrU=
Subject key identifier: 6E:17:11:D3:E3:0C:6F:B2:43:E3:60:31:46:2B:F6:1A:2A:4C:CC:65
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF2DB82080194F0249B01AB8655C69D26
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bhcR0-MMb7JD42AxRiv2GipMzGU.roa
Signing time: Thu 29 Feb 2024 03:14:48 +0000
ROA not before: Thu 29 Feb 2024 03:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f2:db:82:08:01:94:f0:24:9b:01:ab:86:55:c6:9d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 29 03:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e1711d3e30c6fb243e36031462bf61a2a4ccc65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6e:69:0b:d0:7d:65:e5:43:43:21:ef:60:43:
3c:ab:49:c1:67:f6:1b:6e:2e:4c:92:cf:0e:a7:3c:
14:c4:1e:96:36:63:72:69:40:5b:58:a4:f6:74:d0:
59:07:10:29:7a:13:7c:c6:5c:16:18:8a:53:e8:7c:
d6:4a:1e:8a:4c:33:f5:90:13:de:d7:a3:70:ae:cc:
42:3b:ae:64:42:82:76:3a:f3:64:81:d6:46:50:e1:
5a:ff:ea:8b:73:65:a4:90:09:0a:aa:3c:79:21:35:
4f:14:53:47:f1:a9:eb:2c:83:8f:d4:24:c7:ce:84:
67:12:88:b5:2d:be:13:25:7a:8b:98:12:c5:2c:02:
02:ef:77:aa:e7:08:3d:61:a8:29:b3:15:71:65:76:
96:fb:fe:22:d3:99:df:b7:9f:57:f5:f5:9d:c2:4a:
35:74:62:3f:70:0f:a2:16:48:01:e2:c2:b5:9e:77:
f9:72:7f:03:ad:7b:73:4a:bf:0b:15:f3:82:07:99:
d6:ef:09:4a:41:24:26:d2:14:73:d0:cd:85:c9:fe:
a2:d0:0c:dd:58:a5:31:b1:22:fd:46:5e:45:85:7c:
c0:ea:b0:50:a3:20:7a:ae:69:ca:ad:ac:5d:40:ae:
74:9e:6f:11:c5:c7:e0:8e:37:14:d1:56:52:21:ea:
26:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:17:11:D3:E3:0C:6F:B2:43:E3:60:31:46:2B:F6:1A:2A:4C:CC:65
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bhcR0-MMb7JD42AxRiv2GipMzGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:71:80:33:86:1c:50:5f:85:3b:19:cb:b0:d9:94:ff:5f:eb:
66:3d:1f:28:d3:53:0e:99:7f:61:75:da:5e:35:43:5b:9b:59:
5c:cd:0b:d2:42:47:2d:7f:ae:9b:c3:ed:b1:25:51:d4:34:63:
f0:e3:cc:b2:65:3b:92:11:76:87:fb:1f:b7:d7:d4:98:0a:3d:
a8:9e:81:fa:07:44:6d:2b:41:7d:56:92:20:17:10:36:d3:0e:
be:1e:ff:f8:cc:c0:32:bd:09:26:01:e6:eb:1b:aa:d8:e1:26:
ef:68:4c:f0:b2:ed:07:24:b1:06:7a:ca:29:01:fc:6f:ff:fa:
63:b6:4f:7b:bc:64:91:70:a0:f1:ec:de:61:d2:a4:63:66:eb:
4d:aa:dc:b1:80:df:8d:7c:8d:68:0c:a3:2f:d0:d9:f9:53:60:
fe:a1:31:42:f6:6e:32:cb:91:b6:d2:01:47:00:4d:24:6c:5d:
89:b0:2f:13:ec:f6:d5:ba:78:f5:8a:f0:48:bf:62:3a:64:6d:
a7:36:d6:47:90:82:7f:e9:7a:77:7b:ab:23:51:d6:3a:3f:b3:
ed:82:f3:10:86:9e:cc:85:c4:49:15:2e:7f:e7:92:c9:73:b8:
9e:31:b8:0d:72:1f:dd:a8:b9:30:2f:a6:4c:95:b9:20:2a:95:
a1:8d:27:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3y24IIAZTwJJsBq4ZVxp0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI5MDMxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE3MTFkM2UzMGM2ZmIyNDNlMzYwMzE0NjJiZjYxYTJhNGNjYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1m5pC9B9ZeVDQyHvYEM8q0nBZ/Yb
bi5Mks8OpzwUxB6WNmNyaUBbWKT2dNBZBxApehN8xlwWGIpT6HzWSh6KTDP1kBPe
16NwrsxCO65kQoJ2OvNkgdZGUOFa/+qLc2WkkAkKqjx5ITVPFFNH8anrLIOP1CTH
zoRnEoi1Lb4TJXqLmBLFLAIC73eq5wg9YagpsxVxZXaW+/4i05nft59X9fWdwko1
dGI/cA+iFkgB4sK1nnf5cn8DrXtzSr8LFfOCB5nW7wlKQSQm0hRz0M2Fyf6i0Azd
WKUxsSL9Rl5FhXzA6rBQoyB6rmnKraxdQK50nm8RxcfgjjcU0VZSIeomPQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG4XEdPjDG+yQ+NgMUYr9hoqTMxlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYmhjUjAtTU1iN0pENDJBeFJpdjJHaXBNekdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH1xgDOGHFBfhTsZy7DZ
lP9f62Y9HyjTUw6Zf2F12l41Q1ubWVzNC9JCRy1/rpvD7bElUdQ0Y/DjzLJlO5IR
dof7H7fX1JgKPaiegfoHRG0rQX1WkiAXEDbTDr4e//jMwDK9CSYB5usbqtjhJu9o
TPCy7QcksQZ6yikB/G//+mO2T3u8ZJFwoPHs3mHSpGNm602q3LGA3418jWgMoy/Q
2flTYP6hMUL2bjLLkbbSAUcATSRsXYmwLxPs9tW6ePWK8Ei/Yjpkbac21keQgn/p
end7qyNR1jo/s+2C8xCGnsyFxEkVLn/nkslzuJ4xuA1yH92ouTAvpkyVuSAqlaGN
J+A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org