Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bto_3KMS5rSX0gDB6KGrtP8Fmz0.roa
File: bto_3KMS5rSX0gDB6KGrtP8Fmz0.roa (raw, json)
Hash identifier: xsUvhv8/kBLJJB39Dk3uoous4Vttee18FpD5JgkAL3U=
Subject key identifier: 6E:DA:3F:DC:A3:12:E6:B4:97:D2:00:C1:E8:A1:AB:B4:FF:05:9B:3D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBFFB2A81DBA08464326AAC803DBCDF6A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bto_3KMS5rSX0gDB6KGrtP8Fmz0.roa
Signing time: Mon 08 Apr 2024 23:11:32 +0000
ROA not before: Mon 08 Apr 2024 23:11:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bf:fb:2a:81:db:a0:84:64:32:6a:ac:80:3d:bc:df:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 8 23:11:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6eda3fdca312e6b497d200c1e8a1abb4ff059b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:93:6e:b1:5b:d5:79:9d:9d:6b:40:6c:67:0e:
1e:8d:b0:92:f4:a5:7a:e0:1b:3c:96:b6:37:bb:96:
9b:b2:13:27:8d:3a:d9:06:02:01:77:c2:41:58:a9:
da:68:35:79:a3:63:05:52:2d:5d:87:bc:d4:01:a0:
d1:51:ed:8e:7d:82:68:b9:1d:e0:a9:5c:ec:4c:9b:
c0:68:dc:05:b5:78:8b:91:f8:6e:20:25:11:7e:44:
98:c1:23:b5:16:91:bf:fa:5a:19:9d:9a:21:b2:a5:
57:1b:f8:17:20:d8:b4:38:fb:45:74:af:3f:43:0f:
84:d2:c3:6d:ac:29:24:25:53:03:be:b3:06:9f:2d:
c7:55:86:41:54:03:65:6a:b8:57:8c:27:1d:50:42:
a3:bf:8c:40:08:9d:b5:0a:cc:27:fe:12:91:80:e4:
79:3d:32:cb:5a:6f:33:15:30:dd:cf:42:d9:4a:7e:
ab:88:f2:f3:30:00:b3:ac:9f:e0:92:4a:52:93:9f:
f1:49:3a:18:0f:68:0f:fd:bd:f5:ba:69:d7:dc:b3:
01:1c:9f:f8:5f:7d:7b:86:2d:4b:01:97:bb:0f:13:
43:c0:f7:55:4c:c8:0a:94:b4:a2:99:e7:f2:40:d8:
4b:37:ad:e1:30:68:52:82:3e:36:20:b8:b7:33:c1:
73:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:DA:3F:DC:A3:12:E6:B4:97:D2:00:C1:E8:A1:AB:B4:FF:05:9B:3D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bto_3KMS5rSX0gDB6KGrtP8Fmz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:d3:34:6e:10:9e:e8:06:70:d6:4c:56:29:cb:d3:66:04:00:
d4:6e:1d:b9:3b:dd:92:c5:03:3b:c8:d1:2b:7b:f7:fc:bf:c5:
2d:45:6c:4e:3f:f3:2a:97:c8:41:55:18:c6:a3:b4:ef:f0:bd:
52:88:f4:e7:3b:3a:56:f1:e1:46:e2:17:bf:3d:47:6c:15:84:
7a:f2:03:ea:d6:4c:88:30:71:39:34:dd:fe:03:74:78:42:a2:
22:a0:d7:11:06:8c:f3:ca:24:67:bb:65:53:22:56:ab:b2:ef:
a7:b8:57:bb:fb:d0:05:e2:f0:1f:7a:5a:02:a8:a4:1e:9f:0a:
39:0a:a2:08:c9:6b:93:1f:ed:ef:e2:8d:c5:20:7c:f3:a2:69:
63:6f:30:75:40:3e:84:3e:4e:cd:77:fb:35:36:43:4f:bb:d9:
b6:90:28:27:72:7c:e1:e0:95:06:d0:05:2b:bb:87:54:02:3a:
d5:4d:5a:97:1e:29:69:b2:0c:35:8b:64:75:ef:c2:5a:c0:74:
06:eb:00:b3:83:3c:ef:22:4a:79:9c:c7:51:a1:d3:0b:55:84:
f2:26:35:6c:ed:9b:31:bc:50:c8:67:c1:36:d6:d2:15:0a:a6:
fb:10:98:a0:d1:86:6c:fc:bd:96:aa:bb:77:52:9c:b9:f4:2d:
4b:42:1e:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6/+yqB26CEZDJqrIA9vN9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA4MjMxMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRhM2ZkY2EzMTJlNmI0OTdkMjAwYzFlOGExYWJiNGZmMDU5YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJNusVvVeZ2da0BsZw4ejbCS9KV6
4Bs8lrY3u5abshMnjTrZBgIBd8JBWKnaaDV5o2MFUi1dh7zUAaDRUe2OfYJouR3g
qVzsTJvAaNwFtXiLkfhuICURfkSYwSO1FpG/+loZnZohsqVXG/gXINi0OPtFdK8/
Qw+E0sNtrCkkJVMDvrMGny3HVYZBVANlarhXjCcdUEKjv4xACJ21Cswn/hKRgOR5
PTLLWm8zFTDdz0LZSn6riPLzMACzrJ/gkkpSk5/xSToYD2gP/b31umnX3LMBHJ/4
X317hi1LAZe7DxNDwPdVTMgKlLSimefyQNhLN63hMGhSgj42ILi3M8FzcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG7aP9yjEua0l9IAweihq7T/BZs9MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYnRvXzNLTVM1clNYMGdEQjZLR3J0UDhGbXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ7TNG4QnugGcNZMVinL
02YEANRuHbk73ZLFAzvI0St79/y/xS1FbE4/8yqXyEFVGMajtO/wvVKI9Oc7Olbx
4UbiF789R2wVhHryA+rWTIgwcTk03f4DdHhCoiKg1xEGjPPKJGe7ZVMiVquy76e4
V7v70AXi8B96WgKopB6fCjkKogjJa5Mf7e/ijcUgfPOiaWNvMHVAPoQ+Ts13+zU2
Q0+72baQKCdyfOHglQbQBSu7h1QCOtVNWpceKWmyDDWLZHXvwlrAdAbrALODPO8i
Snmcx1Gh0wtVhPImNWztmzG8UMhnwTbW0hUKpvsQmKDRhmz8vZaqu3dSnLn0LUtC
Hv4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org