Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bu9VNerWrGkj2qjuYQCaUCuJhS8.roa
File: bu9VNerWrGkj2qjuYQCaUCuJhS8.roa (raw, json)
Hash identifier: DqZXmNzPZLPmDjNboqbRyrYy0Ju0fiNzLg39Ut3OPSg=
Subject key identifier: 6E:EF:55:35:EA:D6:AC:69:23:DA:A8:EE:61:00:9A:50:2B:89:85:2F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E344475D55E38CE5F10A86B2A8617D2B6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bu9VNerWrGkj2qjuYQCaUCuJhS8.roa
Signing time: Tue 12 Mar 2024 20:04:45 +0000
ROA not before: Tue 12 Mar 2024 20:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:3444:c62/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:34:44:75:d5:5e:38:ce:5f:10:a8:6b:2a:86:17:d2:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 12 20:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6eef5535ead6ac6923daa8ee61009a502b89852f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cf:7d:1a:be:db:41:a6:27:5f:5c:2e:35:7c:
a8:12:69:f4:98:32:67:78:1c:1d:04:13:5a:39:85:
ed:d2:be:b5:1d:12:fe:91:b4:8f:31:bc:5b:ea:55:
37:4d:b5:0b:7a:12:a7:13:3f:14:81:85:9f:c4:ee:
ba:ff:16:34:40:11:72:56:54:45:47:17:1f:5e:94:
47:34:56:00:66:1d:9c:e3:34:d2:a1:1f:9a:74:b5:
63:91:16:a9:82:be:50:ae:f1:65:ce:3b:e8:f9:8c:
e8:3a:ac:f5:eb:df:ab:55:1a:79:59:47:66:4b:8e:
ed:ad:96:d7:89:f4:bd:18:de:0e:21:13:44:f4:f0:
71:ae:a9:33:ca:f2:91:25:31:db:df:15:21:e6:a7:
22:05:80:fd:8f:1f:20:8e:08:80:85:a2:36:0d:19:
f2:17:a9:a4:6f:91:0a:88:f2:47:0e:c6:c4:a3:dc:
3b:fa:fc:11:f0:f4:eb:5f:8c:0d:49:05:da:4d:b2:
4b:01:c8:5f:f4:43:b3:c9:33:5e:d5:ca:76:04:9b:
1b:cf:e4:22:6a:a8:c4:31:f1:2f:7a:d4:b5:fd:9f:
4b:87:66:fe:a3:f7:f9:6e:90:18:fb:45:b0:1f:98:
d8:ab:18:a6:b7:09:7f:43:76:25:6b:dc:78:f2:87:
73:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:EF:55:35:EA:D6:AC:69:23:DA:A8:EE:61:00:9A:50:2B:89:85:2F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bu9VNerWrGkj2qjuYQCaUCuJhS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9e:e3:7d:f6:cc:97:e5:1d:6a:1f:db:e5:12:fb:3d:f0:47:25:
56:34:82:de:e6:96:8a:44:43:43:0f:33:30:db:2b:d0:97:f9:
07:f3:cc:75:8c:2d:e1:58:c7:59:0b:a7:17:fc:de:10:3d:ed:
c6:09:2f:99:60:66:72:8c:76:7e:fe:cd:9f:3c:87:cf:e5:a9:
4e:b0:96:16:63:f2:04:b9:1d:50:65:fc:85:f1:39:5c:c7:4a:
43:e5:e1:80:d1:a4:4c:92:92:e7:d2:64:a4:f5:aa:f3:27:3b:
eb:40:48:68:c6:28:d3:b0:e8:77:22:c2:8d:4a:d1:ef:a3:a8:
be:b5:9a:07:59:c5:4f:a9:2f:c9:b9:0c:1d:dd:a4:23:bd:1a:
9b:ef:0c:1d:13:0e:25:94:59:ea:f0:27:6f:08:13:75:0d:cf:
e4:1f:f4:d5:a5:1d:09:52:d8:9b:da:30:f4:a9:77:78:03:18:
02:e6:2a:7e:c1:cb:cd:e2:19:dd:52:ff:9c:d9:55:9d:24:e1:
76:b9:91:74:65:f6:cc:30:f8:c5:d7:bb:77:1d:81:3e:2a:42:
3e:57:c6:12:75:13:24:44:4f:2e:85:ce:7c:4b:c7:95:f0:aa:
49:d6:5b:d3:52:ee:da:4a:51:8c:fa:6c:63:28:ab:73:11:18:
e9:c1:5f:b4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY40RHXVXjjOXxCoayqGF9K2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEyMjAwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWVmNTUzNWVhZDZhYzY5MjNkYWE4ZWU2MTAwOWE1MDJiODk4NTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlc99Gr7bQaYnX1wuNXyoEmn0mDJn
eBwdBBNaOYXt0r61HRL+kbSPMbxb6lU3TbULehKnEz8UgYWfxO66/xY0QBFyVlRF
RxcfXpRHNFYAZh2c4zTSoR+adLVjkRapgr5QrvFlzjvo+YzoOqz169+rVRp5WUdm
S47trZbXifS9GN4OIRNE9PBxrqkzyvKRJTHb3xUh5qciBYD9jx8gjgiAhaI2DRny
F6mkb5EKiPJHDsbEo9w7+vwR8PTrX4wNSQXaTbJLAchf9EOzyTNe1cp2BJsbz+Qi
aqjEMfEvetS1/Z9Lh2b+o/f5bpAY+0WwH5jYqximtwl/Q3Yla9x48odzGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG7vVTXq1qxpI9qo7mEAmlAriYUvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYnU5Vk5lcldyR2tqMnFqdVlRQ2FVQ3VKaFM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ7jffbMl+Udah/b5RL7
PfBHJVY0gt7mlopEQ0MPMzDbK9CX+QfzzHWMLeFYx1kLpxf83hA97cYJL5lgZnKM
dn7+zZ88h8/lqU6wlhZj8gS5HVBl/IXxOVzHSkPl4YDRpEySkufSZKT1qvMnO+tA
SGjGKNOw6Hciwo1K0e+jqL61mgdZxU+pL8m5DB3dpCO9GpvvDB0TDiWUWerwJ28I
E3UNz+Qf9NWlHQlS2JvaMPSpd3gDGALmKn7By83iGd1S/5zZVZ0k4Xa5kXRl9sww
+MXXu3cdgT4qQj5XxhJ1EyRETy6FznxLx5XwqknWW9NS7tpKUYz6bGMoq3MRGOnB
X7Q=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:34:28 2025 by rpki-client