Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pBK-6eyFwDBkvHT0q93z2-t4l6I.roa
File: pBK-6eyFwDBkvHT0q93z2-t4l6I.roa (raw, json)
Hash identifier: RmHFkVdEe+TL0AUVk34+POUgZFqItK4GFlUE3kICDtU=
Subject key identifier: A4:12:BE:E9:EC:85:C0:30:64:BC:74:F4:AB:DD:F3:DB:EB:78:97:A2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C98F405B3638E7FF55C95DBA0A8ED0F33
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pBK-6eyFwDBkvHT0q93z2-t4l6I.roa
Signing time: Sat 23 Dec 2023 23:12:58 +0000
ROA not before: Sat 23 Dec 2023 23:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:98:f4:05:b3:63:8e:7f:f5:5c:95:db:a0:a8:ed:0f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 23:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a412bee9ec85c03064bc74f4abddf3dbeb7897a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:eb:78:40:50:0f:c7:84:ec:22:f9:9c:14:18:
de:69:8a:95:b9:52:e4:e4:13:04:d6:41:00:06:ee:
89:1a:79:ac:0b:15:a4:5a:ed:e6:34:98:0d:a5:72:
73:87:75:ee:1f:62:eb:a4:e2:db:03:e1:b3:9d:c2:
e3:b0:f7:c6:28:0c:1f:a5:b3:64:2c:45:0b:e3:dc:
70:23:71:67:e4:6d:b0:f5:48:a5:69:e5:ea:32:15:
c0:ef:3c:70:64:ad:a4:f1:c2:3f:73:cf:25:d6:7c:
b7:17:ae:df:0a:35:b6:b7:e6:9d:80:b0:a7:e3:e7:
d0:d3:00:a1:6a:80:89:96:eb:87:6c:9e:73:d0:e9:
5e:7a:c0:6b:74:b4:dd:4f:73:84:b6:9d:3d:fd:1b:
32:ec:d8:fc:d7:ed:83:eb:53:03:ee:6e:7f:cf:94:
e4:ee:a5:93:50:e3:74:52:80:54:3b:48:b6:32:28:
c6:5f:26:b5:21:b9:fd:51:3b:3c:76:f6:be:04:68:
9a:4f:4e:4e:ee:5b:89:4d:d9:ff:3c:32:c7:c3:c3:
dd:83:5c:ce:67:c5:cb:74:e7:73:bd:83:50:4e:26:
54:68:52:91:8b:4d:b1:c8:bd:4a:d8:3a:7f:ad:1c:
9d:ef:ab:30:34:e6:79:74:45:39:7f:10:d0:aa:55:
4c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:12:BE:E9:EC:85:C0:30:64:BC:74:F4:AB:DD:F3:DB:EB:78:97:A2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pBK-6eyFwDBkvHT0q93z2-t4l6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:c6:da:7c:e6:a3:6a:9e:7b:2d:e2:e5:81:8b:4b:bf:e8:8d:
e8:83:64:a7:d3:d4:5f:ab:c3:6a:a0:7d:b8:94:7f:4c:2e:d8:
53:2b:d9:20:54:e5:87:c7:bd:3d:28:bb:83:6e:20:92:96:f9:
12:9d:eb:80:32:04:ca:6b:e0:24:db:9e:7e:c3:3f:52:fe:19:
46:7a:43:03:81:d1:2e:2d:07:b9:66:7b:c0:5f:a3:d6:f4:f3:
35:d6:f0:3f:b6:e2:38:e6:e3:20:2e:af:11:83:55:39:af:60:
be:10:77:85:37:aa:b1:c0:2c:56:f7:93:eb:82:5e:df:c4:4b:
0c:6a:7d:26:d0:b8:2b:f8:f6:13:73:f5:db:b1:43:43:1c:9e:
0f:f3:5c:2b:21:de:de:46:8a:f5:d5:38:67:b7:f0:4f:4b:59:
4a:85:af:51:7a:e7:35:fc:7f:87:22:60:bd:55:21:dd:69:75:
bb:6d:dc:fb:5a:a0:92:76:2b:a8:fd:9d:7d:8d:b5:8f:5b:0c:
04:19:8a:bd:07:ba:21:4c:df:7c:7e:38:77:5d:e1:52:03:d6:
e1:94:34:af:4c:5e:86:b3:ee:53:3f:89:c7:8f:59:a5:97:d0:
c5:c9:4d:c8:a2:0a:37:0b:63:b5:8c:7f:af:1a:65:8b:89:0a:
a5:0f:b3:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyY9AWzY45/9VyV26Co7Q8zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMjMxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDEyYmVlOWVjODVjMDMwNjRiYzc0ZjRhYmRkZjNkYmViNzg5N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtut4QFAPx4TsIvmcFBjeaYqVuVLk
5BME1kEABu6JGnmsCxWkWu3mNJgNpXJzh3XuH2LrpOLbA+GzncLjsPfGKAwfpbNk
LEUL49xwI3Fn5G2w9UilaeXqMhXA7zxwZK2k8cI/c88l1ny3F67fCjW2t+adgLCn
4+fQ0wChaoCJluuHbJ5z0OleesBrdLTdT3OEtp09/Rsy7Nj81+2D61MD7m5/z5Tk
7qWTUON0UoBUO0i2MijGXya1Ibn9UTs8dva+BGiaT05O7luJTdn/PDLHw8Pdg1zO
Z8XLdOdzvYNQTiZUaFKRi02xyL1K2Dp/rRyd76swNOZ5dEU5fxDQqlVMRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKQSvunshcAwZLx09Kvd89vreJeiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcEJLLTZleUZ3REJrdkhUMHE5M3oyLXQ0bDZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAATG2nzmo2qeey3i5YGL
S7/ojeiDZKfT1F+rw2qgfbiUf0wu2FMr2SBU5YfHvT0ou4NuIJKW+RKd64AyBMpr
4CTbnn7DP1L+GUZ6QwOB0S4tB7lme8Bfo9b08zXW8D+24jjm4yAurxGDVTmvYL4Q
d4U3qrHALFb3k+uCXt/ESwxqfSbQuCv49hNz9duxQ0Mcng/zXCsh3t5GivXVOGe3
8E9LWUqFr1F65zX8f4ciYL1VId1pdbtt3PtaoJJ2K6j9nX2NtY9bDAQZir0HuiFM
33x+OHdd4VID1uGUNK9MXoaz7lM/icePWaWX0MXJTciiCjcLY7WMf68aZYuJCqUP
s6M=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:13 2025 by rpki-client