Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BQIRbMfJ1yES7ooinErnoSIj7rE.roa
File: BQIRbMfJ1yES7ooinErnoSIj7rE.roa (raw, json)
Hash identifier: D0NdGbxnya0yMPW9nv2QtIe8V4f+ZBMKEhSDp3fuRvo=
Subject key identifier: 05:02:11:6C:C7:C9:D7:21:12:EE:8A:22:9C:4A:E7:A1:22:23:EE:B1
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 019081B8ED055A2D16004EE6A69F9B8ED3D2
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BQIRbMfJ1yES7ooinErnoSIj7rE.roa
Signing time: Fri 05 Jul 2024 07:08:18 +0000
ROA not before: Fri 05 Jul 2024 07:08:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:81:b8:ed:05:5a:2d:16:00:4e:e6:a6:9f:9b:8e:d3:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 5 07:08:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0502116cc7c9d72112ee8a229c4ae7a12223eeb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:40:ba:35:66:87:2e:2c:5e:d1:88:22:98:89:
76:30:0a:b5:f5:0b:34:05:d2:3f:73:a8:7c:04:e8:
59:1e:c7:35:a4:4c:87:a2:c9:b4:14:11:a9:e1:39:
b7:e7:5a:15:7a:8d:51:bf:43:25:88:ef:ba:59:42:
8a:95:7b:06:a7:27:f3:da:d2:75:44:c4:e3:61:8d:
a6:17:f6:e7:ae:d8:40:15:d7:71:58:c3:f7:3f:bf:
94:a3:b9:8e:e0:98:60:67:78:b6:c5:af:da:66:fd:
2a:50:22:c7:e6:33:9a:6b:a8:b4:27:f3:be:87:fc:
9d:43:bb:7c:cf:27:f7:d9:78:1d:fb:86:31:9c:2f:
90:73:35:35:b0:70:7e:07:ea:c5:bf:80:b7:c7:a8:
83:65:9f:80:a3:70:e5:a6:c2:ac:b2:d4:3b:b6:48:
d5:2c:f6:97:2a:9c:80:4a:60:ec:80:ac:61:5f:71:
9a:72:80:07:5a:7e:22:76:8e:2e:9b:8a:33:9d:f5:
12:d4:09:5d:8f:3a:c3:ea:18:8b:b7:79:58:9d:67:
61:f6:1d:cd:8c:c1:f4:04:2a:b5:21:04:1f:b3:e0:
ec:d9:07:9a:9b:f4:06:2a:34:2a:95:4d:56:06:50:
6f:dd:dd:78:e0:bc:89:84:b3:d9:d4:03:42:a0:1f:
36:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:02:11:6C:C7:C9:D7:21:12:EE:8A:22:9C:4A:E7:A1:22:23:EE:B1
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/BQIRbMfJ1yES7ooinErnoSIj7rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
61:9b:be:40:59:5a:21:a0:13:f4:c5:96:82:98:f5:56:2a:9d:
43:e8:f4:da:62:f2:38:db:e3:c1:ad:cc:37:46:14:68:db:4f:
28:38:bb:a6:17:cb:39:31:ba:70:29:38:57:56:5a:06:ea:04:
51:77:a2:d3:9f:18:40:8c:1e:8c:f0:ca:0d:26:49:58:9e:1b:
dc:a8:62:f7:94:ef:fe:e9:b3:8c:54:f9:f6:e4:ed:9e:7b:1b:
ac:79:2a:d5:2a:b8:a4:f4:d8:d6:8d:55:c7:a8:5b:48:92:ac:
43:4a:a5:55:a6:98:2f:42:3a:dd:a8:50:ac:1e:ad:1d:6b:ef:
59:e1:22:e9:9c:72:bc:d2:dd:1d:d8:04:12:f3:ea:5a:87:97:
9b:2f:6a:48:5b:ce:8e:24:ee:3c:3a:d9:d7:5a:8a:4d:ea:bc:
a5:f3:31:2f:29:38:04:bc:7c:84:56:d4:97:be:4b:a6:0a:61:
7f:30:e2:29:9b:56:2c:76:23:2a:dc:27:81:d5:32:89:25:1d:
43:04:46:c6:23:48:7b:2c:fa:e5:08:fc:f6:29:bd:03:cd:24:
61:77:07:93:c3:51:59:48:76:df:be:66:2b:d5:17:96:b2:45:
37:1f:87:e1:13:57:1d:a0:b3:7c:9f:08:40:ab:91:41:d2:7f:
93:42:0c:1a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZCBuO0FWi0WAE7mpp+bjtPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzA1MDcwODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTAyMTE2Y2M3YzlkNzIxMTJlZThhMjI5YzRhZTdhMTIyMjNlZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UC6NWaHLixe0YgimIl2MAq19Qs0
BdI/c6h8BOhZHsc1pEyHosm0FBGp4Tm351oVeo1Rv0MliO+6WUKKlXsGpyfz2tJ1
RMTjYY2mF/bnrthAFddxWMP3P7+Uo7mO4JhgZ3i2xa/aZv0qUCLH5jOaa6i0J/O+
h/ydQ7t8zyf32Xgd+4YxnC+QczU1sHB+B+rFv4C3x6iDZZ+Ao3DlpsKsstQ7tkjV
LPaXKpyASmDsgKxhX3GacoAHWn4ido4um4oznfUS1AldjzrD6hiLt3lYnWdh9h3N
jMH0BCq1IQQfs+Ds2Qeam/QGKjQqlU1WBlBv3d144LyJhLPZ1ANCoB82twIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAUCEWzHydchEu6KIpxK56EiI+6xMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvQlFJUmJNZkoxeUVTN29vaW5Fcm5vU0lqN3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGGbvkBZWiGgE/TFloKY
9VYqnUPo9Npi8jjb48GtzDdGFGjbTyg4u6YXyzkxunApOFdWWgbqBFF3otOfGECM
Hozwyg0mSVieG9yoYveU7/7ps4xU+fbk7Z57G6x5KtUquKT02NaNVceoW0iSrENK
pVWmmC9COt2oUKwerR1r71nhIumccrzS3R3YBBLz6lqHl5svakhbzo4k7jw62dda
ik3qvKXzMS8pOAS8fIRW1Je+S6YKYX8w4imbVix2IyrcJ4HVMoklHUMERsYjSHss
+uUI/PYpvQPNJGF3B5PDUVlIdt++ZivVF5ayRTcfh+ETVx2gs3yfCECrkUHSf5NC
DBo=
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:30:26 2025 by rpki-client