Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/bgexzuaAHnhmSdlPbZg_zTjGswg.roa
File: bgexzuaAHnhmSdlPbZg_zTjGswg.roa (raw, json)
Hash identifier: 6tTcAFhljg2+dPAd75VbFqp3Qgeq/DjeG28Vos51dfM=
Subject key identifier: 6E:07:B1:CE:E6:80:1E:78:66:49:D9:4F:6D:98:3F:CD:38:C6:B3:08
Certificate issuer: /CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Certificate serial: 018EF4C52A644DBC16C3C91C65EA06546E0E
Authority key identifier: 40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/bgexzuaAHnhmSdlPbZg_zTjGswg.roa
Signing time: Fri 19 Apr 2024 05:12:25 +0000
ROA not before: Fri 19 Apr 2024 05:12:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:f1f3:8b1f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f4:c5:2a:64:4d:bc:16:c3:c9:1c:65:ea:06:54:6e:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40b132c17e598f11b6a10f42ef3bce961e18e8ef
Validity
Not Before: Apr 19 05:12:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e07b1cee6801e786649d94f6d983fcd38c6b308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:17:eb:7d:42:78:19:12:fa:df:a2:3e:40:fe:
69:dc:55:24:ac:84:9f:d3:dd:05:9b:01:c7:26:ed:
df:ea:1b:25:18:ee:03:51:f6:e4:e0:b3:c7:c6:2b:
7f:5b:90:64:b5:24:68:e1:ee:c7:fc:f8:a7:39:9c:
24:4d:dc:45:b2:65:36:76:8b:ee:67:43:e3:31:3d:
f6:ee:ce:3e:0e:8f:43:3b:ea:09:2b:4f:d7:53:95:
d3:e4:9e:52:60:95:ac:3d:42:c6:d4:f4:a4:24:01:
4c:eb:91:ad:bf:b3:ed:bb:e6:a9:70:28:22:8e:3a:
21:a6:7b:6f:e6:4e:90:0c:06:94:0a:ab:37:8b:86:
7c:7b:ec:89:97:30:c5:9c:18:48:08:a2:93:21:25:
af:77:58:4a:a9:d0:0b:75:85:e2:03:ce:00:b6:ac:
75:cf:b7:50:b6:82:1a:10:a4:1f:4c:9d:db:f8:e9:
1d:5d:0e:95:69:d1:a7:de:83:ad:42:79:b4:fe:75:
10:a1:64:b0:6e:e9:1d:78:05:c4:b9:3d:dd:e5:81:
a3:89:af:39:89:a0:fa:2b:bd:22:17:93:e1:ed:fc:
15:f0:eb:5a:d4:d4:40:2a:d0:69:09:e9:94:35:23:
98:9e:7e:c5:f9:8c:d0:6b:81:87:ae:e9:14:29:37:
e9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:07:B1:CE:E6:80:1E:78:66:49:D9:4F:6D:98:3F:CD:38:C6:B3:08
X509v3 Authority Key Identifier:
keyid:40:B1:32:C1:7E:59:8F:11:B6:A1:0F:42:EF:3B:CE:96:1E:18:E8:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/bgexzuaAHnhmSdlPbZg_zTjGswg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/67f049-879e-4eb4-b1c2-8c8ebf5889da/1/QLEywX5ZjxG2oQ9C7zvOlh4Y6O8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:d7:1d:f1:89:4f:53:3c:ee:2f:09:81:70:ad:cd:2f:54:9d:
8e:7e:ab:49:27:ae:e6:36:3a:78:50:ca:11:a5:9a:20:2f:ca:
35:9e:78:ae:45:a5:e7:2c:db:dc:3d:ae:1d:2f:eb:82:cd:01:
12:08:69:96:af:af:62:bf:c3:87:a2:e6:4e:95:8e:21:5b:44:
0f:5e:3a:10:cb:cd:0b:7d:96:85:dc:9c:03:6a:15:86:cb:0f:
49:2f:97:98:a9:4b:8f:09:4f:4a:05:a5:b3:9a:f4:05:e0:5a:
6e:1d:7f:f2:44:ec:b7:bb:4b:cf:0b:22:d6:e7:58:25:6f:c4:
bc:cc:2d:22:75:a4:c9:27:37:64:14:09:c6:75:76:68:e0:86:
af:36:e1:1d:a0:e7:1b:e5:40:ea:7e:bc:13:be:a6:01:64:3b:
69:14:e9:c1:32:37:75:ce:d6:17:5c:21:84:8c:1f:d5:75:35:
fb:d8:04:2b:54:fe:0b:d9:3e:32:65:ed:66:ee:1e:1a:f4:fd:
7d:48:1d:d8:f8:54:03:fc:eb:ed:b2:7f:9f:75:5e:79:2b:77:
9d:cb:71:1b:e6:8a:44:83:68:12:6d:41:a4:f8:84:1c:90:11:
1e:29:9e:58:c7:cc:e4:07:e4:9b:68:a8:9b:21:dc:ae:40:61:
bf:b3:08:fd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY70xSpkTbwWw8kcZeoGVG4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwYjEzMmMxN2U1OThmMTFiNmExMGY0MmVmM2JjZTk2MWUx
OGU4ZWYwHhcNMjQwNDE5MDUxMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA3YjFjZWU2ODAxZTc4NjY0OWQ5NGY2ZDk4M2ZjZDM4YzZiMzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRfrfUJ4GRL636I+QP5p3FUkrISf
090FmwHHJu3f6hslGO4DUfbk4LPHxit/W5BktSRo4e7H/PinOZwkTdxFsmU2dovu
Z0PjMT327s4+Do9DO+oJK0/XU5XT5J5SYJWsPULG1PSkJAFM65Gtv7Ptu+apcCgi
jjohpntv5k6QDAaUCqs3i4Z8e+yJlzDFnBhICKKTISWvd1hKqdALdYXiA84Atqx1
z7dQtoIaEKQfTJ3b+OkdXQ6VadGn3oOtQnm0/nUQoWSwbukdeAXEuT3d5YGjia85
iaD6K70iF5Ph7fwV8Ota1NRAKtBpCemUNSOYnn7F+YzQa4GHrukUKTfpjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG4Hsc7mgB54ZknZT22YP804xrMIMB8GA1UdIwQY
MBaAFECxMsF+WY8RtqEPQu87zpYeGOjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzIt
OGM4ZWJmNTg4OWRhLzEvYmdleHp1YUFIbmhtU2RsUGJaZ196VGpHc3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82N2YwNDktODc5ZS00ZWI0LWIxYzItOGM4ZWJmNTg4OWRh
LzEvUUxFeXdYNVpqeEcyb1E5Qzd6dk9saDRZNk84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD/XHfGJT1M87i8JgXCt
zS9UnY5+q0knruY2OnhQyhGlmiAvyjWeeK5Fpecs29w9rh0v64LNARIIaZavr2K/
w4ei5k6VjiFbRA9eOhDLzQt9loXcnANqFYbLD0kvl5ipS48JT0oFpbOa9AXgWm4d
f/JE7Le7S88LItbnWCVvxLzMLSJ1pMknN2QUCcZ1dmjghq824R2g5xvlQOp+vBO+
pgFkO2kU6cEyN3XO1hdcIYSMH9V1NfvYBCtU/gvZPjJl7WbuHhr0/X1IHdj4VAP8
6+2yf591Xnkrd53LcRvmikSDaBJtQaT4hByQER4pnljHzOQH5JtoqJsh3K5AYb+z
CP0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:37 2025 by rpki-client