Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/BmHHkL4c2Vzd0bYTaB4KSTYsfYY.roa
File: BmHHkL4c2Vzd0bYTaB4KSTYsfYY.roa (raw, json)
Hash identifier: gSHysXr6LfBOmM6BisQyw8SnLKtkvkDsNa2pwBnzCOM=
Subject key identifier: 06:61:C7:90:BE:1C:D9:5C:DD:D1:B6:13:68:1E:0A:49:36:2C:7D:86
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A98543571E205B32BDBF3D86127DF6A55
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/BmHHkL4c2Vzd0bYTaB4KSTYsfYY.roa
Signing time: Fri 15 Sep 2023 10:12:50 +0000
ROA not before: Fri 15 Sep 2023 10:12:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:98:54:35:71:e2:05:b3:2b:db:f3:d8:61:27:df:6a:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 15 10:12:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0661c790be1cd95cddd1b613681e0a49362c7d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e5:bd:5f:5a:a7:98:8d:44:d2:38:02:1c:86:
0f:14:91:ce:96:3f:bd:74:a8:fc:5a:06:ed:f4:eb:
d6:a7:5d:b4:90:52:5f:63:7c:92:a5:1b:ba:a3:0b:
ae:84:bd:81:71:c2:96:08:42:46:95:2b:ab:0d:e3:
df:b0:fd:6c:62:5e:f6:85:27:68:4d:bf:86:0a:c6:
5e:b5:29:84:2d:98:95:ae:00:9a:6a:ee:1e:f3:9c:
38:7b:46:d0:1b:29:3d:c0:e4:b2:4d:42:10:21:ff:
9b:f4:99:e2:c8:16:f6:02:4c:fe:4e:c9:ce:f1:07:
af:ae:5c:82:37:57:ad:0b:8a:4f:08:d7:81:44:47:
43:8d:d0:6a:9d:1e:31:ca:ec:08:e5:06:c6:75:f9:
7d:7d:8d:e3:77:9d:c2:11:43:b9:b0:f0:a7:d9:b8:
df:dc:0b:37:5a:91:87:9c:63:27:3c:0b:b8:37:59:
ab:d1:01:63:3c:d4:55:a7:81:7e:53:43:e2:8d:5d:
34:3d:d2:4f:a0:58:08:ef:d4:52:7e:a1:80:fa:96:
ae:be:3a:76:90:a0:3a:e2:36:c4:8d:cf:bd:2f:6c:
c6:6d:c1:30:54:3b:ce:e7:6c:bb:d6:6a:4a:1c:32:
63:24:3b:c6:dc:cb:5c:42:c2:9d:ae:02:ec:bf:95:
01:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:61:C7:90:BE:1C:D9:5C:DD:D1:B6:13:68:1E:0A:49:36:2C:7D:86
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/BmHHkL4c2Vzd0bYTaB4KSTYsfYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
27:b4:39:e3:8f:5b:08:86:6e:ec:ed:a7:fa:8a:3a:97:cd:7d:
89:91:f3:0b:7b:16:a0:b0:c7:44:2d:82:07:33:7c:ae:be:ae:
1c:fe:47:b3:d8:48:2a:b1:e5:8e:85:d7:70:b3:32:30:12:38:
1f:78:12:20:70:47:93:79:58:53:da:3c:01:75:10:e5:79:fb:
cc:ae:91:05:34:5c:97:11:eb:9a:f5:08:e4:5a:98:1c:29:f3:
86:55:d2:c1:bc:48:36:e0:dd:cb:7a:c8:49:68:53:a3:93:57:
43:15:83:bb:94:e7:04:cc:cb:6a:ba:8c:4f:99:48:3c:09:46:
12:0c:ee:63:61:d3:01:1c:8e:8d:e3:9b:e7:35:dc:b5:78:93:
13:58:ca:5b:5d:f9:0e:76:fd:ba:40:fa:53:a6:1c:9d:20:dc:
1f:24:b9:3f:de:7b:9c:67:71:c3:8e:15:55:5e:5c:ff:3a:fb:
72:1b:e2:b9:f8:9e:e1:7b:92:4c:93:03:dc:ca:23:38:8c:4f:
41:8f:26:2a:68:a7:f0:e9:a0:9b:44:ec:de:a0:2a:af:24:b1:
04:96:1e:bb:2a:3c:18:46:98:b2:47:5a:42:20:76:bc:ce:a7:
bf:6a:2a:3b:7a:b9:85:ee:c7:ee:3c:56:29:1c:11:aa:1c:dd:
10:e1:82:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqYVDVx4gWzK9vz2GEn32pVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE1MTAxMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjYxYzc5MGJlMWNkOTVjZGRkMWI2MTM2ODFlMGE0OTM2MmM3ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuW9X1qnmI1E0jgCHIYPFJHOlj+9
dKj8Wgbt9OvWp120kFJfY3ySpRu6owuuhL2BccKWCEJGlSurDePfsP1sYl72hSdo
Tb+GCsZetSmELZiVrgCaau4e85w4e0bQGyk9wOSyTUIQIf+b9JniyBb2Akz+TsnO
8QevrlyCN1etC4pPCNeBREdDjdBqnR4xyuwI5QbGdfl9fY3jd53CEUO5sPCn2bjf
3As3WpGHnGMnPAu4N1mr0QFjPNRVp4F+U0PijV00PdJPoFgI79RSfqGA+pauvjp2
kKA64jbEjc+9L2zGbcEwVDvO52y71mpKHDJjJDvG3MtcQsKdrgLsv5UBHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAZhx5C+HNlc3dG2E2geCkk2LH2GMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQm1ISGtMNGMyVnpkMGJZVGFCNEtTVFlzZllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACe0OeOPWwiGbuztp/qK
OpfNfYmR8wt7FqCwx0QtggczfK6+rhz+R7PYSCqx5Y6F13CzMjASOB94EiBwR5N5
WFPaPAF1EOV5+8yukQU0XJcR65r1CORamBwp84ZV0sG8SDbg3ct6yEloU6OTV0MV
g7uU5wTMy2q6jE+ZSDwJRhIM7mNh0wEcjo3jm+c13LV4kxNYyltd+Q52/bpA+lOm
HJ0g3B8kuT/ee5xnccOOFVVeXP86+3Ib4rn4nuF7kkyTA9zKIziMT0GPJipop/Dp
oJtE7N6gKq8ksQSWHrsqPBhGmLJHWkIgdrzOp79qKjt6uYXux+48VikcEaoc3RDh
gok=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:50 2025 by rpki-client