Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Bni_IyMK6yj1UukfI4Ctt-y4ZoE.roa
File: Bni_IyMK6yj1UukfI4Ctt-y4ZoE.roa (raw, json)
Hash identifier: xNep+B5KcU3BCtdkJXLwZ1YuPEoIZf2jIx5LJG0X0Iw=
Subject key identifier: 06:78:BF:23:23:0A:EB:28:F5:52:E9:1F:23:80:AD:B7:EC:B8:66:81
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A4BBD941DD8B04FA094E00CB5E7A2130A
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Bni_IyMK6yj1UukfI4Ctt-y4ZoE.roa
Signing time: Thu 31 Aug 2023 13:17:09 +0000
ROA not before: Thu 31 Aug 2023 13:17:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18a:4bb8:233d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4b:bd:94:1d:d8:b0:4f:a0:94:e0:0c:b5:e7:a2:13:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Aug 31 13:17:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0678bf23230aeb28f552e91f2380adb7ecb86681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8a:ed:66:0d:07:5d:b5:22:4d:f5:aa:66:97:
f6:be:72:51:ab:74:ee:7f:5c:71:6e:6b:73:a6:95:
1d:06:98:8a:76:4d:11:f7:aa:47:91:14:4d:47:45:
a5:73:8b:97:20:70:7e:b8:49:d8:76:36:41:af:27:
86:d9:65:8d:49:d1:ff:d9:cf:f4:aa:ed:08:31:63:
a0:39:5c:bd:bf:fc:8c:dc:c0:7f:45:3a:e4:27:79:
c6:1b:2c:13:74:1b:fd:1b:f3:ce:d5:4f:c7:2d:ee:
a1:97:57:38:8e:53:c8:c4:b0:db:05:1b:cf:56:56:
5e:4a:1d:7f:17:cf:49:79:6c:77:92:7d:ad:61:65:
58:23:60:3a:14:06:fd:cb:23:83:4a:11:34:a8:6a:
5d:20:1d:0b:e2:ad:2f:07:ed:41:c1:a4:b2:8e:f8:
e6:46:85:cf:10:17:95:d3:d2:b3:4a:cd:e9:ec:b0:
8e:ed:9f:66:b2:67:97:1e:76:e9:2f:39:d8:66:56:
e9:e9:da:77:0c:a4:39:26:20:6b:90:e3:92:f1:04:
3f:45:04:dc:df:f7:a7:fb:18:17:e8:dd:9d:f0:ba:
b1:ea:f6:b3:0b:2f:87:8b:ee:4d:3f:58:d0:29:1f:
f7:e7:8a:57:1a:49:43:82:78:93:a1:22:47:06:0f:
d1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:78:BF:23:23:0A:EB:28:F5:52:E9:1F:23:80:AD:B7:EC:B8:66:81
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/Bni_IyMK6yj1UukfI4Ctt-y4ZoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
64:50:35:b3:54:14:6e:33:96:39:ba:42:a3:ed:fd:bc:df:2b:
01:e4:3c:7d:38:4d:bf:29:97:fb:1e:f3:ab:9c:50:b2:b2:4b:
5f:eb:4c:b0:dd:ca:e5:2f:09:c9:c8:3f:d9:1f:e6:2b:89:64:
80:f1:31:f6:16:c3:e2:28:2c:b0:f9:15:6f:ef:18:63:c9:61:
8a:bc:f3:84:82:ab:21:77:c4:37:0f:aa:7b:c7:9e:38:82:4f:
65:ce:fc:17:99:7d:b4:b1:5e:73:3f:13:f9:34:d9:48:6e:10:
c0:cd:83:d4:53:d2:f2:fa:ca:6b:12:c5:f4:8a:ea:e9:a1:a9:
03:20:58:23:07:98:c3:6e:25:25:de:0c:28:2c:a9:7b:dc:7a:
fd:8e:f4:98:99:d4:e4:14:1b:3b:db:25:00:84:27:e4:59:e3:
20:0d:ee:70:96:ca:b1:06:e5:86:9c:fa:40:c3:c4:72:0a:98:
fa:38:68:4f:e7:96:53:92:cb:56:17:32:c3:04:48:87:b2:aa:
5d:34:0d:48:21:66:56:74:cb:11:7c:52:84:38:bd:41:c3:ef:
3d:03:be:31:d2:9a:f1:30:a5:ae:b6:ef:3c:0f:69:21:53:32:
ed:3a:e0:5f:d8:e6:e2:cd:d3:bb:51:c7:19:05:25:8d:1b:b7:
37:c0:f8:e0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYpLvZQd2LBPoJTgDLXnohMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwODMxMTMxNzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc4YmYyMzIzMGFlYjI4ZjU1MmU5MWYyMzgwYWRiN2VjYjg2NjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIrtZg0HXbUiTfWqZpf2vnJRq3Tu
f1xxbmtzppUdBpiKdk0R96pHkRRNR0Wlc4uXIHB+uEnYdjZBryeG2WWNSdH/2c/0
qu0IMWOgOVy9v/yM3MB/RTrkJ3nGGywTdBv9G/PO1U/HLe6hl1c4jlPIxLDbBRvP
VlZeSh1/F89JeWx3kn2tYWVYI2A6FAb9yyODShE0qGpdIB0L4q0vB+1BwaSyjvjm
RoXPEBeV09KzSs3p7LCO7Z9msmeXHnbpLznYZlbp6dp3DKQ5JiBrkOOS8QQ/RQTc
3/en+xgX6N2d8Lqx6vazCy+Hi+5NP1jQKR/354pXGklDgniToSJHBg/RDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAZ4vyMjCuso9VLpHyOArbfsuGaBMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvQm5pX0l5TUs2eWoxVXVrZkk0Q3R0LXk0Wm9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGRQNbNUFG4zljm6QqPt
/bzfKwHkPH04Tb8pl/se86ucULKyS1/rTLDdyuUvCcnIP9kf5iuJZIDxMfYWw+Io
LLD5FW/vGGPJYYq884SCqyF3xDcPqnvHnjiCT2XO/BeZfbSxXnM/E/k02UhuEMDN
g9RT0vL6ymsSxfSK6umhqQMgWCMHmMNuJSXeDCgsqXvcev2O9JiZ1OQUGzvbJQCE
J+RZ4yAN7nCWyrEG5Yac+kDDxHIKmPo4aE/nllOSy1YXMsMESIeyql00DUghZlZ0
yxF8UoQ4vUHD7z0DvjHSmvEwpa627zwPaSFTMu064F/Y5uLN07tRxxkFJY0btzfA
+OA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:56 2025 by rpki-client