Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bjITescPz6sAK929vxbhiN0sZwg.roa
File: bjITescPz6sAK929vxbhiN0sZwg.roa (raw, json)
Hash identifier: xnnPEB6mPbenJ9x7Hb3y/mPMXINKzDhutcuKXN24wpU=
Subject key identifier: 6E:32:13:7A:C7:0F:CF:AB:00:2B:DD:BD:BF:16:E1:88:DD:2C:67:08
Certificate issuer: /CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Certificate serial: 018A9F33DA4DF47FC0C0F0BC2DFBCF0360D1
Authority key identifier: AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bjITescPz6sAK929vxbhiN0sZwg.roa
Signing time: Sat 16 Sep 2023 18:14:50 +0000
ROA not before: Sat 16 Sep 2023 18:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18a:837b:f9c7/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9f:33:da:4d:f4:7f:c0:c0:f0:bc:2d:fb:cf:03:60:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1f14c850745a7c312ea2eb0be03052e4967275
Validity
Not Before: Sep 16 18:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e32137ac70fcfab002bddbdbf16e188dd2c6708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:92:89:ba:e8:d1:86:d2:3e:1f:71:b0:5b:b4:
b5:90:fe:89:8b:76:30:17:af:06:40:02:b1:f9:58:
af:53:56:e9:1f:d8:3e:e4:00:91:db:bb:b0:12:84:
05:56:76:36:42:89:28:1e:72:00:ad:d0:c7:fe:43:
af:7a:a8:ce:3d:f4:b4:7c:03:2e:4c:c0:95:4f:f2:
f8:79:b7:01:94:51:d7:02:01:1f:3d:36:a4:9d:9a:
ce:a4:b2:95:d0:49:54:4c:0a:59:0c:72:c5:e7:11:
c5:94:6d:ce:2f:f5:a4:ea:2d:c8:bd:ed:01:f2:38:
6a:0e:fa:4a:e1:b2:56:79:aa:d8:13:53:cd:af:08:
55:6f:24:d5:ff:06:03:51:c9:04:c8:97:ed:03:98:
ba:02:88:1f:e2:51:97:88:cf:58:b7:1d:05:f7:72:
4e:24:9b:16:8f:22:b0:94:85:a4:9d:cf:8a:6f:18:
fe:c1:87:9e:7b:66:e9:af:83:1b:fa:51:73:87:53:
61:8f:88:97:43:f4:69:e1:a5:03:0c:89:fc:51:92:
bb:6a:82:4d:13:58:19:57:86:a5:bb:6c:e0:2a:95:
7e:80:6f:c8:40:c2:d4:8a:36:c0:ab:ea:1b:47:f4:
7e:ab:71:ee:7c:6f:48:87:81:3f:a3:0e:7e:8f:14:
e0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:32:13:7A:C7:0F:CF:AB:00:2B:DD:BD:BF:16:E1:88:DD:2C:67:08
X509v3 Authority Key Identifier:
keyid:AA:1F:14:C8:50:74:5A:7C:31:2E:A2:EB:0B:E0:30:52:E4:96:72:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh8UyFB0WnwxLqLrC-AwUuSWcnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/bjITescPz6sAK929vxbhiN0sZwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8bf9c5-1d22-439e-b0bd-83fcd225482a/1/qh8UyFB0WnwxLqLrC-AwUuSWcnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
97:8c:9c:6a:89:bd:24:e9:15:43:b9:26:50:fa:c2:b6:e0:1e:
3d:58:73:87:9f:53:7d:d3:f2:7a:d8:34:26:69:2b:80:fe:5d:
61:eb:62:d3:31:e0:4a:86:d0:bf:1b:f7:bc:d6:73:ea:cc:71:
73:06:32:7c:e8:0d:3a:28:b3:a1:19:09:f5:e7:25:09:00:e5:
11:f8:5f:15:14:88:90:71:32:89:ce:aa:79:45:88:ca:ec:f0:
26:90:e6:93:f8:f1:bf:fd:ff:28:1a:62:2e:78:9a:80:da:d2:
0e:31:34:44:fb:2d:e9:86:ae:fd:c0:c4:ab:f0:e3:85:c9:62:
47:2a:af:ab:ec:70:5e:57:e7:27:03:f6:8c:0a:b9:da:e3:b9:
29:af:5f:81:d1:1b:ca:8f:38:72:3b:1c:5a:aa:a2:7c:ce:18:
ba:b1:ad:d0:77:46:e0:c8:a8:76:cc:a0:43:fc:8e:04:35:d6:
3b:fc:c0:63:00:c8:0a:8e:a4:d3:97:d6:f9:a6:9c:9c:59:14:
8f:b8:a7:7a:58:df:b0:d9:09:ea:a0:a2:22:9a:b4:ef:a3:b9:
a6:68:24:ce:92:84:db:35:db:4e:33:fe:f6:af:09:ff:6e:d8:
10:3f:6d:94:aa:7b:50:b1:37:5b:5d:8a:04:6f:8b:ff:b3:ca:
e7:a4:a1:4a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYqfM9pN9H/AwPC8LfvPA2DRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWYxNGM4NTA3NDVhN2MzMTJlYTJlYjBiZTAzMDUyZTQ5
NjcyNzUwHhcNMjMwOTE2MTgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTMyMTM3YWM3MGZjZmFiMDAyYmRkYmRiZjE2ZTE4OGRkMmM2NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5KJuujRhtI+H3GwW7S1kP6Ji3Yw
F68GQAKx+VivU1bpH9g+5ACR27uwEoQFVnY2QokoHnIArdDH/kOveqjOPfS0fAMu
TMCVT/L4ebcBlFHXAgEfPTaknZrOpLKV0ElUTApZDHLF5xHFlG3OL/Wk6i3Ive0B
8jhqDvpK4bJWearYE1PNrwhVbyTV/wYDUckEyJftA5i6Aogf4lGXiM9Ytx0F93JO
JJsWjyKwlIWknc+Kbxj+wYeee2bpr4Mb+lFzh1Nhj4iXQ/Rp4aUDDIn8UZK7aoJN
E1gZV4alu2zgKpV+gG/IQMLUijbAq+obR/R+q3HufG9Ih4E/ow5+jxTg/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG4yE3rHD8+rACvdvb8W4YjdLGcIMB8GA1UdIwQY
MBaAFKofFMhQdFp8MS6i6wvgMFLklnJ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQt
ODNmY2QyMjU0ODJhLzEvYmpJVGVzY1B6NnNBSzkyOXZ4YmhpTjBzWndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84YmY5YzUtMWQyMi00MzllLWIwYmQtODNmY2QyMjU0ODJh
LzEvcWg4VXlGQjBXbnd4THFMckMtQXdVdVNXY25VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJeMnGqJvSTpFUO5JlD6
wrbgHj1Yc4efU33T8nrYNCZpK4D+XWHrYtMx4EqG0L8b97zWc+rMcXMGMnzoDToo
s6EZCfXnJQkA5RH4XxUUiJBxMonOqnlFiMrs8CaQ5pP48b/9/ygaYi54moDa0g4x
NET7LemGrv3AxKvw44XJYkcqr6vscF5X5ycD9owKudrjuSmvX4HRG8qPOHI7HFqq
onzOGLqxrdB3RuDIqHbMoEP8jgQ11jv8wGMAyAqOpNOX1vmmnJxZFI+4p3pY37DZ
CeqgoiKatO+juaZoJM6ShNs1204z/vavCf9u2BA/bZSqe1CxN1tdigRvi/+zyuek
oUo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:02 2025 by rpki-client