Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BI7PedmjHZzcIoFxGvCqxi4MqTk.roa
File: BI7PedmjHZzcIoFxGvCqxi4MqTk.roa (raw, json)
Hash identifier: 5nXcaydsVfSdEicVVWBq/TwqgnYz8bLRfhQQO4rfrMg=
Subject key identifier: 04:8E:CF:79:D9:A3:1D:9C:DC:22:81:71:1A:F0:AA:C6:2E:0C:A9:39
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6CBDD3886664FB465278552B91F5C32E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BI7PedmjHZzcIoFxGvCqxi4MqTk.roa
Signing time: Sat 03 Feb 2024 02:13:16 +0000
ROA not before: Sat 03 Feb 2024 02:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6c:bd:d3:88:66:64:fb:46:52:78:55:2b:91:f5:c3:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 3 02:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=048ecf79d9a31d9cdc2281711af0aac62e0ca939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:21:14:6f:56:8d:b9:d5:d8:6f:47:87:87:fa:
1a:26:ba:ad:5a:65:0a:f6:da:03:50:fa:39:7b:61:
94:dc:ac:fb:45:1a:29:1f:53:e8:c4:86:3b:d4:13:
22:ab:c1:c4:d8:f6:42:89:43:c9:03:3b:94:b5:d0:
5b:e4:9f:12:5c:9e:1c:8b:cc:9f:06:1b:03:29:7a:
b3:82:7d:48:72:c2:cf:70:ca:28:32:b9:0b:74:92:
ed:10:02:76:d5:d6:42:1a:20:87:62:cb:15:7c:c6:
82:84:96:33:e4:8c:0f:e0:cd:c4:51:86:43:28:b6:
e9:a8:f0:dc:19:d1:67:ac:fe:84:cc:ea:4a:d3:2e:
eb:e6:b8:c6:41:93:26:59:f6:ad:d2:d3:20:a9:ac:
51:9a:3c:b5:e6:27:57:c7:1f:54:c7:32:28:4f:85:
eb:97:27:27:4f:8e:0c:dc:4b:be:16:9d:b5:2f:5f:
5b:87:78:d5:06:e5:8e:c0:93:30:70:fb:76:9e:85:
97:f1:2f:27:e3:ea:f4:67:8e:d2:c2:6c:13:23:68:
a7:43:81:a1:b8:0b:0c:a1:8b:cc:45:fb:50:88:de:
0f:12:e1:dc:6f:e3:79:fb:80:19:70:2d:26:d1:82:
fa:31:ab:fd:8c:b8:5f:ff:83:50:9c:92:d0:8d:3c:
d8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:8E:CF:79:D9:A3:1D:9C:DC:22:81:71:1A:F0:AA:C6:2E:0C:A9:39
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BI7PedmjHZzcIoFxGvCqxi4MqTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:8a:77:d5:fb:dd:69:38:27:4a:43:be:34:26:b4:02:76:59:
2b:b8:91:95:46:af:54:36:2a:4f:92:80:24:16:df:75:2a:03:
bc:cd:c8:c6:94:23:06:0d:a0:f6:eb:be:19:3a:84:ea:b0:1d:
96:b7:cb:8d:1f:15:c8:13:77:0e:0b:f5:83:7f:9c:eb:fa:ed:
e2:73:8c:bc:8e:fa:89:0a:c0:f3:90:28:99:3c:c1:01:3f:b3:
9f:a9:93:9b:2c:0f:63:4a:6f:c3:ec:33:f5:e6:bb:8b:1e:e5:
0e:03:c2:0c:f6:20:9b:ba:f9:82:3c:ec:40:97:9b:7f:51:fe:
4b:0d:ff:02:58:0f:91:e4:0b:26:53:a0:15:3d:e9:f6:2d:a4:
62:17:de:84:ad:71:a6:63:2f:a9:32:f7:89:8b:dd:1e:e8:30:
5f:7e:90:8b:ed:5b:b1:df:f8:aa:3f:fa:61:fd:34:47:82:5e:
59:94:cc:1a:7e:56:98:59:24:c9:47:39:28:d0:63:bf:39:f8:
a2:60:1a:2f:95:87:f3:12:1f:a5:80:a4:d4:db:30:a5:05:39:
33:f4:9d:63:37:fa:10:41:44:e2:ce:12:2f:07:23:bb:6f:06:
c9:6e:ab:ef:33:b3:df:11:60:61:55:f3:1d:72:b3:e0:e6:92:
5d:df:37:fa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1svdOIZmT7RlJ4VSuR9cMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAzMDIxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDhlY2Y3OWQ5YTMxZDljZGMyMjgxNzExYWYwYWFjNjJlMGNhOTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiEUb1aNudXYb0eHh/oaJrqtWmUK
9toDUPo5e2GU3Kz7RRopH1PoxIY71BMiq8HE2PZCiUPJAzuUtdBb5J8SXJ4ci8yf
BhsDKXqzgn1IcsLPcMooMrkLdJLtEAJ21dZCGiCHYssVfMaChJYz5IwP4M3EUYZD
KLbpqPDcGdFnrP6EzOpK0y7r5rjGQZMmWfat0tMgqaxRmjy15idXxx9UxzIoT4Xr
lycnT44M3Eu+Fp21L19bh3jVBuWOwJMwcPt2noWX8S8n4+r0Z47SwmwTI2inQ4Gh
uAsMoYvMRftQiN4PEuHcb+N5+4AZcC0m0YL6Mav9jLhf/4NQnJLQjTzYkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFASOz3nZox2c3CKBcRrwqsYuDKk5MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQkk3UGVkbWpIWnpjSW9GeEd2Q3F4aTRNcVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGmKd9X73Wk4J0pDvjQm
tAJ2WSu4kZVGr1Q2Kk+SgCQW33UqA7zNyMaUIwYNoPbrvhk6hOqwHZa3y40fFcgT
dw4L9YN/nOv67eJzjLyO+okKwPOQKJk8wQE/s5+pk5ssD2NKb8PsM/Xmu4se5Q4D
wgz2IJu6+YI87ECXm39R/ksN/wJYD5HkCyZToBU96fYtpGIX3oStcaZjL6ky94mL
3R7oMF9+kIvtW7Hf+Ko/+mH9NEeCXlmUzBp+VphZJMlHOSjQY785+KJgGi+Vh/MS
H6WApNTbMKUFOTP0nWM3+hBBROLOEi8HI7tvBsluq+8zs98RYGFV8x1ys+Dmkl3f
N/o=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:25:24 2025 by rpki-client