Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BaLRdlzBSq4RNfy6TrIZgbCE6os.roa
File: BaLRdlzBSq4RNfy6TrIZgbCE6os.roa (raw, json)
Hash identifier: fRrpXny8pI0hnLcpmlLIyFjeqifYi4ovx2tzkEVVVT8=
Subject key identifier: 05:A2:D1:76:5C:C1:4A:AE:11:35:FC:BA:4E:B2:19:81:B0:84:EA:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC8275FF4BDBEED482633C7761BA47D58
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BaLRdlzBSq4RNfy6TrIZgbCE6os.roa
Signing time: Tue 20 Feb 2024 20:14:00 +0000
ROA not before: Tue 20 Feb 2024 20:14:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c8:27:5f:f4:bd:be:ed:48:26:33:c7:76:1b:a4:7d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 20 20:14:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05a2d1765cc14aae1135fcba4eb21981b084ea8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:66:44:6d:db:69:d3:fe:14:d7:69:e5:f4:55:
03:8c:42:d1:c9:83:60:9b:66:aa:3b:a2:bb:8f:5c:
48:a1:d8:c3:7c:0d:32:11:c9:9f:fb:f1:02:5c:4f:
98:90:bf:0c:5d:2d:13:bf:44:e7:da:67:f9:d1:fd:
1d:49:ec:2f:49:11:d2:44:e6:df:4a:7e:92:18:42:
d0:3b:f7:4d:75:23:57:24:a3:74:b3:f6:92:e8:c9:
54:08:ca:e7:60:ca:6e:bc:9c:62:a4:fb:d6:da:7f:
1e:93:6f:38:cf:3a:e0:87:0d:1d:db:23:b7:2e:c9:
52:da:f5:ef:0a:cc:3c:ec:18:bf:74:3b:12:6b:68:
f7:e2:91:98:61:59:16:3c:68:7e:02:44:97:ac:b5:
05:3a:3d:3d:29:19:c7:b9:29:8a:fc:cc:d6:c6:22:
af:92:71:4e:23:a8:50:ff:bb:ac:83:ea:ba:7a:2f:
0d:19:41:37:ad:4f:f2:37:f6:27:20:18:64:2a:f5:
d9:96:d3:9c:4f:eb:37:67:90:91:fb:9b:68:58:49:
b7:8e:2b:4a:9e:61:da:5a:65:e2:35:82:2d:48:09:
a5:70:bb:72:b3:07:b8:da:96:18:9f:98:f4:e8:56:
25:64:ac:8d:3b:0b:cd:6a:86:0f:b7:8b:70:3f:e9:
2b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:A2:D1:76:5C:C1:4A:AE:11:35:FC:BA:4E:B2:19:81:B0:84:EA:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BaLRdlzBSq4RNfy6TrIZgbCE6os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:ec:da:c0:5d:a4:ce:a4:91:34:b2:39:70:91:d7:8e:50:42:
3d:b3:e7:00:05:ab:8e:bf:0e:8e:31:33:33:4d:7a:ee:5f:1c:
29:db:39:2e:02:cb:58:ea:1c:96:e3:21:c0:46:d9:29:db:ec:
ca:ca:57:90:15:6a:76:84:a2:79:43:44:38:b1:58:5b:f5:5b:
32:79:5b:7c:96:15:78:3b:60:63:4b:97:64:2b:0e:1c:2f:48:
81:cb:cf:52:8a:d5:88:fd:da:2c:2b:2e:ac:c1:5f:20:3a:68:
5f:d7:fc:dd:6e:67:27:b7:e4:85:50:35:1a:67:22:fa:02:32:
7b:2c:24:64:9c:ce:58:16:a9:63:e2:a4:20:3f:04:56:0d:a5:
e1:82:5f:19:5c:9d:0a:23:e4:b2:81:4d:c7:4d:b8:f4:06:09:
41:f0:74:9d:f2:21:d4:77:1d:35:8d:1d:8a:77:89:d4:54:ec:
64:9c:80:2f:45:22:b8:9a:da:5b:19:76:57:bf:67:ef:9f:28:
3e:0a:94:20:73:37:81:b4:cf:3b:18:a7:b9:e6:de:ee:ee:c9:
f4:cc:91:63:ff:16:1d:7e:2b:dd:e9:58:f5:3d:ed:ab:ab:79:
8e:71:7b:d8:3b:ac:ed:f4:e8:b0:8d:0f:92:7c:20:bf:ba:83:
a9:66:22:9e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3IJ1/0vb7tSCYzx3YbpH1YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIwMjAxNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWEyZDE3NjVjYzE0YWFlMTEzNWZjYmE0ZWIyMTk4MWIwODRlYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmZEbdtp0/4U12nl9FUDjELRyYNg
m2aqO6K7j1xIodjDfA0yEcmf+/ECXE+YkL8MXS0Tv0Tn2mf50f0dSewvSRHSRObf
Sn6SGELQO/dNdSNXJKN0s/aS6MlUCMrnYMpuvJxipPvW2n8ek284zzrghw0d2yO3
LslS2vXvCsw87Bi/dDsSa2j34pGYYVkWPGh+AkSXrLUFOj09KRnHuSmK/MzWxiKv
knFOI6hQ/7usg+q6ei8NGUE3rU/yN/YnIBhkKvXZltOcT+s3Z5CR+5toWEm3jitK
nmHaWmXiNYItSAmlcLtyswe42pYYn5j06FYlZKyNOwvNaoYPt4twP+kriwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAWi0XZcwUquETX8uk6yGYGwhOqLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQmFMUmRsekJTcTRSTmZ5NlRySVpnYkNFNm9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADbs2sBdpM6kkTSyOXCR
145QQj2z5wAFq46/Do4xMzNNeu5fHCnbOS4Cy1jqHJbjIcBG2Snb7MrKV5AVanaE
onlDRDixWFv1WzJ5W3yWFXg7YGNLl2QrDhwvSIHLz1KK1Yj92iwrLqzBXyA6aF/X
/N1uZye35IVQNRpnIvoCMnssJGSczlgWqWPipCA/BFYNpeGCXxlcnQoj5LKBTcdN
uPQGCUHwdJ3yIdR3HTWNHYp3idRU7GScgC9FIria2lsZdle/Z++fKD4KlCBzN4G0
zzsYp7nm3u7uyfTMkWP/Fh1+K93pWPU97aureY5xe9g7rO306LCND5J8IL+6g6lm
Ip4=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:34:21 2025 by rpki-client