Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BqiaSZtytWlPs2LMZ8JATAmddvU.roa
File: BqiaSZtytWlPs2LMZ8JATAmddvU.roa (raw, json)
Hash identifier: Ue5yGmplhQihrjQalG9LEY6HCA7T/xClkGKhAIHz/3k=
Subject key identifier: 06:A8:9A:49:9B:72:B5:69:4F:B3:62:CC:67:C2:40:4C:09:9D:76:F5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC5913A3FB967A434502810AA160D65F6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BqiaSZtytWlPs2LMZ8JATAmddvU.roa
Signing time: Wed 10 Apr 2024 01:13:32 +0000
ROA not before: Wed 10 Apr 2024 01:13:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c5:91:3a:3f:b9:67:a4:34:50:28:10:aa:16:0d:65:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 10 01:13:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06a89a499b72b5694fb362cc67c2404c099d76f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:79:dd:f7:65:a9:f5:5f:f2:b5:10:45:8c:a2:
33:02:e0:cb:ae:7f:87:76:31:36:55:7f:52:7d:a3:
2c:53:26:db:70:eb:01:8c:9d:4c:81:fd:63:7d:4f:
af:4f:0a:fb:2e:ab:ec:b7:98:86:9c:d3:b1:da:50:
66:db:60:29:ba:d9:30:b0:88:fe:66:85:12:12:2a:
bf:8a:0f:65:bc:e2:a2:ea:58:1a:00:50:af:ba:e1:
6b:1a:bb:3e:47:60:e7:af:8b:fa:70:bd:7a:99:9d:
c4:28:89:d4:83:90:fd:04:0f:b4:28:0d:31:4d:f2:
62:c2:46:6a:5e:9a:ee:4e:cd:d4:31:57:03:ed:99:
4c:95:5b:bf:8a:f0:24:11:aa:3e:c1:7b:04:5b:e6:
2c:6c:41:d5:78:63:c4:6c:d5:5d:08:b2:49:57:02:
04:70:b3:a1:3d:44:5a:6d:91:85:03:b4:8f:91:e0:
b2:eb:ce:2e:4f:46:24:49:17:15:c3:2c:0b:7b:3c:
e2:dd:5c:4a:fe:10:b8:0c:f7:bc:25:9a:85:7c:14:
9a:cf:8f:76:28:ab:70:8a:0e:4a:a7:35:32:4e:dc:
3e:03:38:b3:84:fa:75:d3:24:f1:ac:18:37:cb:50:
b2:6a:99:89:fb:1c:4c:de:55:13:8b:23:8d:5b:07:
b9:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A8:9A:49:9B:72:B5:69:4F:B3:62:CC:67:C2:40:4C:09:9D:76:F5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/BqiaSZtytWlPs2LMZ8JATAmddvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:a8:85:2b:e1:14:63:71:c4:23:cc:ce:3a:83:6b:99:02:3d:
08:6f:70:53:31:6d:a4:7d:c9:03:b5:88:44:c1:2b:45:60:85:
cd:53:ee:7f:47:ae:6b:a0:e8:6a:eb:ee:01:4f:b5:3a:05:a5:
2a:ff:42:40:aa:8c:56:21:76:f6:29:7b:28:fe:b9:03:8a:22:
02:31:07:ce:d4:bc:65:91:c1:ac:3d:c5:14:0b:80:2d:62:14:
8d:84:55:78:13:4f:13:92:85:ab:2c:a2:0b:88:eb:52:90:0d:
1a:0b:a0:7d:c4:f4:2d:72:68:ca:2b:e3:82:9d:36:4e:9b:ef:
6b:90:40:01:55:e7:68:0e:73:01:95:dc:61:ed:bc:d6:25:6c:
ce:11:f6:64:98:50:42:e4:97:8d:80:e8:d7:ff:f4:13:9f:c7:
8d:c4:41:34:a9:b3:54:32:11:4c:84:76:80:25:4e:50:d3:bb:
7c:4e:f7:7d:21:f8:38:28:3c:6b:7b:f3:25:ed:75:49:c0:a3:
f7:45:88:ea:9b:f3:28:82:c0:59:b1:50:1c:89:ae:7d:f9:41:
6d:c9:db:e5:c2:15:a1:bc:69:36:ce:36:43:98:2e:2e:90:ff:
cd:85:1d:38:7b:6f:7f:81:20:69:30:4a:f6:d7:0d:75:df:b6:
d0:aa:8b:6b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7FkTo/uWekNFAoEKoWDWX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEwMDExMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE4OWE0OTliNzJiNTY5NGZiMzYyY2M2N2MyNDA0YzA5OWQ3NmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3nd92Wp9V/ytRBFjKIzAuDLrn+H
djE2VX9SfaMsUybbcOsBjJ1Mgf1jfU+vTwr7Lqvst5iGnNOx2lBm22AputkwsIj+
ZoUSEiq/ig9lvOKi6lgaAFCvuuFrGrs+R2Dnr4v6cL16mZ3EKInUg5D9BA+0KA0x
TfJiwkZqXpruTs3UMVcD7ZlMlVu/ivAkEao+wXsEW+YsbEHVeGPEbNVdCLJJVwIE
cLOhPURabZGFA7SPkeCy684uT0YkSRcVwywLezzi3VxK/hC4DPe8JZqFfBSaz492
KKtwig5KpzUyTtw+AzizhPp10yTxrBg3y1CyapmJ+xxM3lUTiyONWwe5pQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAaomkmbcrVpT7NizGfCQEwJnXb1MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQnFpYVNadHl0V2xQczJMTVo4SkFUQW1kZHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFqohSvhFGNxxCPMzjqD
a5kCPQhvcFMxbaR9yQO1iETBK0Vghc1T7n9Hrmug6Grr7gFPtToFpSr/QkCqjFYh
dvYpeyj+uQOKIgIxB87UvGWRwaw9xRQLgC1iFI2EVXgTTxOShassoguI61KQDRoL
oH3E9C1yaMor44KdNk6b72uQQAFV52gOcwGV3GHtvNYlbM4R9mSYUELkl42A6Nf/
9BOfx43EQTSps1QyEUyEdoAlTlDTu3xO930h+DgoPGt78yXtdUnAo/dFiOqb8yiC
wFmxUByJrn35QW3J2+XCFaG8aTbONkOYLi6Q/82FHTh7b3+BIGkwSvbXDXXfttCq
i2s=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:20:47 2025 by rpki-client