Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bLv0cRZwXZ4hHMfpLkGx9hnGaJY.roa
File: bLv0cRZwXZ4hHMfpLkGx9hnGaJY.roa (raw, json)
Hash identifier: Qzdp52Hox3w3NbquvbmlU81y77eF8zR+/tbqU4Y9mHE=
Subject key identifier: 6C:BB:F4:71:16:70:5D:9E:21:1C:C7:E9:2E:41:B1:F6:19:C6:68:96
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1DFFACBDC1958CE3B538FFD9E944AC63
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bLv0cRZwXZ4hHMfpLkGx9hnGaJY.roa
Signing time: Thu 18 Jan 2024 19:15:11 +0000
ROA not before: Thu 18 Jan 2024 19:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1d:ff:ac:bd:c1:95:8c:e3:b5:38:ff:d9:e9:44:ac:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 18 19:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cbbf47116705d9e211cc7e92e41b1f619c66896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:04:bd:6c:13:e8:8a:0d:2f:bb:1d:14:f6:2c:
30:ee:6e:e2:f4:86:14:b4:01:49:96:e4:65:30:4d:
bc:6e:7c:27:ed:b7:1b:0e:8a:23:6e:dc:52:cc:73:
87:23:e8:94:b3:bf:9a:37:50:c0:97:5d:d9:38:03:
bf:cd:fc:65:5a:93:fa:b9:ee:89:a2:ca:7b:47:ac:
93:e0:4d:82:9d:66:53:1c:42:ec:d0:5a:15:ab:6c:
cc:d8:be:85:fe:3f:9b:a8:fc:e5:45:0c:1b:b9:31:
02:b5:9b:bf:f2:15:0e:16:7e:5f:8c:88:8b:ae:e6:
31:a5:0e:29:b2:b7:e6:eb:e6:e2:14:31:f7:c7:09:
56:45:51:b0:94:ad:ac:cd:f7:41:89:9d:4e:c9:91:
3f:21:a9:92:12:97:e0:88:05:78:8a:18:03:2c:de:
9c:53:cd:a0:4f:cd:68:1c:62:61:1b:f7:bc:7d:8a:
e1:7f:9e:61:82:a9:e3:57:cf:c5:7e:05:cf:a2:60:
33:57:e7:44:52:98:13:c9:59:5b:0b:9c:37:d0:c4:
93:44:9a:cd:8f:c0:bb:71:75:ff:72:eb:e7:28:91:
1a:d4:f0:99:0b:9c:7b:81:18:d6:17:c8:1e:8a:f4:
e6:cf:8e:78:c7:3d:f1:b8:8c:0b:a4:3d:d7:f8:d9:
d9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BB:F4:71:16:70:5D:9E:21:1C:C7:E9:2E:41:B1:F6:19:C6:68:96
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bLv0cRZwXZ4hHMfpLkGx9hnGaJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
03:3e:af:82:c0:db:65:d1:2d:1c:67:ac:4d:83:84:10:38:30:
ed:29:df:3b:9b:a6:0d:2c:5a:57:1e:ca:52:5e:f6:74:6b:44:
8f:02:13:fa:1b:73:93:34:ba:45:ca:0d:6e:08:98:15:00:00:
85:65:07:36:e3:37:6b:21:68:d5:17:2c:3c:68:30:f8:ae:d3:
01:7d:3c:e3:26:77:6b:ee:5d:8e:0d:86:39:68:d2:b9:5c:bf:
e4:48:11:ed:25:db:4f:78:d3:20:55:4d:b5:a5:b1:03:b4:d1:
a6:39:0d:2d:59:aa:f1:66:97:ce:2d:76:af:14:b1:d6:05:23:
fb:97:40:31:0b:b3:42:62:27:18:ea:4d:68:63:8d:0b:31:9a:
9a:84:d6:d1:77:0b:c7:8a:ae:36:29:c6:56:c3:20:44:82:de:
e3:69:1d:14:da:af:64:31:05:bd:24:7c:c0:17:17:3a:31:d5:
47:ef:8a:a9:67:dc:35:73:b2:e3:45:3d:a8:58:86:ec:c5:64:
92:dc:0a:c5:5f:af:bc:7a:e9:fa:75:9a:a1:c3:ed:57:ef:32:
e6:06:03:24:44:b8:94:0b:e2:54:a1:4e:da:59:5f:89:de:5c:
fb:bf:31:d9:2a:ad:c7:d6:53:1f:f5:d3:c5:73:25:5c:57:66:
02:86:99:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0d/6y9wZWM47U4/9npRKxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE4MTkxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2JiZjQ3MTE2NzA1ZDllMjExY2M3ZTkyZTQxYjFmNjE5YzY2ODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwS9bBPoig0vux0U9iww7m7i9IYU
tAFJluRlME28bnwn7bcbDoojbtxSzHOHI+iUs7+aN1DAl13ZOAO/zfxlWpP6ue6J
osp7R6yT4E2CnWZTHELs0FoVq2zM2L6F/j+bqPzlRQwbuTECtZu/8hUOFn5fjIiL
ruYxpQ4psrfm6+biFDH3xwlWRVGwlK2szfdBiZ1OyZE/IamSEpfgiAV4ihgDLN6c
U82gT81oHGJhG/e8fYrhf55hgqnjV8/FfgXPomAzV+dEUpgTyVlbC5w30MSTRJrN
j8C7cXX/cuvnKJEa1PCZC5x7gRjWF8geivTmz454xz3xuIwLpD3X+NnZTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGy79HEWcF2eIRzH6S5BsfYZxmiWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYkx2MGNSWndYWjRoSE1mcExrR3g5aG5HYUpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAM+r4LA22XRLRxnrE2D
hBA4MO0p3zubpg0sWlceylJe9nRrRI8CE/obc5M0ukXKDW4ImBUAAIVlBzbjN2sh
aNUXLDxoMPiu0wF9POMmd2vuXY4Nhjlo0rlcv+RIEe0l20940yBVTbWlsQO00aY5
DS1ZqvFml84tdq8UsdYFI/uXQDELs0JiJxjqTWhjjQsxmpqE1tF3C8eKrjYpxlbD
IESC3uNpHRTar2QxBb0kfMAXFzox1Ufviqln3DVzsuNFPahYhuzFZJLcCsVfr7x6
6fp1mqHD7VfvMuYGAyREuJQL4lShTtpZX4neXPu/MdkqrcfWUx/108VzJVxXZgKG
mco=
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:12:14 2025 by rpki-client