Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bkJGm_WVAXZ8pGqLEbbaC93n6M8.roa
File: bkJGm_WVAXZ8pGqLEbbaC93n6M8.roa (raw, json)
Hash identifier: aY6eGdZz/V3Qcu46y3qq4m2dOF6lN2uYMsqE0TP3RDY=
Subject key identifier: 6E:42:46:9B:F5:95:01:76:7C:A4:6A:8B:11:B6:DA:0B:DD:E7:E8:CF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8266E53A7D1B1AF898AF981834A2E56F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bkJGm_WVAXZ8pGqLEbbaC93n6M8.roa
Signing time: Thu 28 Mar 2024 00:12:45 +0000
ROA not before: Thu 28 Mar 2024 00:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:82:66:e5:3a:7d:1b:1a:f8:98:af:98:18:34:a2:e5:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 28 00:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e42469bf59501767ca46a8b11b6da0bdde7e8cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f6:59:3d:64:35:58:ac:f3:19:76:39:d7:0f:
48:89:59:0c:e1:a3:a1:b0:e2:8f:80:aa:07:49:e8:
e3:1a:f9:38:23:a9:3c:7a:49:ab:2c:b5:75:36:1f:
e8:fa:e3:07:1d:81:ac:e4:53:a2:b3:c0:9b:4d:75:
e6:3e:52:cc:58:df:0f:59:39:00:5f:65:7d:ac:3f:
f8:5a:d9:b9:62:d3:aa:88:e7:63:64:12:f7:5d:82:
c0:ac:d6:b5:20:ff:bc:fa:de:7a:0b:d8:5d:bf:6c:
5b:fc:44:b1:e8:59:a8:00:ec:5c:5f:66:4a:4e:b5:
a4:57:98:b7:94:80:ec:3c:00:d7:32:b2:0d:96:5d:
bb:38:9d:bf:b4:db:d3:9a:e2:82:30:23:2d:4c:24:
79:16:81:ea:13:4f:3f:c7:be:2c:42:60:5c:88:56:
43:94:1d:24:44:50:45:05:f4:1b:04:26:1b:e2:4a:
26:33:1c:ea:20:30:4c:41:1d:8a:63:06:d0:f2:e6:
94:a9:83:db:b2:5c:a7:88:e5:aa:1b:a1:9e:f4:94:
f2:73:e4:3b:82:0c:01:9c:40:fc:1d:6c:19:2c:32:
ca:3f:c7:5b:e3:83:06:4f:28:96:e9:a0:2c:d5:00:
db:31:6e:98:63:b2:4d:15:3c:74:ad:e5:dc:1c:f9:
da:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:42:46:9B:F5:95:01:76:7C:A4:6A:8B:11:B6:DA:0B:DD:E7:E8:CF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bkJGm_WVAXZ8pGqLEbbaC93n6M8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:35:0d:a7:14:46:e8:83:eb:af:ed:69:83:ce:8c:24:10:f0:
0d:b7:e5:c8:6e:cf:b4:bf:74:3e:6f:0e:00:bf:85:1c:8b:d8:
7d:dc:3b:9b:97:a1:25:05:e3:06:0a:11:3a:59:a9:fc:a7:b7:
fa:2b:59:6a:77:3e:33:1d:83:02:2b:88:61:59:da:3f:59:d1:
3a:1d:6a:89:03:bd:df:68:1f:32:75:d0:4c:cf:da:55:56:4b:
a7:e9:08:a1:fa:7b:fd:c0:d0:f1:bf:1f:be:f3:ea:25:2d:c5:
a6:80:f1:62:59:cb:d1:9d:39:e2:ae:ac:59:7d:a1:eb:85:2b:
d5:d7:4f:fb:5f:00:f2:99:e9:77:11:d9:4e:89:3c:02:6e:20:
a2:a1:5a:cd:2d:77:f7:f6:35:79:46:8c:a2:91:d2:c5:ef:46:
39:2b:f3:fe:1d:d4:fb:3b:00:1d:f6:2a:fb:66:7c:26:d5:f5:
b7:f9:96:15:e4:43:19:05:a1:ac:50:38:f1:40:80:62:11:83:
fa:a0:be:fa:8f:c5:ec:3f:75:13:ff:ec:f7:6a:88:4d:38:9c:
b7:c8:d6:23:00:e8:78:57:4b:55:6b:ff:b3:15:52:55:27:2a:
db:4a:89:ff:18:83:ec:a7:0d:de:dd:4e:a8:68:49:41:70:6e:
07:4f:29:91
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6CZuU6fRsa+JivmBg0ouVvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI4MDAxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQyNDY5YmY1OTUwMTc2N2NhNDZhOGIxMWI2ZGEwYmRkZTdlOGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/ZZPWQ1WKzzGXY51w9IiVkM4aOh
sOKPgKoHSejjGvk4I6k8ekmrLLV1Nh/o+uMHHYGs5FOis8CbTXXmPlLMWN8PWTkA
X2V9rD/4Wtm5YtOqiOdjZBL3XYLArNa1IP+8+t56C9hdv2xb/ESx6FmoAOxcX2ZK
TrWkV5i3lIDsPADXMrINll27OJ2/tNvTmuKCMCMtTCR5FoHqE08/x74sQmBciFZD
lB0kRFBFBfQbBCYb4komMxzqIDBMQR2KYwbQ8uaUqYPbslyniOWqG6Ge9JTyc+Q7
ggwBnED8HWwZLDLKP8db44MGTyiW6aAs1QDbMW6YY7JNFTx0reXcHPnaFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG5CRpv1lQF2fKRqixG22gvd5+jPMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYmtKR21fV1ZBWFo4cEdxTEViYmFDOTNuNk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFc1DacURuiD66/taYPO
jCQQ8A235chuz7S/dD5vDgC/hRyL2H3cO5uXoSUF4wYKETpZqfynt/orWWp3PjMd
gwIriGFZ2j9Z0TodaokDvd9oHzJ10EzP2lVWS6fpCKH6e/3A0PG/H77z6iUtxaaA
8WJZy9GdOeKurFl9oeuFK9XXT/tfAPKZ6XcR2U6JPAJuIKKhWs0td/f2NXlGjKKR
0sXvRjkr8/4d1Ps7AB32KvtmfCbV9bf5lhXkQxkFoaxQOPFAgGIRg/qgvvqPxew/
dRP/7PdqiE04nLfI1iMA6HhXS1Vr/7MVUlUnKttKif8Yg+ynDd7dTqhoSUFwbgdP
KZE=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:47:15 2025 by rpki-client