Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bmnpm89CMUU8d2ONTzEEI4oPZ9g.roa
File: bmnpm89CMUU8d2ONTzEEI4oPZ9g.roa (raw, json)
Hash identifier: Do4FGKDf+gTk4M9Td/PittyiGt080/vEyq0hhzluo5k=
Subject key identifier: 6E:69:E9:9B:CF:42:31:45:3C:77:63:8D:4F:31:04:23:8A:0F:67:D8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2D72C07581B31E654744C7F35546A240
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bmnpm89CMUU8d2ONTzEEI4oPZ9g.roa
Signing time: Sun 21 Jan 2024 19:15:11 +0000
ROA not before: Sun 21 Jan 2024 19:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2d:72:c0:75:81:b3:1e:65:47:44:c7:f3:55:46:a2:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 19:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e69e99bcf4231453c77638d4f3104238a0f67d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:12:bb:4c:05:85:3f:a7:00:7f:a2:d5:cc:84:
d2:24:23:fc:39:23:82:71:34:0f:84:74:01:5e:b1:
ae:5a:cd:5b:e1:4d:35:95:ed:ac:ac:1f:fd:6a:23:
88:77:db:52:69:4f:46:cd:61:be:08:a2:77:2c:75:
69:eb:61:da:37:e4:71:be:18:f1:ee:3c:fe:6d:90:
26:17:ed:b6:cb:64:55:a6:d9:f3:f8:c9:54:f9:76:
30:53:e1:f9:a3:c2:ad:bf:13:9d:08:20:f2:77:49:
03:32:8b:5e:10:13:df:53:b1:ae:46:ce:75:b0:8d:
17:f6:59:0c:7e:94:91:bb:91:bf:5a:c8:47:45:d6:
19:c7:8d:f9:9a:29:30:f9:eb:e2:8c:72:e8:c9:40:
48:4c:5e:b3:17:85:cf:dc:a9:a4:ac:62:93:40:6d:
90:c9:ae:eb:c1:77:9e:cd:b0:00:75:7e:f8:b3:88:
13:3b:5d:21:15:8a:4a:2c:fa:d1:24:71:9d:d1:09:
c6:43:18:ee:fd:c1:54:72:60:5c:d4:e8:d1:a8:5d:
5a:ec:93:15:d2:f9:a8:ec:5e:e5:5b:52:6f:ff:4e:
67:90:f2:af:e1:53:1f:ce:3d:31:d9:3c:4a:23:a0:
54:86:36:9b:9b:d6:e5:1c:b3:c0:ca:78:33:41:d1:
12:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:69:E9:9B:CF:42:31:45:3C:77:63:8D:4F:31:04:23:8A:0F:67:D8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bmnpm89CMUU8d2ONTzEEI4oPZ9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:f1:6a:ac:df:54:37:12:1f:1b:09:4e:67:a1:40:fb:34:03:
8c:7f:7c:d8:9e:84:a4:db:b1:6b:bb:51:51:e5:a6:dd:81:3f:
25:1e:3c:0f:39:a6:d6:2e:c1:f2:94:09:5e:1b:a4:9a:16:34:
0a:32:c1:17:84:bf:41:23:93:2e:be:3b:a3:05:f9:89:53:cd:
f8:c7:aa:c2:dd:e7:0c:53:9a:c1:b1:ea:bc:d2:03:76:dd:64:
bc:5d:d1:e9:b6:46:fb:22:92:a3:df:40:88:5a:e8:de:80:c7:
88:64:37:0e:7f:f0:a7:83:c1:16:6c:f7:d4:aa:41:50:db:07:
ea:e0:9d:5a:a8:6f:d3:5a:98:aa:3e:5a:3d:2d:4f:f9:bb:3a:
b6:03:c2:b5:23:1e:63:a6:89:cb:48:c7:92:07:7e:ef:35:9b:
78:44:e8:c5:03:cf:e2:d3:d1:87:1d:8d:3c:33:8c:ad:78:e1:
91:7f:55:26:93:99:34:e4:63:75:ca:55:2c:cd:dc:de:01:ba:
d0:60:c2:bb:ea:e6:26:4e:64:03:f0:03:31:e3:53:a3:2a:ad:
16:14:fa:26:20:2c:92:4d:4b:c0:66:0c:1a:5c:38:07:a9:02:
70:d3:c0:5a:5b:b4:46:df:66:c2:da:a1:4b:08:63:17:d4:b9:
65:cc:fa:ea
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0tcsB1gbMeZUdEx/NVRqJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMTkxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY5ZTk5YmNmNDIzMTQ1M2M3NzYzOGQ0ZjMxMDQyMzhhMGY2N2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhK7TAWFP6cAf6LVzITSJCP8OSOC
cTQPhHQBXrGuWs1b4U01le2srB/9aiOId9tSaU9GzWG+CKJ3LHVp62HaN+Rxvhjx
7jz+bZAmF+22y2RVptnz+MlU+XYwU+H5o8KtvxOdCCDyd0kDMoteEBPfU7GuRs51
sI0X9lkMfpSRu5G/WshHRdYZx435mikw+evijHLoyUBITF6zF4XP3KmkrGKTQG2Q
ya7rwXeezbAAdX74s4gTO10hFYpKLPrRJHGd0QnGQxju/cFUcmBc1OjRqF1a7JMV
0vmo7F7lW1Jv/05nkPKv4VMfzj0x2TxKI6BUhjabm9blHLPAyngzQdESiQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG5p6ZvPQjFFPHdjjU8xBCOKD2fYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYm1ucG04OUNNVVU4ZDJPTlR6RUVJNG9QWjlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADXxaqzfVDcSHxsJTmeh
QPs0A4x/fNiehKTbsWu7UVHlpt2BPyUePA85ptYuwfKUCV4bpJoWNAoywReEv0Ej
ky6+O6MF+YlTzfjHqsLd5wxTmsGx6rzSA3bdZLxd0em2RvsikqPfQIha6N6Ax4hk
Nw5/8KeDwRZs99SqQVDbB+rgnVqob9NamKo+Wj0tT/m7OrYDwrUjHmOmictIx5IH
fu81m3hE6MUDz+LT0YcdjTwzjK144ZF/VSaTmTTkY3XKVSzN3N4ButBgwrvq5iZO
ZAPwAzHjU6MqrRYU+iYgLJJNS8BmDBpcOAepAnDTwFpbtEbfZsLaoUsIYxfUuWXM
+uo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:33:48 2025 by rpki-client