Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/brfCzo_0YuEaj2EUcUplACoNtaE.roa
File: brfCzo_0YuEaj2EUcUplACoNtaE.roa (raw, json)
Hash identifier: Y+tTwU2ladOeqN80AOtbHo76Znn9mRE5HslKjvZ+MbE=
Subject key identifier: 6E:B7:C2:CE:8F:F4:62:E1:1A:8F:61:14:71:4A:65:00:2A:0D:B5:A1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB4CEB42B065D49B738630DF7C2601DD1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/brfCzo_0YuEaj2EUcUplACoNtaE.roa
Signing time: Sat 17 Feb 2024 02:04:21 +0000
ROA not before: Sat 17 Feb 2024 02:04:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:b4ce:849f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b4:ce:b4:2b:06:5d:49:b7:38:63:0d:f7:c2:60:1d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 17 02:04:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6eb7c2ce8ff462e11a8f6114714a65002a0db5a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:db:c5:79:04:8b:78:cb:58:00:b8:89:56:36:
25:a8:5b:77:18:d9:eb:54:15:98:6f:9f:70:23:87:
23:8e:f9:7c:77:8c:a5:d6:53:68:b9:dd:44:63:4c:
41:0c:9b:24:ca:c7:26:db:65:ef:aa:1d:99:51:ae:
2c:64:9c:2b:97:f9:c6:0a:a7:97:a3:38:50:9a:04:
4c:78:ad:20:81:e0:5f:c0:9c:5a:8f:e6:45:91:c6:
8b:9e:70:48:bd:ac:9b:e9:63:6a:f8:c2:66:d9:04:
ea:8c:6b:a5:85:b6:48:7a:e6:55:ba:13:99:5e:51:
b1:61:0d:be:eb:e4:ac:f0:fa:db:40:69:14:7c:47:
c6:c3:04:e9:9c:97:8d:b2:52:1b:c3:b9:dd:b7:27:
23:5c:58:23:62:5c:4b:59:3b:f1:8d:38:73:f1:ae:
6e:1a:f4:c2:58:f5:55:2e:e8:28:8a:94:57:05:4e:
c0:2c:0c:60:ae:2c:e0:2e:0d:77:28:04:3c:8a:18:
3c:dd:43:67:f0:b5:cc:13:8d:eb:f4:3b:db:2c:66:
04:1b:40:2f:37:8c:e0:fb:d4:a2:12:cf:a5:7f:d6:
df:ba:db:87:65:8e:10:7c:19:d1:61:bf:e2:20:4e:
b8:0a:d1:42:b7:2c:c2:39:62:ad:9d:57:4b:7b:2c:
12:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B7:C2:CE:8F:F4:62:E1:1A:8F:61:14:71:4A:65:00:2A:0D:B5:A1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/brfCzo_0YuEaj2EUcUplACoNtaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:72:12:95:f2:9f:a4:84:14:22:dc:fa:6d:c9:7e:d2:e8:a5:
6e:b9:47:c4:c7:0f:bd:b3:f8:5e:d5:13:c7:5f:ac:91:c3:ee:
8b:ea:94:cc:f9:5a:e6:dd:20:27:8a:e9:41:ea:69:13:44:f0:
98:2e:04:67:9f:a5:27:ed:c2:9d:43:76:5d:fb:39:36:93:9c:
c9:65:1b:f9:67:b9:1a:84:df:45:38:f2:20:4e:f8:7d:64:1f:
0e:0f:73:ec:ed:60:c3:8f:c6:3e:7e:e6:5d:38:a4:52:f1:e7:
8a:59:0d:07:98:16:7d:c9:98:3b:1b:52:88:21:0b:41:4c:b1:
72:83:aa:fc:84:20:1a:96:f2:fa:51:09:7f:d5:f2:db:8a:6f:
0e:c1:6b:f3:4e:d3:ba:5a:b1:34:da:33:99:9b:02:0a:37:73:
30:80:8a:1e:71:c6:b9:06:52:17:33:74:c2:a7:5c:db:5a:20:
fd:17:dc:00:03:7f:df:e3:4b:ea:17:5d:e0:5d:57:09:c9:3a:
90:87:59:9b:52:4b:76:ec:7b:f5:ae:33:ca:c7:97:a3:37:92:
44:43:96:56:2e:ec:15:03:d1:f2:45:a3:80:2e:9f:43:fb:68:
be:03:d3:74:dc:c8:25:42:7c:55:b6:93:b8:71:52:a7:f3:2f:
23:ce:a8:e7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY20zrQrBl1JtzhjDffCYB3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE3MDIwNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWI3YzJjZThmZjQ2MmUxMWE4ZjYxMTQ3MTRhNjUwMDJhMGRiNWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitvFeQSLeMtYALiJVjYlqFt3GNnr
VBWYb59wI4cjjvl8d4yl1lNoud1EY0xBDJskyscm22Xvqh2ZUa4sZJwrl/nGCqeX
ozhQmgRMeK0ggeBfwJxaj+ZFkcaLnnBIvayb6WNq+MJm2QTqjGulhbZIeuZVuhOZ
XlGxYQ2+6+Ss8PrbQGkUfEfGwwTpnJeNslIbw7ndtycjXFgjYlxLWTvxjThz8a5u
GvTCWPVVLugoipRXBU7ALAxgrizgLg13KAQ8ihg83UNn8LXME43r9DvbLGYEG0Av
N4zg+9SiEs+lf9bfutuHZY4QfBnRYb/iIE64CtFCtyzCOWKtnVdLeywS+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG63ws6P9GLhGo9hFHFKZQAqDbWhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYnJmQ3pvXzBZdUVhajJFVWNVcGxBQ29OdGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACtyEpXyn6SEFCLc+m3J
ftLopW65R8THD72z+F7VE8dfrJHD7ovqlMz5WubdICeK6UHqaRNE8JguBGefpSft
wp1Ddl37OTaTnMllG/lnuRqE30U48iBO+H1kHw4Pc+ztYMOPxj5+5l04pFLx54pZ
DQeYFn3JmDsbUoghC0FMsXKDqvyEIBqW8vpRCX/V8tuKbw7Ba/NO07pasTTaM5mb
Ago3czCAih5xxrkGUhczdMKnXNtaIP0X3AADf9/jS+oXXeBdVwnJOpCHWZtSS3bs
e/WuM8rHl6M3kkRDllYu7BUD0fJFo4Aun0P7aL4D03TcyCVCfFW2k7hxUqfzLyPO
qOc=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:48:19 2025 by rpki-client