Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bx2QRL-UyrH353OhMqbrdVyRXUY.roa
File: bx2QRL-UyrH353OhMqbrdVyRXUY.roa (raw, json)
Hash identifier: H65UEfLMwdeXgaUxxW2spknefhrrgmOwdNHelSww1eE=
Subject key identifier: 6F:1D:90:44:BF:94:CA:B1:F7:E7:73:A1:32:A6:EB:75:5C:91:5D:46
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5B8F5A413153D49EBF598CD1149F4FA6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bx2QRL-UyrH353OhMqbrdVyRXUY.roa
Signing time: Wed 20 Mar 2024 11:11:45 +0000
ROA not before: Wed 20 Mar 2024 11:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:8f:5a:41:31:53:d4:9e:bf:59:8c:d1:14:9f:4f:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 11:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f1d9044bf94cab1f7e773a132a6eb755c915d46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7d:62:69:ec:1f:cd:fd:4f:e8:d3:62:cb:92:
55:75:af:fc:c4:fc:d2:43:4f:db:7f:14:7e:c1:f6:
af:91:95:91:13:6b:ce:29:6e:2d:6a:63:26:43:1c:
bb:aa:f2:d0:32:30:3d:e1:cb:34:ba:83:6d:3f:8c:
0a:fe:53:e9:78:b7:cf:d7:fa:94:14:cd:db:c8:6b:
63:b2:db:ed:51:a0:e6:d9:84:55:cd:b3:ca:c6:01:
f4:0f:96:46:4b:8b:e1:b6:ba:d1:2b:75:cd:20:4f:
27:6b:91:b1:ca:57:fa:43:aa:a3:fa:32:33:6b:93:
cd:04:94:f5:77:26:fc:dc:d6:ee:32:95:4b:5e:ba:
cb:dd:0d:02:9c:da:f0:6c:f1:79:1b:18:cb:77:2a:
f7:ea:f4:bc:ae:2a:12:06:4a:b3:54:0f:23:48:33:
35:76:8f:ae:68:aa:5f:3c:82:ba:d2:36:c7:51:75:
df:84:1b:b2:b0:bb:70:88:8a:88:af:2b:89:20:0b:
cc:f0:71:0d:7a:60:d9:20:33:15:ab:ad:4c:c0:95:
72:42:17:2e:9d:ae:85:a2:a2:6a:e6:00:32:f5:99:
41:1f:34:13:b4:05:9a:d8:50:f1:0c:b7:67:37:4d:
1d:47:c8:5c:af:f9:67:49:8c:b5:ee:25:69:89:01:
20:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:1D:90:44:BF:94:CA:B1:F7:E7:73:A1:32:A6:EB:75:5C:91:5D:46
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bx2QRL-UyrH353OhMqbrdVyRXUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:e0:0b:8b:13:76:bc:4a:6f:eb:e3:7e:0a:bf:1e:41:97:45:
48:f6:41:a5:c0:c4:e2:5f:5f:ba:fe:5b:97:6d:b5:cf:24:a7:
6b:40:ca:6b:d2:bb:8b:1c:a6:4e:3a:90:7e:a9:4b:81:45:00:
ab:4b:b7:47:d6:99:9d:13:6d:ed:1f:91:80:a6:0e:dd:c5:29:
57:2e:9d:44:6c:24:8b:04:f0:17:ed:fc:fe:e1:69:73:17:27:
d8:65:05:f9:50:4c:4c:24:bc:fc:56:04:64:1b:ab:ce:e2:7b:
ce:22:f9:2f:f1:3d:92:af:7d:97:68:9d:24:e4:73:cf:89:15:
1a:1c:34:0e:fe:eb:6f:41:36:6e:41:0c:41:fb:67:36:fa:5d:
2d:c5:4d:2d:d6:36:1f:45:f0:2e:21:cd:8a:c9:56:5b:6a:44:
82:79:3e:0c:b7:bb:34:b5:94:b0:20:ad:ce:f1:29:2f:87:74:
2a:fe:37:6e:95:63:8e:55:90:22:f9:00:6d:5e:79:1a:3c:1a:
b0:b5:83:6c:5f:e9:80:4f:21:70:8f:ea:7f:33:a6:25:bd:a4:
2f:ed:dd:bc:24:93:8d:74:07:02:db:7c:fa:58:18:72:31:a3:
da:fe:c2:eb:a0:2f:5f:6b:69:7e:78:03:be:31:dc:c0:cb:f2:
77:52:3e:f9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5bj1pBMVPUnr9ZjNEUn0+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMTExMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjFkOTA0NGJmOTRjYWIxZjdlNzczYTEzMmE2ZWI3NTVjOTE1ZDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhX1iaewfzf1P6NNiy5JVda/8xPzS
Q0/bfxR+wfavkZWRE2vOKW4tamMmQxy7qvLQMjA94cs0uoNtP4wK/lPpeLfP1/qU
FM3byGtjstvtUaDm2YRVzbPKxgH0D5ZGS4vhtrrRK3XNIE8na5Gxylf6Q6qj+jIz
a5PNBJT1dyb83NbuMpVLXrrL3Q0CnNrwbPF5GxjLdyr36vS8rioSBkqzVA8jSDM1
do+uaKpfPIK60jbHUXXfhBuysLtwiIqIryuJIAvM8HENemDZIDMVq61MwJVyQhcu
na6FoqJq5gAy9ZlBHzQTtAWa2FDxDLdnN00dR8hcr/lnSYy17iVpiQEg3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG8dkES/lMqx9+dzoTKm63VckV1GMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYngyUVJMLVV5ckgzNTNPaE1xYnJkVnlSWFVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACHgC4sTdrxKb+vjfgq/
HkGXRUj2QaXAxOJfX7r+W5dttc8kp2tAymvSu4scpk46kH6pS4FFAKtLt0fWmZ0T
be0fkYCmDt3FKVcunURsJIsE8Bft/P7haXMXJ9hlBflQTEwkvPxWBGQbq87ie84i
+S/xPZKvfZdonSTkc8+JFRocNA7+629BNm5BDEH7Zzb6XS3FTS3WNh9F8C4hzYrJ
VltqRIJ5Pgy3uzS1lLAgrc7xKS+HdCr+N26VY45VkCL5AG1eeRo8GrC1g2xf6YBP
IXCP6n8zpiW9pC/t3bwkk410BwLbfPpYGHIxo9r+wuugL19raX54A74x3MDL8ndS
Pvk=
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:57:43 2025 by rpki-client