Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/09gTGh9l9WZ1_VGady1qhY2OZpw.roa
File: 09gTGh9l9WZ1_VGady1qhY2OZpw.roa (raw, json)
Hash identifier: Ba1bi1cNWw2le9DFhm0Tq5udNvk4gL/xFcjGSahPBu8=
Subject key identifier: D3:D8:13:1A:1F:65:F5:66:75:FD:51:9A:77:2D:6A:85:8D:8E:66:9C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E24010412C764143A6ADDBCA2D2671918
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/09gTGh9l9WZ1_VGady1qhY2OZpw.roa
Signing time: Sat 09 Mar 2024 16:17:10 +0000
ROA not before: Sat 09 Mar 2024 16:17:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:24:01:04:12:c7:64:14:3a:6a:dd:bc:a2:d2:67:19:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 9 16:17:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3d8131a1f65f56675fd519a772d6a858d8e669c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:62:23:99:cb:85:c7:90:e3:03:26:38:75:87:
0f:3f:82:8e:33:6f:01:6f:e5:c7:a9:16:52:3e:28:
45:9d:60:03:22:6e:2e:df:4b:55:55:9f:51:72:42:
74:98:35:a6:10:ef:f2:aa:9b:f7:61:ab:9e:97:43:
eb:52:7c:e9:d4:e5:16:e8:57:59:0e:f8:cb:79:71:
52:7b:90:63:bf:91:ae:38:13:6a:c3:c4:01:39:0f:
d6:92:25:99:3b:b7:6e:6f:de:7b:92:52:8b:72:03:
04:e6:02:b1:99:ae:0a:2a:78:42:cc:aa:85:c5:30:
29:6a:0e:08:46:5e:c0:56:eb:35:86:18:a1:fc:6e:
f6:9c:f0:40:0e:c9:ee:05:1c:54:26:56:dc:e1:0d:
33:36:0c:3d:a4:57:c7:e9:7b:27:c1:73:c6:ea:05:
9b:4f:d2:e8:d0:ec:da:85:0f:e4:f9:00:de:82:88:
10:cf:4a:5e:2d:8c:27:88:81:95:59:26:1b:03:5d:
73:39:9c:8b:1d:41:b1:2e:22:6a:3c:59:a5:4e:24:
6d:25:5c:ce:ef:a1:45:96:7a:5a:39:2a:f5:4b:dd:
b6:4f:23:e9:f7:f1:fa:25:8e:d0:ca:01:93:c7:ac:
0d:eb:58:1e:6e:1d:a9:ab:a9:b5:e1:51:32:ac:e9:
5c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D8:13:1A:1F:65:F5:66:75:FD:51:9A:77:2D:6A:85:8D:8E:66:9C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/09gTGh9l9WZ1_VGady1qhY2OZpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:0b:b6:43:c9:9a:9b:de:74:ad:91:b5:61:77:fd:4f:3c:02:
8d:c7:56:71:93:12:09:1e:b7:a8:73:31:f8:3d:db:a6:49:00:
93:33:8f:34:a9:d8:33:f0:f4:bb:d8:d4:37:e7:cc:63:b9:a7:
cb:3c:17:de:ad:04:03:b5:3b:1d:3f:b9:5a:7d:c7:9b:2f:b2:
08:de:eb:db:64:09:45:5b:31:84:25:10:0d:b0:5f:9b:73:8e:
68:df:34:f5:a5:dd:75:06:86:e1:0c:47:d2:42:7c:34:24:86:
55:80:0a:0c:88:c8:35:9c:d4:14:8e:7a:6c:b0:29:2c:04:44:
b6:ea:0c:1e:bb:0a:fd:ec:f9:7b:80:9b:71:d5:4c:44:65:3f:
1c:48:90:71:e6:cf:56:cb:63:f8:60:02:92:71:99:7a:ed:d3:
27:8c:6e:43:12:cb:67:89:bb:70:e0:1d:d4:32:38:be:10:39:
e5:81:e0:5c:0d:48:b5:39:7e:d8:fe:6d:11:86:79:f7:c5:d8:
41:79:13:ba:d7:d7:f3:d2:73:95:c0:39:c1:7b:ac:83:6b:1a:
bf:83:54:9b:80:f8:53:74:3a:c4:5b:7d:e3:a1:cd:10:09:ab:
6d:be:e9:f7:55:4c:93:37:8b:d2:5d:f6:ef:3c:11:79:4d:87:
ed:6c:8a:21
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4kAQQSx2QUOmrdvKLSZxkYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA5MTYxNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2Q4MTMxYTFmNjVmNTY2NzVmZDUxOWE3NzJkNmE4NThkOGU2NjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWIjmcuFx5DjAyY4dYcPP4KOM28B
b+XHqRZSPihFnWADIm4u30tVVZ9RckJ0mDWmEO/yqpv3Yauel0PrUnzp1OUW6FdZ
DvjLeXFSe5Bjv5GuOBNqw8QBOQ/WkiWZO7dub957klKLcgME5gKxma4KKnhCzKqF
xTApag4IRl7AVus1hhih/G72nPBADsnuBRxUJlbc4Q0zNgw9pFfH6XsnwXPG6gWb
T9Lo0OzahQ/k+QDegogQz0peLYwniIGVWSYbA11zOZyLHUGxLiJqPFmlTiRtJVzO
76FFlnpaOSr1S922TyPp9/H6JY7QygGTx6wN61gebh2pq6m14VEyrOlcvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNPYExofZfVmdf1RmnctaoWNjmacMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMDlnVEdoOWw5V1oxX1ZHYWR5MXFoWTJPWnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACALtkPJmpvedK2RtWF3
/U88Ao3HVnGTEgket6hzMfg926ZJAJMzjzSp2DPw9LvY1DfnzGO5p8s8F96tBAO1
Ox0/uVp9x5svsgje69tkCUVbMYQlEA2wX5tzjmjfNPWl3XUGhuEMR9JCfDQkhlWA
CgyIyDWc1BSOemywKSwERLbqDB67Cv3s+XuAm3HVTERlPxxIkHHmz1bLY/hgApJx
mXrt0yeMbkMSy2eJu3DgHdQyOL4QOeWB4FwNSLU5ftj+bRGGeffF2EF5E7rX1/PS
c5XAOcF7rINrGr+DVJuA+FN0OsRbfeOhzRAJq22+6fdVTJM3i9Jd9u88EXlNh+1s
iiE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:23:06 2025 by rpki-client