Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0phY8Ol7kZG7nqST9cSlX8cAXLE.roa
File: 0phY8Ol7kZG7nqST9cSlX8cAXLE.roa (raw, json)
Hash identifier: 6dK1EVCFf4iT0hnZrBCUZKWHqICRgGwqSkL5eJzUcnU=
Subject key identifier: D2:98:58:F0:E9:7B:91:91:BB:9E:A4:93:F5:C4:A5:5F:C7:00:5C:B1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDEAF0482D2E9B121CEE69C86719BBD23
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0phY8Ol7kZG7nqST9cSlX8cAXLE.roa
Signing time: Sun 25 Feb 2024 05:13:48 +0000
ROA not before: Sun 25 Feb 2024 05:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:de:af:04:82:d2:e9:b1:21:ce:e6:9c:86:71:9b:bd:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 05:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d29858f0e97b9191bb9ea493f5c4a55fc7005cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:56:48:f9:d7:9b:aa:9b:79:0d:03:cc:1e:a4:
e6:d0:29:91:93:b4:09:23:79:e8:a3:81:97:d4:9c:
88:a9:c0:aa:21:35:d9:7a:ec:c1:65:d9:5f:64:e2:
5c:c9:67:ba:fe:12:a5:fe:34:42:e3:1b:51:3e:e9:
09:95:0a:87:5d:cd:be:ae:39:a0:97:1f:c5:41:02:
ec:53:5c:6a:3f:03:ab:3d:a7:a6:f5:b4:89:3e:35:
78:6a:cd:29:d7:6f:7c:45:fb:93:55:ac:00:9b:3f:
cd:38:54:ee:23:76:e5:e8:3e:16:42:db:7c:65:d4:
49:7b:e9:d3:be:57:cd:13:4f:6f:3d:97:23:b2:4d:
ec:63:6e:27:40:5a:75:d9:d1:b5:03:31:27:98:56:
40:45:b1:df:8a:fb:38:73:5f:5c:4c:38:6e:23:e6:
d4:fe:46:cf:5c:9b:c9:46:3c:88:b3:f3:39:dc:d0:
83:7a:3b:94:68:32:cc:6a:c2:88:3c:4c:85:e5:48:
7c:29:49:a6:5b:d4:06:7a:cf:bf:19:8b:f5:03:94:
19:32:8e:1d:e2:14:f8:78:b9:f8:2c:06:30:40:ac:
69:9a:26:ea:88:6f:9b:b2:b5:22:ec:18:0b:ae:68:
fb:3e:c0:3d:81:fa:f5:06:d6:24:08:3a:5c:a2:57:
2f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:98:58:F0:E9:7B:91:91:BB:9E:A4:93:F5:C4:A5:5F:C7:00:5C:B1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0phY8Ol7kZG7nqST9cSlX8cAXLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
79:e9:27:91:90:ed:73:cb:bd:bf:0e:bb:38:0c:4b:91:3b:b8:
82:56:23:f0:78:b7:8e:47:4b:2e:8a:e8:72:16:b5:47:3a:54:
94:68:47:04:e1:0a:4b:81:04:97:c2:4b:96:67:4b:13:d2:07:
f1:8e:0f:ab:4d:22:6a:94:f8:43:9a:ae:43:fb:ff:de:8a:47:
ff:be:d8:c6:b5:57:d1:1d:68:73:41:89:20:f9:b2:4c:62:43:
31:0d:b5:40:c5:5d:90:55:16:35:c0:2a:c7:f2:a4:07:a7:57:
6a:37:23:90:5d:53:b0:ae:1c:fb:dc:08:8b:e9:56:f4:70:f3:
39:fc:52:cf:6c:7e:b6:c2:22:34:21:83:9f:1e:df:53:c7:4f:
cf:d3:ba:85:1b:fb:73:b0:66:42:51:f7:be:82:73:06:d7:0f:
3e:f0:90:d8:19:f3:7b:c9:2e:57:a5:e7:fe:2c:56:59:0a:e3:
5a:09:05:89:f4:aa:58:0b:d3:49:83:c8:42:df:7d:55:af:8c:
1e:f1:4a:45:87:65:a3:c8:c1:c7:12:f0:88:37:09:60:a8:af:
d4:22:1d:af:aa:44:70:ad:31:6d:03:73:d5:ec:86:41:ae:5b:
a4:cf:0e:f6:ee:4d:5c:ba:1e:99:ec:f3:00:9e:5b:d5:8b:a7:
1d:f7:a3:65
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3erwSC0umxIc7mnIZxm70jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MDUxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjk4NThmMGU5N2I5MTkxYmI5ZWE0OTNmNWM0YTU1ZmM3MDA1Y2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVZI+debqpt5DQPMHqTm0CmRk7QJ
I3noo4GX1JyIqcCqITXZeuzBZdlfZOJcyWe6/hKl/jRC4xtRPukJlQqHXc2+rjmg
lx/FQQLsU1xqPwOrPaem9bSJPjV4as0p1298RfuTVawAmz/NOFTuI3bl6D4WQtt8
ZdRJe+nTvlfNE09vPZcjsk3sY24nQFp12dG1AzEnmFZARbHfivs4c19cTDhuI+bU
/kbPXJvJRjyIs/M53NCDejuUaDLMasKIPEyF5Uh8KUmmW9QGes+/GYv1A5QZMo4d
4hT4eLn4LAYwQKxpmibqiG+bsrUi7BgLrmj7PsA9gfr1BtYkCDpcolcviwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNKYWPDpe5GRu56kk/XEpV/HAFyxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMHBoWThPbDdrWkc3bnFTVDljU2xYOGNBWExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHnpJ5GQ7XPLvb8OuzgM
S5E7uIJWI/B4t45HSy6K6HIWtUc6VJRoRwThCkuBBJfCS5ZnSxPSB/GOD6tNImqU
+EOarkP7/96KR/++2Ma1V9EdaHNBiSD5skxiQzENtUDFXZBVFjXAKsfypAenV2o3
I5BdU7CuHPvcCIvpVvRw8zn8Us9sfrbCIjQhg58e31PHT8/TuoUb+3OwZkJR976C
cwbXDz7wkNgZ83vJLlel5/4sVlkK41oJBYn0qlgL00mDyELffVWvjB7xSkWHZaPI
wccS8Ig3CWCor9QiHa+qRHCtMW0Dc9XshkGuW6TPDvbuTVy6Hpns8wCeW9WLpx33
o2U=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:10:21 2025 by rpki-client