Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0t71m9XKNVTBbENmzlj5eanf9ic.roa
File: 0t71m9XKNVTBbENmzlj5eanf9ic.roa (raw, json)
Hash identifier: zv/DFwmELwYG5fs1vX4j7hAcVFfzXJRPoI8Bq09pOMM=
Subject key identifier: D2:DE:F5:9B:D5:CA:35:54:C1:6C:43:66:CE:58:F9:79:A9:DF:F6:27
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA0017146B0CE9B640FC2CDB19F96A765
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0t71m9XKNVTBbENmzlj5eanf9ic.roa
Signing time: Mon 25 Dec 2023 08:04:58 +0000
ROA not before: Mon 25 Dec 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:a000:cc03/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:01:71:46:b0:ce:9b:64:0f:c2:cd:b1:9f:96:a7:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2def59bd5ca3554c16c4366ce58f979a9dff627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:92:e2:41:6d:f0:13:52:35:ca:2d:af:52:03:
6b:dd:c9:0c:0b:99:2b:9b:a4:41:94:7e:c1:6b:60:
23:67:df:75:64:33:b2:21:a4:ef:51:b0:84:03:21:
4c:b3:78:e5:73:63:b6:50:ce:16:46:bb:b0:6d:41:
c3:80:53:9e:f5:7a:11:77:cb:bf:e6:27:08:7e:93:
a0:1f:d7:9d:60:ec:4e:16:71:1b:ce:83:06:48:f3:
b8:77:65:b2:0f:0d:fd:b5:fb:26:86:9c:0d:3c:c5:
dc:27:6e:3a:76:e3:f5:3c:05:75:b0:54:a8:e2:7a:
4f:3c:53:0d:89:cf:90:86:d1:0e:94:09:33:05:cb:
46:78:60:97:53:30:e3:0f:bb:e4:92:b9:ff:c0:9e:
39:54:97:af:4c:03:13:24:3f:6a:61:b5:13:67:f3:
94:2f:be:97:0c:50:0a:08:83:5c:74:f7:8e:68:8f:
58:14:b5:ed:3a:d0:8a:bc:fa:f3:15:0f:3b:1e:1f:
b2:8a:f1:6a:60:79:d9:f3:af:5e:3a:fb:40:cd:0e:
c4:af:e2:3e:78:f0:e0:4b:24:10:a7:78:4f:1c:95:
68:f8:00:51:38:f6:61:e9:76:88:f7:f1:43:3b:bb:
57:7a:ba:ef:98:88:c0:92:84:79:f3:2d:7a:9c:81:
0e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:DE:F5:9B:D5:CA:35:54:C1:6C:43:66:CE:58:F9:79:A9:DF:F6:27
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/0t71m9XKNVTBbENmzlj5eanf9ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1b:9d:b5:63:10:2c:65:ab:da:c9:65:9a:d2:56:81:f8:31:7e:
3d:73:51:2e:b1:19:32:aa:ca:6e:4d:eb:e3:d7:1a:56:b7:1a:
c3:ee:d6:33:f0:79:42:14:f7:e2:de:e3:b5:e2:26:cc:71:7e:
98:fc:d1:86:cf:52:ec:05:72:6f:59:f8:0f:10:97:f2:17:cb:
88:b0:1b:8a:53:70:ab:41:5c:37:67:a1:39:9a:b1:e8:34:e9:
75:e5:65:fe:7e:1d:63:10:aa:38:0c:6b:6f:1e:99:25:ed:52:
2c:a5:f6:6f:3d:ad:03:91:6c:5d:68:91:97:11:46:4f:f2:02:
81:28:dd:7d:85:32:b2:30:ab:fd:b4:d4:bb:81:6d:37:1c:2f:
8c:a5:fe:5a:56:7c:29:11:39:d8:c2:e5:12:61:c3:e2:fe:93:
20:59:5e:68:7c:fa:2a:fc:d8:00:38:12:4a:c8:e4:af:f5:38:
e1:9a:3c:ad:a4:fd:ff:b1:38:bc:16:c5:50:2b:de:d4:3e:e4:
b5:87:24:b6:b8:9e:de:31:08:37:99:bd:c0:e0:32:f8:5f:b0:
85:61:5a:16:67:a6:1a:81:dc:5f:42:40:d9:23:41:e4:2e:71:
36:25:e9:ab:68:a4:d1:bb:8b:4b:aa:ea:eb:e3:e8:0a:9c:ef:
2b:96:f8:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYygAXFGsM6bZA/CzbGflqdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmRlZjU5YmQ1Y2EzNTU0YzE2YzQzNjZjZTU4Zjk3OWE5ZGZmNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpLiQW3wE1I1yi2vUgNr3ckMC5kr
m6RBlH7Ba2AjZ991ZDOyIaTvUbCEAyFMs3jlc2O2UM4WRruwbUHDgFOe9XoRd8u/
5icIfpOgH9edYOxOFnEbzoMGSPO4d2WyDw39tfsmhpwNPMXcJ246duP1PAV1sFSo
4npPPFMNic+QhtEOlAkzBctGeGCXUzDjD7vkkrn/wJ45VJevTAMTJD9qYbUTZ/OU
L76XDFAKCINcdPeOaI9YFLXtOtCKvPrzFQ87Hh+yivFqYHnZ869eOvtAzQ7Er+I+
ePDgSyQQp3hPHJVo+ABROPZh6XaI9/FDO7tXerrvmIjAkoR58y16nIEO2wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNLe9ZvVyjVUwWxDZs5Y+Xmp3/YnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMHQ3MW05WEtOVlRCYkVObXpsajVlYW5mOWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABudtWMQLGWr2sllmtJW
gfgxfj1zUS6xGTKqym5N6+PXGla3GsPu1jPweUIU9+Le47XiJsxxfpj80YbPUuwF
cm9Z+A8Ql/IXy4iwG4pTcKtBXDdnoTmaseg06XXlZf5+HWMQqjgMa28emSXtUiyl
9m89rQORbF1okZcRRk/yAoEo3X2FMrIwq/201LuBbTccL4yl/lpWfCkROdjC5RJh
w+L+kyBZXmh8+ir82AA4EkrI5K/1OOGaPK2k/f+xOLwWxVAr3tQ+5LWHJLa4nt4x
CDeZvcDgMvhfsIVhWhZnphqB3F9CQNkjQeQucTYl6atopNG7i0uq6uvj6Aqc7yuW
+Ko=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:54:33 2025 by rpki-client