Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-XNJm_oRXxaHbw3w4js-7t3QJIs.roa
File: 1-XNJm_oRXxaHbw3w4js-7t3QJIs.roa (raw, json)
Hash identifier: JPqm/Qm5UaDnV5G1O3BjhvlO6srfsKMI/l7Nn9yA1HA=
Subject key identifier: F9:73:49:9B:FA:11:5F:16:87:6F:0D:F0:E2:3B:3E:EE:DD:D0:24:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D72C0D4648559AE3FDEB42AF1AFABA6F0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-XNJm_oRXxaHbw3w4js-7t3QJIs.roa
Signing time: Sun 04 Feb 2024 06:14:16 +0000
ROA not before: Sun 04 Feb 2024 06:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:72:c0:d4:64:85:59:ae:3f:de:b4:2a:f1:af:ab:a6:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 4 06:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f973499bfa115f16876f0df0e23b3eeeddd0248b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:0e:3a:76:80:21:15:5a:24:8a:23:a9:57:91:
c5:10:8e:9e:bf:95:b6:96:ea:df:2c:b0:b8:82:c9:
dc:87:7d:e4:e0:62:e9:a1:7c:5c:b6:03:5e:6d:4e:
a2:ef:3b:d4:06:ac:e4:bf:4b:f6:a3:e4:44:eb:0e:
8f:45:0e:13:6c:ae:8b:91:2a:a5:18:94:14:4c:bc:
70:71:01:db:bb:2f:20:f4:ff:8e:7b:b5:d9:21:c2:
4a:ee:70:c6:ad:fc:40:43:3f:a3:59:86:3e:2a:2f:
fc:c4:3a:4b:ba:6e:b1:28:53:1f:16:fd:2c:a3:ba:
48:68:db:01:e0:fa:67:9e:f6:ed:db:54:c4:d7:8b:
a0:8c:f1:8a:42:4e:38:ac:ae:4c:30:36:27:98:ea:
fe:8b:0d:a1:83:5a:70:ab:83:bb:08:9e:65:67:f5:
04:32:08:d5:4c:56:08:b4:c2:31:18:ee:c5:90:8b:
df:92:f4:8c:98:d4:68:0c:e0:ed:b0:1e:8d:df:5c:
9a:26:57:a0:f9:79:83:e2:9b:c2:bb:22:2b:20:51:
f5:59:71:70:35:89:7f:d8:21:37:89:d4:b0:43:79:
73:5d:1a:3e:5c:94:1d:d1:d5:2e:2d:ac:f3:2b:c1:
02:a9:25:f5:39:8f:2f:e4:98:e5:f1:76:6e:47:5d:
66:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:73:49:9B:FA:11:5F:16:87:6F:0D:F0:E2:3B:3E:EE:DD:D0:24:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-XNJm_oRXxaHbw3w4js-7t3QJIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:6b:f7:fa:3f:01:78:d8:4b:c6:24:15:e7:39:b9:1b:96:b3:
a2:4f:82:46:b9:92:ea:17:38:7b:4d:e2:46:2e:85:6f:f8:5b:
99:fa:2e:ef:68:d4:f8:d0:f1:b3:7e:a1:c3:d9:0a:85:bb:8b:
21:0a:e8:47:0a:4e:23:72:8f:05:35:2f:be:ab:7d:89:fc:f0:
07:1f:67:f6:87:73:ab:89:44:76:e2:ec:95:cb:8b:86:c5:91:
80:25:7c:d1:6d:b9:61:bb:80:0a:ed:a2:b6:79:db:5d:d0:54:
4f:4d:64:ae:d3:e1:90:0e:ca:7e:44:80:3b:4d:2a:e6:86:94:
2e:fa:1c:50:c6:f3:91:33:1a:cd:0b:be:6b:8a:06:a0:c8:07:
55:09:c7:3e:1b:3a:f4:15:85:f3:32:43:3f:4b:ce:1f:50:fe:
fa:52:0b:1b:5b:a7:e0:f9:e3:12:e8:04:a0:c7:fc:5f:08:18:
11:20:2d:b9:5a:de:dc:e0:d7:10:49:08:37:f4:0b:e6:1e:94:
37:20:41:3a:1c:b5:15:63:79:d3:f8:dc:d6:f7:7a:0e:6e:64:
ff:56:95:2d:c7:53:3b:8b:3e:b9:21:89:7f:d8:e5:d5:c2:5b:
4e:7a:81:8c:43:53:82:5b:a0:15:cd:75:fe:b9:c5:7f:e9:b6:
7b:de:3d:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY1ywNRkhVmuP960KvGvq6bwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA0MDYxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTczNDk5YmZhMTE1ZjE2ODc2ZjBkZjBlMjNiM2VlZWRkZDAyNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6g46doAhFVokiiOpV5HFEI6ev5W2
lurfLLC4gsnch33k4GLpoXxctgNebU6i7zvUBqzkv0v2o+RE6w6PRQ4TbK6LkSql
GJQUTLxwcQHbuy8g9P+Oe7XZIcJK7nDGrfxAQz+jWYY+Ki/8xDpLum6xKFMfFv0s
o7pIaNsB4Ppnnvbt21TE14ugjPGKQk44rK5MMDYnmOr+iw2hg1pwq4O7CJ5lZ/UE
MgjVTFYItMIxGO7FkIvfkvSMmNRoDODtsB6N31yaJleg+XmD4pvCuyIrIFH1WXFw
NYl/2CE3idSwQ3lzXRo+XJQd0dUuLazzK8ECqSX1OY8v5Jjl8XZuR11mfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPlzSZv6EV8Wh28N8OI7Pu7d0CSLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1YTkptX29SWHhhSGJ3M3c0anMtN3QzUUpJcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQA0a/f6PwF42EvGJBXn
ObkblrOiT4JGuZLqFzh7TeJGLoVv+FuZ+i7vaNT40PGzfqHD2QqFu4shCuhHCk4j
co8FNS++q32J/PAHH2f2h3OriUR24uyVy4uGxZGAJXzRbblhu4AK7aK2edtd0FRP
TWSu0+GQDsp+RIA7TSrmhpQu+hxQxvORMxrNC75rigagyAdVCcc+Gzr0FYXzMkM/
S84fUP76UgsbW6fg+eMS6ASgx/xfCBgRIC25Wt7c4NcQSQg39AvmHpQ3IEE6HLUV
Y3nT+NzW93oObmT/VpUtx1M7iz65IYl/2OXVwltOeoGMQ1OCW6AVzXX+ucV/6bZ7
3j0C
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:37 2025 by rpki-client