Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-irQpMXyhRSRVb2cvA_Pxnq-lNc.roa
File: 1-irQpMXyhRSRVb2cvA_Pxnq-lNc.roa (raw, json)
Hash identifier: R29EkPgjQqLF/47kXFqbOvC6uZl3DQcAONyRMsYpWyg=
Subject key identifier: FA:2A:D0:A4:C5:F2:85:14:91:55:BD:9C:BC:0F:CF:C6:7A:BE:94:D7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C8DCD6908F1E58CFA3DE85DCFEECA09C5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-irQpMXyhRSRVb2cvA_Pxnq-lNc.roa
Signing time: Thu 21 Dec 2023 19:14:58 +0000
ROA not before: Thu 21 Dec 2023 19:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8d:cd:69:08:f1:e5:8c:fa:3d:e8:5d:cf:ee:ca:09:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 21 19:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa2ad0a4c5f285149155bd9cbc0fcfc67abe94d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:16:e2:00:21:08:44:f4:74:56:bb:0b:3f:ee:
b9:fe:f9:8d:29:3d:3d:34:bd:bc:cb:4e:95:70:4b:
76:80:ff:d2:4a:a0:8e:09:3f:6a:f2:46:8e:7d:35:
62:99:e1:ee:11:40:a5:10:9d:f5:33:39:78:cd:04:
f3:dd:54:1f:5b:a2:29:bc:99:bc:f9:7f:9f:1b:42:
50:3b:2e:f1:e8:f4:5e:9f:b3:f3:1a:fd:7a:07:c4:
99:b2:09:bb:07:78:86:52:b4:16:c0:55:b7:da:62:
a4:c4:29:35:18:73:a5:bb:d8:72:0a:41:c9:7e:00:
70:b2:9c:65:1c:fa:3c:47:67:74:37:62:7c:f0:fc:
f5:b5:7c:4f:90:59:ea:77:83:65:78:54:c6:e0:1e:
11:ac:ea:80:f8:51:fd:ff:e9:6f:f4:59:53:4f:1b:
4f:62:56:80:33:de:4f:e0:ec:0b:c3:47:68:d2:fd:
09:db:97:1c:8b:4e:02:56:58:e8:df:2f:68:59:77:
1a:97:d9:d9:9b:45:e1:da:9b:f9:7e:55:b1:cf:a1:
70:f3:e9:2c:40:5b:86:93:18:16:37:49:e6:92:75:
8e:c2:78:7b:fa:83:65:99:70:5e:c7:e9:15:0e:db:
f9:44:4c:42:b2:66:46:56:19:d8:cc:3f:ea:9d:45:
17:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:2A:D0:A4:C5:F2:85:14:91:55:BD:9C:BC:0F:CF:C6:7A:BE:94:D7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1-irQpMXyhRSRVb2cvA_Pxnq-lNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:6a:8f:43:ac:6e:3c:cc:27:2b:67:08:a2:cd:81:0a:51:cb:
5c:c6:ce:bf:42:81:32:c6:79:57:55:31:19:3d:0c:e2:01:b6:
90:56:ab:fa:fa:96:80:eb:b9:32:9e:1d:a4:12:cb:0c:7c:8e:
bc:4f:6f:16:10:69:6c:c5:fb:ee:7d:dd:a9:a6:bd:e2:25:57:
f2:a3:5a:cd:e1:cc:5a:bc:38:38:ca:ca:d4:8a:aa:f4:bf:1c:
2b:66:3d:7a:a9:c6:c1:9e:8e:f4:14:f2:fa:73:33:79:c3:16:
93:f3:de:e2:d5:e2:15:fe:88:06:f2:c9:29:16:fc:91:3a:9e:
41:7a:77:8d:68:7a:16:50:09:4b:c6:4c:c4:2e:4d:c3:5c:62:
56:dc:ef:63:e8:0b:0a:35:d2:e3:7b:e0:2f:45:57:d9:5c:ab:
7e:fc:74:78:8a:52:a8:57:a2:4a:3d:fb:e4:f6:4c:c6:88:16:
a0:6a:ef:9a:b0:a3:3e:73:aa:ab:87:39:88:fe:04:16:bb:75:
eb:c0:72:ed:32:f2:a2:53:bd:93:30:ed:4a:56:cb:ec:5e:23:
e4:e7:50:4d:d3:06:8f:11:9f:ce:1d:36:2e:4c:8d:67:28:40:
84:89:8d:81:c9:17:76:18:25:6e:a1:cb:70:7b:89:b0:9f:73:
2c:09:58:9f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyNzWkI8eWM+j3oXc/uygnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIxMTkxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTJhZDBhNGM1ZjI4NTE0OTE1NWJkOWNiYzBmY2ZjNjdhYmU5NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihbiACEIRPR0VrsLP+65/vmNKT09
NL28y06VcEt2gP/SSqCOCT9q8kaOfTVimeHuEUClEJ31Mzl4zQTz3VQfW6IpvJm8
+X+fG0JQOy7x6PRen7PzGv16B8SZsgm7B3iGUrQWwFW32mKkxCk1GHOlu9hyCkHJ
fgBwspxlHPo8R2d0N2J88Pz1tXxPkFnqd4NleFTG4B4RrOqA+FH9/+lv9FlTTxtP
YlaAM95P4OwLw0do0v0J25cci04CVljo3y9oWXcal9nZm0Xh2pv5flWxz6Fw8+ks
QFuGkxgWN0nmknWOwnh7+oNlmXBex+kVDtv5RExCsmZGVhnYzD/qnUUXqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPoq0KTF8oUUkVW9nLwPz8Z6vpTXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMS1pclFwTVh5aFJTUlZiMmN2QV9QeG5xLWxOYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGIvZTA1MjBkLTliYTYtNDFhMy04Zjg3LWM1Mzk3OWQ2NmNh
NS8xLzA3UGFQc3VLZlVNOTQ0TTRabnMxNW8zM1A0dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEA8EAGDAP
BAIAAjAJAwcAIAEGfABkMA0GCSqGSIb3DQEBCwUAA4IBAQCjao9DrG48zCcrZwii
zYEKUctcxs6/QoEyxnlXVTEZPQziAbaQVqv6+paA67kynh2kEssMfI68T28WEGls
xfvufd2ppr3iJVfyo1rN4cxavDg4ysrUiqr0vxwrZj16qcbBno70FPL6czN5wxaT
897i1eIV/ogG8skpFvyROp5BeneNaHoWUAlLxkzELk3DXGJW3O9j6AsKNdLje+Av
RVfZXKt+/HR4ilKoV6JKPfvk9kzGiBagau+asKM+c6qrhzmI/gQWu3XrwHLtMvKi
U72TMO1KVsvsXiPk51BN0waPEZ/OHTYuTI1nKECEiY2ByRd2GCVuoctwe4mwn3Ms
CVif
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:16 2025 by rpki-client