Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/16Eqtw6-AOvaq_B0a11PWmXc2dA.roa
File: 16Eqtw6-AOvaq_B0a11PWmXc2dA.roa (raw, json)
Hash identifier: p/wqHytCaCBjGBAETUhiICG+o6GGZSVQMNnZxcqJUJk=
Subject key identifier: D7:A1:2A:B7:0E:BE:00:EB:DA:AB:F0:74:6B:5D:4F:5A:65:DC:D9:D0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7993602FBA18886FFD19396FAE820C9C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/16Eqtw6-AOvaq_B0a11PWmXc2dA.roa
Signing time: Tue 26 Mar 2024 07:04:45 +0000
ROA not before: Tue 26 Mar 2024 07:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:7992:fd89/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:93:60:2f:ba:18:88:6f:fd:19:39:6f:ae:82:0c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 26 07:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7a12ab70ebe00ebdaabf0746b5d4f5a65dcd9d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:24:19:34:f1:1a:27:89:df:02:c6:b7:9c:ff:
71:33:15:1a:b6:3e:63:73:1b:f9:b3:6e:25:81:24:
3c:d8:ab:4d:d7:08:22:4e:34:5d:ca:f9:b1:bb:74:
e9:ed:0e:54:50:03:4a:a4:8a:da:a7:e4:80:49:85:
f9:84:53:e3:e5:a4:1c:79:28:c9:65:45:92:44:76:
49:2f:62:61:23:64:99:62:24:ad:8f:b8:98:b5:8e:
5b:ab:e8:08:d2:c2:27:6a:fa:ed:75:9b:27:08:92:
00:b9:8b:3e:46:df:81:74:d1:ae:ec:81:37:f3:38:
7c:e5:85:ec:c2:84:34:52:8e:4d:f9:0f:2f:57:89:
4f:f7:90:07:33:45:67:1a:cd:4b:d1:a4:ae:ec:fd:
85:5c:16:ea:34:dc:87:5e:e6:4b:77:40:3e:6e:c6:
b6:cb:22:e2:f2:03:76:7f:1c:f6:bf:3b:8a:45:57:
09:7f:2b:f3:af:a6:c9:8b:b6:1e:67:3a:a4:19:11:
e7:d3:c6:0e:54:75:03:f8:29:e2:49:5e:7b:bc:4c:
50:52:17:cb:e5:52:f3:ef:ec:fc:2e:36:7f:d1:29:
4f:1c:9f:09:4a:6e:54:55:ee:b0:4c:56:45:07:60:
16:38:85:32:ac:aa:c0:e5:c0:88:73:3f:f8:00:f3:
18:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A1:2A:B7:0E:BE:00:EB:DA:AB:F0:74:6B:5D:4F:5A:65:DC:D9:D0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/16Eqtw6-AOvaq_B0a11PWmXc2dA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:cc:57:fb:7b:56:7a:43:99:b8:31:ed:5d:b2:c7:3f:cd:e1:
d9:54:bc:31:7b:79:72:db:6c:b1:1c:4a:ec:b2:c5:5a:03:8f:
93:50:b1:e3:76:a9:52:a5:dc:5e:53:e3:47:4b:3b:08:78:9b:
09:9f:d9:c6:3c:72:5b:ae:21:c7:28:38:19:f3:73:d9:75:9a:
b2:2c:e6:bf:1d:5a:e1:22:68:23:04:54:83:67:eb:22:88:06:
d6:11:07:43:80:9b:9b:74:99:ca:fc:2b:b8:bf:19:b3:85:8b:
01:8e:8d:59:d2:92:49:24:ad:1c:6a:e6:23:20:e7:8c:ce:51:
f8:1c:cd:d4:9e:68:01:d7:44:6f:05:36:2e:fe:bf:76:6b:a2:
1d:f2:ac:75:57:b7:06:7b:4f:c6:08:e8:f5:7d:88:51:73:e2:
32:12:b2:96:53:b6:13:1c:53:81:45:52:e4:11:0f:57:78:f7:
42:e4:31:e5:c0:d1:4a:11:a5:8b:98:03:4c:9f:53:53:8b:64:
33:aa:29:d8:2e:fc:cf:53:02:4a:dd:29:aa:1a:f9:3f:dd:96:
52:7e:5b:c8:30:d1:a1:6d:e7:09:bd:ce:38:a0:56:25:cd:12:
26:17:57:15:2f:2b:f4:1d:53:f8:8b:27:0d:f3:f9:53:f8:3c:
e8:16:f9:6e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY55k2AvuhiIb/0ZOW+uggycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI2MDcwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2ExMmFiNzBlYmUwMGViZGFhYmYwNzQ2YjVkNGY1YTY1ZGNkOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCQZNPEaJ4nfAsa3nP9xMxUatj5j
cxv5s24lgSQ82KtN1wgiTjRdyvmxu3Tp7Q5UUANKpIrap+SASYX5hFPj5aQceSjJ
ZUWSRHZJL2JhI2SZYiStj7iYtY5bq+gI0sInavrtdZsnCJIAuYs+Rt+BdNGu7IE3
8zh85YXswoQ0Uo5N+Q8vV4lP95AHM0VnGs1L0aSu7P2FXBbqNNyHXuZLd0A+bsa2
yyLi8gN2fxz2vzuKRVcJfyvzr6bJi7YeZzqkGRHn08YOVHUD+CniSV57vExQUhfL
5VLz7+z8LjZ/0SlPHJ8JSm5UVe6wTFZFB2AWOIUyrKrA5cCIcz/4APMYlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNehKrcOvgDr2qvwdGtdT1pl3NnQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMTZFcXR3Ni1BT3ZhcV9CMGExMVBXbVhjMmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABrMV/t7VnpDmbgx7V2y
xz/N4dlUvDF7eXLbbLEcSuyyxVoDj5NQseN2qVKl3F5T40dLOwh4mwmf2cY8cluu
IccoOBnzc9l1mrIs5r8dWuEiaCMEVINn6yKIBtYRB0OAm5t0mcr8K7i/GbOFiwGO
jVnSkkkkrRxq5iMg54zOUfgczdSeaAHXRG8FNi7+v3Zroh3yrHVXtwZ7T8YI6PV9
iFFz4jISspZTthMcU4FFUuQRD1d490LkMeXA0UoRpYuYA0yfU1OLZDOqKdgu/M9T
AkrdKaoa+T/dllJ+W8gw0aFt5wm9zjigViXNEiYXVxUvK/QdU/iLJw3z+VP4POgW
+W4=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:51:59 2025 by rpki-client