Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1UeM2z_AQ8juqgZS6OXeHYVIWN0.roa
File: 1UeM2z_AQ8juqgZS6OXeHYVIWN0.roa (raw, json)
Hash identifier: E0LKXFF9jOfnwHKg867nXXUoQZyqq9bMJPQ/Lutgg6o=
Subject key identifier: D5:47:8C:DB:3F:C0:43:C8:EE:AA:06:52:E8:E5:DE:1D:85:48:58:DD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE6CBE9C7E97205F2FF5F802849042150
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1UeM2z_AQ8juqgZS6OXeHYVIWN0.roa
Signing time: Tue 16 Apr 2024 12:05:07 +0000
ROA not before: Tue 16 Apr 2024 12:05:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:e6cb:2c6d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:cb:e9:c7:e9:72:05:f2:ff:5f:80:28:49:04:21:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 16 12:05:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5478cdb3fc043c8eeaa0652e8e5de1d854858dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:64:f9:b9:f0:b1:30:ee:4e:9d:7b:e4:22:22:
20:e1:5c:3c:1f:d4:93:f8:8f:e0:b1:db:16:92:aa:
4a:88:f2:14:79:f6:24:a5:7c:4e:c5:6c:b4:88:37:
a4:7f:67:fd:2a:9a:cc:19:b6:4a:e8:c3:a8:7e:03:
01:46:c3:95:6b:1d:a3:2b:91:78:63:bd:6b:01:33:
48:7d:7d:9b:da:48:cd:21:97:62:33:b5:21:d2:53:
8a:0f:61:68:60:e7:c4:d0:3d:66:0a:d7:eb:c8:18:
ec:ef:e6:fc:e3:12:7e:97:3c:63:36:52:51:1a:26:
9f:c6:92:d4:b3:31:dd:75:f7:e3:af:fd:49:bc:ed:
3a:bc:9b:53:cc:c5:5b:5f:3e:bb:5a:c3:f0:09:94:
5c:6b:0c:9f:af:44:85:78:34:85:aa:f6:31:49:b7:
09:2e:98:1c:29:54:d3:8f:a3:c7:9f:44:41:cc:f6:
0b:a2:39:8a:32:41:04:ce:be:a7:56:03:52:92:df:
39:2b:47:32:fc:5f:a3:e1:dc:6d:23:63:64:6f:16:
f1:02:1c:8f:03:4f:a4:5b:d3:fd:58:0a:49:6b:c7:
79:19:87:b4:70:ea:8e:9a:2f:7e:ae:fe:fd:a7:2e:
aa:81:60:4b:df:28:13:80:aa:25:6b:8b:80:94:74:
20:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:47:8C:DB:3F:C0:43:C8:EE:AA:06:52:E8:E5:DE:1D:85:48:58:DD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1UeM2z_AQ8juqgZS6OXeHYVIWN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
39:62:b5:6b:5d:c7:81:a8:67:5f:0e:de:8c:81:2f:21:dd:6d:
de:95:a4:cf:a0:77:ad:3b:36:7c:46:8a:e6:a3:29:f9:76:02:
96:32:2e:9d:29:6f:74:6e:d5:4d:e1:55:27:2b:02:44:36:6c:
00:cc:4e:be:a6:9b:24:f7:e2:50:af:c3:6b:cc:36:31:98:90:
f7:20:4f:01:26:de:5e:b3:49:58:3f:1e:0e:f4:4d:c5:82:7f:
6a:a2:bb:dc:46:5c:0a:62:89:26:06:f2:dd:28:87:79:5a:03:
c8:db:ef:d7:dd:ad:cb:34:f3:d5:4a:4d:f5:06:22:96:cd:8d:
92:ba:54:be:04:9a:dd:83:a7:d2:b7:e8:49:17:c5:a1:63:4d:
7c:22:95:eb:c3:d9:ba:97:da:95:2f:37:e1:f4:a2:1d:fc:53:
d2:4b:cf:7e:fd:6c:36:eb:65:c9:84:69:91:24:e9:0d:76:59:
26:27:97:2c:12:d6:df:c1:8c:52:9b:e2:78:a4:54:f7:b3:5f:
1e:03:7e:77:53:50:2f:fb:77:25:53:ae:13:58:0a:48:54:80:
76:56:40:16:8b:38:34:29:35:43:91:f8:92:7a:db:f6:de:16:
0c:26:9d:94:db:e3:8d:1b:16:3c:22:48:cb:22:8b:08:ed:f5:
e0:ab:0e:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7my+nH6XIF8v9fgChJBCFQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE2MTIwNTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ3OGNkYjNmYzA0M2M4ZWVhYTA2NTJlOGU1ZGUxZDg1NDg1OGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmT5ufCxMO5OnXvkIiIg4Vw8H9ST
+I/gsdsWkqpKiPIUefYkpXxOxWy0iDekf2f9KprMGbZK6MOofgMBRsOVax2jK5F4
Y71rATNIfX2b2kjNIZdiM7Uh0lOKD2FoYOfE0D1mCtfryBjs7+b84xJ+lzxjNlJR
GiafxpLUszHddffjr/1JvO06vJtTzMVbXz67WsPwCZRcawyfr0SFeDSFqvYxSbcJ
LpgcKVTTj6PHn0RBzPYLojmKMkEEzr6nVgNSkt85K0cy/F+j4dxtI2NkbxbxAhyP
A0+kW9P9WApJa8d5GYe0cOqOmi9+rv79py6qgWBL3ygTgKola4uAlHQgYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNVHjNs/wEPI7qoGUujl3h2FSFjdMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMVVlTTJ6X0FROGp1cWdaUzZPWGVIWVZJV04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADlitWtdx4GoZ18O3oyB
LyHdbd6VpM+gd607NnxGiuajKfl2ApYyLp0pb3Ru1U3hVScrAkQ2bADMTr6mmyT3
4lCvw2vMNjGYkPcgTwEm3l6zSVg/Hg70TcWCf2qiu9xGXApiiSYG8t0oh3laA8jb
79fdrcs089VKTfUGIpbNjZK6VL4Emt2Dp9K36EkXxaFjTXwilevD2bqX2pUvN+H0
oh38U9JLz379bDbrZcmEaZEk6Q12WSYnlywS1t/BjFKb4nikVPezXx4DfndTUC/7
dyVTrhNYCkhUgHZWQBaLODQpNUOR+JJ62/beFgwmnZTb440bFjwiSMsiiwjt9eCr
DjA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:33:07 2025 by rpki-client