Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1eERIMZQ6v9HfDU6fY6VHlqCx_E.roa
File: 1eERIMZQ6v9HfDU6fY6VHlqCx_E.roa (raw, json)
Hash identifier: hFIFB+Tce9CyzgJv+xW2DDjH0B+Gek1SlE8s7DrafIo=
Subject key identifier: D5:E1:11:20:C6:50:EA:FF:47:7C:35:3A:7D:8E:95:1E:5A:82:C7:F1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C973D7BF188FBB5CB5AD8327FC6CDFB42
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1eERIMZQ6v9HfDU6fY6VHlqCx_E.roa
Signing time: Sat 23 Dec 2023 15:13:58 +0000
ROA not before: Sat 23 Dec 2023 15:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:3d:7b:f1:88:fb:b5:cb:5a:d8:32:7f:c6:cd:fb:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 15:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5e11120c650eaff477c353a7d8e951e5a82c7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:c1:c9:b6:98:a5:29:d5:a2:16:fa:56:3c:72:
29:72:4e:d6:fe:57:e8:f6:cc:24:e7:09:2a:4e:c1:
fd:57:f8:8e:df:29:73:c8:05:a0:1c:92:b9:c3:94:
ed:85:ae:f0:cc:93:ed:36:b0:27:76:df:81:74:3b:
aa:51:47:69:9b:6a:53:61:69:58:08:7c:bc:ad:24:
11:9b:43:b9:5f:f2:04:e5:a7:4e:19:fe:0c:39:06:
57:61:39:67:6f:32:17:27:60:05:f9:71:98:36:9f:
58:5f:3b:7d:48:8d:e4:ef:2d:8a:ef:81:20:9e:16:
d8:52:b3:af:47:fe:47:de:e7:05:f7:1d:44:a2:5e:
2b:ca:30:a1:73:12:3d:a1:aa:37:88:ec:80:45:27:
ad:6d:17:1f:df:54:4d:ff:0f:ee:fa:63:50:97:24:
e8:d0:55:c8:71:4d:b8:ab:8a:72:1d:0e:46:6b:f3:
e6:3c:bb:f3:a9:d8:1e:dc:ba:f4:18:3d:2f:64:6f:
d8:24:33:a2:07:ac:83:b4:84:d1:5d:3a:99:68:2d:
ae:99:b9:08:6c:75:76:04:a5:8f:67:45:1d:d5:51:
8f:c3:5d:b5:93:f9:92:36:62:34:51:3a:2e:b1:08:
3d:b9:bc:43:99:ff:7d:19:87:c6:37:6b:4b:97:42:
a2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E1:11:20:C6:50:EA:FF:47:7C:35:3A:7D:8E:95:1E:5A:82:C7:F1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/1eERIMZQ6v9HfDU6fY6VHlqCx_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:df:f6:f4:0b:7c:b9:e3:98:40:f1:c5:e5:21:96:ec:54:8b:
16:e6:84:89:25:36:f0:cb:da:2e:bc:7b:a1:f8:e4:59:14:5e:
39:27:6b:90:9c:8a:a5:65:38:cd:65:b1:82:77:47:a3:66:c9:
45:ab:c5:3c:64:32:b2:35:79:b9:60:23:02:b4:de:1a:da:5b:
d5:db:49:ab:32:c8:8a:fa:76:e3:a2:53:9a:ab:9e:6e:25:cf:
34:0c:5e:c9:d8:87:cb:00:40:b3:c4:dc:e3:20:d5:4b:d0:0b:
08:c8:a5:ed:cf:1c:32:31:9c:75:41:a4:33:ad:e6:86:98:aa:
82:d4:54:ba:e8:bc:2b:7b:ef:25:c0:2d:d8:ab:d3:4e:ab:59:
59:80:55:4c:99:ad:cf:2c:65:90:39:9f:e4:bc:6e:d8:16:50:
8b:3d:73:b3:ef:14:93:de:08:f1:ff:49:9f:3e:60:1f:36:e8:
70:16:28:57:ec:cb:3f:03:1c:5a:3f:4d:b7:87:52:9b:91:fd:
0b:0d:43:3c:14:05:35:66:b3:81:a9:b4:92:d7:e0:a1:1d:1b:
c6:4d:16:92:d6:c6:e3:7d:c0:8f:be:0b:1e:d8:46:85:42:5a:
26:e5:62:48:25:90:ea:37:7d:8f:81:79:e7:99:cf:39:f7:39:
1a:f1:93:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyXPXvxiPu1y1rYMn/GzftCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTUxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWUxMTEyMGM2NTBlYWZmNDc3YzM1M2E3ZDhlOTUxZTVhODJjN2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsHJtpilKdWiFvpWPHIpck7W/lfo
9swk5wkqTsH9V/iO3ylzyAWgHJK5w5Ttha7wzJPtNrAndt+BdDuqUUdpm2pTYWlY
CHy8rSQRm0O5X/IE5adOGf4MOQZXYTlnbzIXJ2AF+XGYNp9YXzt9SI3k7y2K74Eg
nhbYUrOvR/5H3ucF9x1Eol4ryjChcxI9oao3iOyARSetbRcf31RN/w/u+mNQlyTo
0FXIcU24q4pyHQ5Ga/PmPLvzqdge3Lr0GD0vZG/YJDOiB6yDtITRXTqZaC2umbkI
bHV2BKWPZ0Ud1VGPw121k/mSNmI0UTousQg9ubxDmf99GYfGN2tLl0KiFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNXhESDGUOr/R3w1On2OlR5agsfxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMWVFUklNWlE2djlIZkRVNmZZNlZIbHFDeF9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADbf9vQLfLnjmEDxxeUh
luxUixbmhIklNvDL2i68e6H45FkUXjkna5CciqVlOM1lsYJ3R6NmyUWrxTxkMrI1
eblgIwK03hraW9XbSasyyIr6duOiU5qrnm4lzzQMXsnYh8sAQLPE3OMg1UvQCwjI
pe3PHDIxnHVBpDOt5oaYqoLUVLrovCt77yXALdir006rWVmAVUyZrc8sZZA5n+S8
btgWUIs9c7PvFJPeCPH/SZ8+YB826HAWKFfsyz8DHFo/TbeHUpuR/QsNQzwUBTVm
s4GptJLX4KEdG8ZNFpLWxuN9wI++Cx7YRoVCWiblYkglkOo3fY+BeeeZzzn3ORrx
k+k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:50 2025 by rpki-client