Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2AEXq1kIAnBduCP0x2PtdOPK3e4.roa
File: 2AEXq1kIAnBduCP0x2PtdOPK3e4.roa (raw, json)
Hash identifier: o1DAx82W8tYuzh0Qrd0zyPaUYZ6RymeDiqK3Xplnb5E=
Subject key identifier: D8:01:17:AB:59:08:02:70:5D:B8:23:F4:C7:63:ED:74:E3:CA:DD:EE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D83494CBB4CF280577D7C7538C7360D2C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2AEXq1kIAnBduCP0x2PtdOPK3e4.roa
Signing time: Wed 07 Feb 2024 11:17:15 +0000
ROA not before: Wed 07 Feb 2024 11:17:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:49:4c:bb:4c:f2:80:57:7d:7c:75:38:c7:36:0d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 7 11:17:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d80117ab590802705db823f4c763ed74e3caddee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:45:58:ea:f6:ef:06:7a:fe:8c:c3:1b:01:26:
95:cc:f9:42:b4:75:90:9d:81:87:d6:ff:c6:4a:ff:
8c:32:57:f2:9b:e2:4d:f3:77:ea:b0:89:07:88:6a:
69:6f:61:1c:6a:ce:ea:93:ca:dc:cf:c7:fb:36:d3:
7f:20:ae:ba:c2:fe:7e:4a:39:2d:12:4f:e6:98:14:
a8:c2:63:ae:e2:be:70:f4:70:53:85:2b:33:4c:9b:
57:f3:7c:f3:4a:1c:b3:b4:4c:c5:66:cf:a6:4a:5a:
97:0d:1c:06:e6:76:f6:10:5a:00:93:00:05:ed:cc:
52:dd:0f:f9:79:77:10:dd:22:db:43:81:23:d5:ed:
37:5f:e8:2f:6d:65:c7:cd:11:49:ef:24:39:32:5b:
a4:36:20:b0:e1:67:e8:4c:8f:72:8a:82:cd:14:54:
cc:92:e2:71:3d:fa:99:8e:d0:c2:19:c5:f5:df:c8:
f3:4d:37:39:30:f4:1e:96:ce:e0:6b:d9:c1:72:14:
ba:42:99:8b:70:3a:00:0c:37:1b:27:da:b5:e2:0b:
36:94:e5:54:4f:75:7f:49:1b:e4:7b:88:c6:68:68:
c3:9f:28:27:a2:80:28:a1:02:4e:c7:03:f7:23:8e:
4a:c7:1d:78:44:f3:bb:db:d5:a2:2e:98:da:02:fd:
dc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:01:17:AB:59:08:02:70:5D:B8:23:F4:C7:63:ED:74:E3:CA:DD:EE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2AEXq1kIAnBduCP0x2PtdOPK3e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:49:ce:06:5a:d9:7f:d3:93:7f:a5:ba:31:5b:cc:d3:ad:ac:
c9:66:46:46:5d:dd:86:78:40:ee:52:5c:4f:5e:dc:6f:c4:d7:
4c:09:35:19:92:cd:88:c2:c9:9a:e2:71:4a:f3:a5:78:a6:97:
bb:da:62:9f:bb:67:10:80:d5:73:d0:2a:8c:d9:67:88:b8:a8:
9e:bc:ac:25:a1:99:7b:19:f8:b1:bb:0a:69:91:da:be:1c:b3:
81:9b:fd:db:29:ec:4f:f1:81:8e:38:9e:9a:65:76:10:0c:ee:
fb:e5:2a:2c:ee:4b:f6:c6:66:94:cf:74:e5:fb:90:b7:9e:c8:
70:9d:8f:4f:89:be:22:b2:da:57:8d:91:8b:68:dc:11:d8:f3:
e4:59:74:b9:a3:77:89:7b:bb:28:51:dc:0e:4c:50:40:16:f5:
1a:40:d7:52:b7:4f:a4:b7:e9:28:94:08:56:ab:71:d9:9c:5e:
fa:6d:82:43:0b:6d:02:23:62:ca:8f:f1:6f:7b:e8:fd:1d:2b:
56:80:0c:b6:77:ed:cc:7a:33:df:4f:c2:7d:a7:20:01:7a:48:
fe:b4:dc:91:d5:04:5f:a8:cd:ce:a4:39:d8:38:7c:7b:4d:37:
00:53:cd:44:b3:37:f2:ce:4b:9c:25:06:3b:70:17:6c:5f:3d:
c7:f9:65:ff
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2DSUy7TPKAV318dTjHNg0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA3MTExNzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODAxMTdhYjU5MDgwMjcwNWRiODIzZjRjNzYzZWQ3NGUzY2FkZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0VY6vbvBnr+jMMbASaVzPlCtHWQ
nYGH1v/GSv+MMlfym+JN83fqsIkHiGppb2Ecas7qk8rcz8f7NtN/IK66wv5+Sjkt
Ek/mmBSowmOu4r5w9HBThSszTJtX83zzShyztEzFZs+mSlqXDRwG5nb2EFoAkwAF
7cxS3Q/5eXcQ3SLbQ4Ej1e03X+gvbWXHzRFJ7yQ5MlukNiCw4WfoTI9yioLNFFTM
kuJxPfqZjtDCGcX138jzTTc5MPQels7ga9nBchS6QpmLcDoADDcbJ9q14gs2lOVU
T3V/SRvke4jGaGjDnygnooAooQJOxwP3I45Kxx14RPO729WiLpjaAv3cXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNgBF6tZCAJwXbgj9Mdj7XTjyt3uMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMkFFWHExa0lBbkJkdUNQMHgyUHRkT1BLM2U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJNJzgZa2X/Tk3+lujFb
zNOtrMlmRkZd3YZ4QO5SXE9e3G/E10wJNRmSzYjCyZricUrzpXiml7vaYp+7ZxCA
1XPQKozZZ4i4qJ68rCWhmXsZ+LG7CmmR2r4cs4Gb/dsp7E/xgY44nppldhAM7vvl
KizuS/bGZpTPdOX7kLeeyHCdj0+JviKy2leNkYto3BHY8+RZdLmjd4l7uyhR3A5M
UEAW9RpA11K3T6S36SiUCFarcdmcXvptgkMLbQIjYsqP8W976P0dK1aADLZ37cx6
M99Pwn2nIAF6SP603JHVBF+ozc6kOdg4fHtNNwBTzUSzN/LOS5wlBjtwF2xfPcf5
Zf8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:31 2025 by rpki-client