Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2DLD4lnaGv6mnimQFWD3RlpY41o.roa
File: 2DLD4lnaGv6mnimQFWD3RlpY41o.roa (raw, json)
Hash identifier: PjJ4QCf9Y+Awi5Tg0cvQInONZjaD99iVrH5ut/cbokk=
Subject key identifier: D8:32:C3:E2:59:DA:1A:FE:A6:9E:29:90:15:60:F7:46:5A:58:E3:5A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D3B9C3DD65056BBB4559768D018C0FF71
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2DLD4lnaGv6mnimQFWD3RlpY41o.roa
Signing time: Wed 24 Jan 2024 13:15:11 +0000
ROA not before: Wed 24 Jan 2024 13:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3b:9c:3d:d6:50:56:bb:b4:55:97:68:d0:18:c0:ff:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 24 13:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d832c3e259da1afea69e29901560f7465a58e35a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:8d:ab:12:e3:fe:ae:6c:c8:0c:4e:64:b2:d3:
7a:ea:29:ff:3e:e2:dc:5a:5c:46:cf:71:f7:34:cf:
78:bf:89:d9:13:1d:c9:94:aa:cd:d4:21:a9:f7:c8:
65:01:1e:f1:60:28:d2:90:ea:06:2a:2a:7a:a1:9b:
fa:06:ea:b8:5f:df:3b:0f:0f:2d:ac:c6:f2:56:63:
49:f6:7b:a7:32:8e:7b:07:08:db:54:85:aa:31:40:
80:37:03:52:45:cd:d9:10:c8:0a:b7:b8:1b:99:e5:
08:ae:9c:85:79:8d:d1:c3:33:10:0d:f5:03:d9:12:
ff:0e:40:2a:6f:d1:37:50:94:48:93:a2:b2:82:21:
93:26:18:26:82:67:82:2b:16:fc:50:2d:e8:75:41:
ac:69:41:f7:2a:47:41:4c:c6:e9:af:77:2a:a5:c1:
55:9a:da:2b:3c:6f:2a:9c:a1:3b:c8:5d:3c:dc:db:
d5:33:cb:77:1f:f4:2e:31:d4:60:84:00:8c:0f:24:
c0:b2:29:76:76:43:9e:72:af:5b:95:38:02:db:20:
31:fe:70:af:ee:1a:36:89:09:85:4c:07:88:fb:67:
c4:e4:d8:ee:5b:ef:33:48:68:f6:da:49:a1:b8:9e:
a6:89:13:19:94:8f:ef:e1:e4:f6:85:b6:14:d0:46:
10:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:32:C3:E2:59:DA:1A:FE:A6:9E:29:90:15:60:F7:46:5A:58:E3:5A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2DLD4lnaGv6mnimQFWD3RlpY41o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2d:12:08:10:bc:96:a7:3b:a7:0c:a5:e7:c3:a2:af:d6:34:a9:
cf:50:eb:bb:55:74:08:12:2f:fc:05:5b:8b:60:54:37:a6:26:
56:cc:aa:97:fe:e4:05:9e:aa:c6:fa:8f:a6:46:58:85:54:80:
55:d1:92:2f:12:a7:42:55:f0:e1:9a:13:ca:8e:51:43:c1:17:
6f:12:30:74:b2:08:87:bf:28:e8:13:46:eb:f0:03:74:e6:52:
b1:8e:93:75:dc:fd:7c:6c:af:8c:8d:99:07:8a:a4:ce:68:20:
7a:72:d5:95:3a:92:61:d6:4c:14:20:1e:fb:04:b7:1b:54:b9:
2d:6d:55:8a:90:0c:e5:7e:37:69:e1:d6:b7:16:55:de:a7:da:
fd:2e:8c:55:44:79:09:d9:f5:86:a2:42:4c:89:5a:18:6f:71:
c3:7b:29:a8:c8:1a:03:53:38:80:16:84:ed:c1:c9:8d:93:a9:
99:20:ee:1c:0b:97:b5:29:9d:7f:6e:2e:e1:82:f2:f2:79:06:
fc:07:bc:70:bb:5f:9b:28:b7:e6:dc:a4:6a:12:a0:20:8c:31:
38:df:50:b2:32:e8:8e:4f:48:9e:d3:cd:e1:fa:de:95:64:9a:
47:53:09:1f:7e:9c:47:67:13:de:19:3d:38:4b:53:af:1f:87:
01:1f:1a:11
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY07nD3WUFa7tFWXaNAYwP9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI0MTMxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODMyYzNlMjU5ZGExYWZlYTY5ZTI5OTAxNTYwZjc0NjVhNThlMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg42rEuP+rmzIDE5kstN66in/PuLc
WlxGz3H3NM94v4nZEx3JlKrN1CGp98hlAR7xYCjSkOoGKip6oZv6Buq4X987Dw8t
rMbyVmNJ9nunMo57BwjbVIWqMUCANwNSRc3ZEMgKt7gbmeUIrpyFeY3RwzMQDfUD
2RL/DkAqb9E3UJRIk6KygiGTJhgmgmeCKxb8UC3odUGsaUH3KkdBTMbpr3cqpcFV
mtorPG8qnKE7yF083NvVM8t3H/QuMdRghACMDyTAsil2dkOecq9blTgC2yAx/nCv
7ho2iQmFTAeI+2fE5NjuW+8zSGj22kmhuJ6miRMZlI/v4eT2hbYU0EYQ0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNgyw+JZ2hr+pp4pkBVg90ZaWONaMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMkRMRDRsbmFHdjZtbmltUUZXRDNSbHBZNDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC0SCBC8lqc7pwyl58Oi
r9Y0qc9Q67tVdAgSL/wFW4tgVDemJlbMqpf+5AWeqsb6j6ZGWIVUgFXRki8Sp0JV
8OGaE8qOUUPBF28SMHSyCIe/KOgTRuvwA3TmUrGOk3Xc/Xxsr4yNmQeKpM5oIHpy
1ZU6kmHWTBQgHvsEtxtUuS1tVYqQDOV+N2nh1rcWVd6n2v0ujFVEeQnZ9YaiQkyJ
WhhvccN7KajIGgNTOIAWhO3ByY2TqZkg7hwLl7UpnX9uLuGC8vJ5BvwHvHC7X5so
t+bcpGoSoCCMMTjfULIy6I5PSJ7TzeH63pVkmkdTCR9+nEdnE94ZPThLU68fhwEf
GhE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:58 2025 by rpki-client