Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2IHQy7fP7K_NocdV_3ofnW1zfmQ.roa
File: 2IHQy7fP7K_NocdV_3ofnW1zfmQ.roa (raw, json)
Hash identifier: Z+xtcANKkFs97JA/+f5nNYN06ghIWez3mGIhixJH4f8=
Subject key identifier: D8:81:D0:CB:B7:CF:EC:AF:CD:A1:C7:55:FF:7A:1F:9D:6D:73:7E:64
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D43FA9388C8A02013083E97F9C015E344
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2IHQy7fP7K_NocdV_3ofnW1zfmQ.roa
Signing time: Fri 26 Jan 2024 04:15:11 +0000
ROA not before: Fri 26 Jan 2024 04:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:43:fa:93:88:c8:a0:20:13:08:3e:97:f9:c0:15:e3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 26 04:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d881d0cbb7cfecafcda1c755ff7a1f9d6d737e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:43:7b:10:17:1d:73:9c:28:55:2b:e1:eb:6a:
be:c3:2d:04:e2:cc:bd:0c:7f:b7:0e:bc:6a:9e:ea:
cd:97:14:b5:9d:9a:ae:5b:73:de:58:6a:37:20:a7:
77:22:f7:54:2d:be:f2:47:a0:78:de:54:40:84:40:
d1:f2:0a:29:4a:99:6f:59:b1:83:5c:fc:41:ac:14:
fc:6c:f9:43:bb:4c:f8:3f:a6:da:e0:4a:46:1f:e9:
df:92:72:22:d2:a6:54:d1:ad:30:cc:ea:8e:8b:98:
98:9b:9e:4b:6f:d8:08:b6:32:58:5a:75:46:fb:a0:
fd:7d:ab:27:1c:0b:ec:6b:6b:a5:e6:0d:7d:54:0a:
5b:7a:b3:b6:e3:9a:fe:f0:c8:f8:59:f6:1d:37:c1:
be:8f:16:5f:c6:ba:4a:53:1f:85:45:13:01:2d:17:
aa:23:c1:8c:ca:4e:69:eb:25:19:41:fa:52:c9:af:
38:f7:50:66:ca:54:0c:f1:f9:9a:37:a8:fc:46:a3:
ca:33:44:11:6c:88:a5:bd:84:f0:20:95:18:85:c3:
bc:85:41:f6:d0:43:07:06:29:a8:29:82:fd:6c:5a:
00:4f:ad:34:97:4e:b5:0c:fd:a2:71:6b:a8:04:75:
3f:47:e3:bc:7a:79:72:93:20:e7:57:6a:8e:34:5a:
71:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:81:D0:CB:B7:CF:EC:AF:CD:A1:C7:55:FF:7A:1F:9D:6D:73:7E:64
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2IHQy7fP7K_NocdV_3ofnW1zfmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:92:71:48:2a:27:27:2e:0c:bb:5e:c3:b6:e9:fc:19:e5:44:
5c:85:b2:be:3a:b2:f0:98:52:17:0b:af:d1:69:9c:0c:c0:4a:
69:ab:78:77:c7:ec:92:44:3c:31:d3:1b:fb:b9:83:9b:21:75:
1a:45:0d:6b:f7:c6:06:d7:e5:c6:8d:46:28:e5:a9:e7:66:36:
84:3c:74:43:20:e9:24:07:cf:e4:39:17:d7:c6:97:8f:1d:f6:
53:93:27:0a:47:74:2c:2c:62:a4:c7:77:0c:c6:45:cb:ce:95:
59:fd:d6:9b:81:6e:dc:cd:e7:c8:e5:57:ea:f6:e2:76:51:68:
dd:0d:9e:a6:6c:c0:b9:95:36:82:d6:4c:d7:87:2d:7a:bf:11:
3f:05:46:64:2b:13:8b:92:b5:ec:d8:11:d6:28:eb:c8:4b:53:
fb:dc:03:d1:03:c6:f4:bb:01:be:3b:fd:24:1e:28:cd:64:2c:
aa:4b:81:56:ea:1f:4f:d7:56:8c:dc:18:21:cc:19:a1:ca:a0:
ae:44:30:94:38:07:67:de:9c:7b:73:69:cb:01:de:b8:fc:2c:
cb:fd:2d:f6:d0:3b:2e:21:1d:e3:b8:6d:e5:e4:bf:2a:1f:bf:
20:0a:47:ad:92:47:b7:eb:62:4c:54:dd:8b:a4:5e:96:b7:ee:
00:f8:b8:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1D+pOIyKAgEwg+l/nAFeNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI2MDQxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODgxZDBjYmI3Y2ZlY2FmY2RhMWM3NTVmZjdhMWY5ZDZkNzM3ZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0N7EBcdc5woVSvh62q+wy0E4sy9
DH+3DrxqnurNlxS1nZquW3PeWGo3IKd3IvdULb7yR6B43lRAhEDR8gopSplvWbGD
XPxBrBT8bPlDu0z4P6ba4EpGH+nfknIi0qZU0a0wzOqOi5iYm55Lb9gItjJYWnVG
+6D9fasnHAvsa2ul5g19VApberO245r+8Mj4WfYdN8G+jxZfxrpKUx+FRRMBLReq
I8GMyk5p6yUZQfpSya8491BmylQM8fmaN6j8RqPKM0QRbIilvYTwIJUYhcO8hUH2
0EMHBimoKYL9bFoAT600l061DP2icWuoBHU/R+O8enlykyDnV2qONFpxtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNiB0Mu3z+yvzaHHVf96H51tc35kMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMklIUXk3ZlA3S19Ob2NkVl8zb2ZuVzF6Zm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKOScUgqJycuDLtew7bp
/BnlRFyFsr46svCYUhcLr9FpnAzASmmreHfH7JJEPDHTG/u5g5shdRpFDWv3xgbX
5caNRijlqedmNoQ8dEMg6SQHz+Q5F9fGl48d9lOTJwpHdCwsYqTHdwzGRcvOlVn9
1puBbtzN58jlV+r24nZRaN0NnqZswLmVNoLWTNeHLXq/ET8FRmQrE4uStezYEdYo
68hLU/vcA9EDxvS7Ab47/SQeKM1kLKpLgVbqH0/XVozcGCHMGaHKoK5EMJQ4B2fe
nHtzacsB3rj8LMv9LfbQOy4hHeO4beXkvyofvyAKR62SR7frYkxU3YukXpa37gD4
uJ0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:09 2025 by rpki-client