Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2JC9NBXA2oyv_Agg3jNjMKjwC74.roa
File: 2JC9NBXA2oyv_Agg3jNjMKjwC74.roa (raw, json)
Hash identifier: C1Tmu1CXg0mtT0c/VzOWCcAA3kVftXyiRk32T9guhwE=
Subject key identifier: D8:90:BD:34:15:C0:DA:8C:AF:FC:08:20:DE:33:63:30:A8:F0:0B:BE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF0EBE62BA1C4B21C13606B17B001F7DE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2JC9NBXA2oyv_Agg3jNjMKjwC74.roa
Signing time: Wed 10 Jan 2024 01:10:40 +0000
ROA not before: Wed 10 Jan 2024 01:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f0:eb:e6:2b:a1:c4:b2:1c:13:60:6b:17:b0:01:f7:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 10 01:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d890bd3415c0da8caffc0820de336330a8f00bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f6:65:92:b1:0d:29:3c:7d:2d:03:1a:3f:93:
b9:cb:4b:3b:b9:10:a7:4f:64:15:68:68:c6:0b:3e:
5c:f2:19:70:db:ed:55:58:4a:7b:2a:ea:44:d8:a5:
b4:71:ef:e9:1d:c5:c4:74:d2:f1:bf:f6:ad:8f:9d:
5c:f5:09:c7:c9:b7:57:62:f3:ba:4a:ab:6f:ae:92:
d1:55:e6:7b:cd:20:4c:64:09:98:60:80:5e:99:4d:
29:46:80:da:83:f7:9e:e3:de:16:a8:2c:b2:72:8e:
89:8c:36:6f:f8:5a:2b:1b:ef:5e:5f:4d:c2:92:39:
76:0f:3a:b1:bd:cd:1b:e3:30:51:ca:d7:dd:a9:c0:
5a:91:5b:db:e1:78:e6:52:0b:3a:44:93:5f:85:e9:
05:e7:24:1e:0d:a3:26:05:74:b1:c1:2e:cf:06:d4:
9b:66:c0:eb:cd:79:07:63:a4:0b:29:e2:7c:1e:17:
f5:ec:90:96:e4:48:48:5a:10:6b:82:4c:0b:20:77:
d7:45:06:90:6b:d4:99:1c:c7:6d:04:52:1f:8c:05:
37:46:29:18:41:d0:14:71:84:48:ff:c7:39:2f:45:
c3:e9:58:b3:0b:33:e9:62:9c:99:e9:05:71:84:31:
9a:df:a9:f5:9c:4a:da:fb:fa:6e:5a:b4:a6:87:a3:
db:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:90:BD:34:15:C0:DA:8C:AF:FC:08:20:DE:33:63:30:A8:F0:0B:BE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2JC9NBXA2oyv_Agg3jNjMKjwC74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:43:c7:4a:b5:64:12:56:86:6a:be:e1:40:e5:8c:72:78:97:
7c:67:2b:46:21:87:d8:18:b3:82:46:a7:9c:8d:a9:37:b6:d2:
52:0d:e1:f1:cb:21:b2:a2:ff:ec:ba:c1:16:8e:6a:1c:75:8d:
95:c3:67:72:3b:a0:72:2c:d2:c8:34:3e:cb:f2:19:a0:f9:46:
ab:c9:d8:7e:d0:c4:a6:1c:6f:d4:9d:21:0f:67:af:b9:25:0e:
a3:bd:3d:94:77:1d:6c:96:db:5c:56:60:63:f0:5d:f1:ef:54:
dd:75:49:1e:64:84:44:19:6c:c0:83:57:c2:31:d5:4a:3d:7a:
60:02:52:f6:e1:ed:4b:04:2f:33:5f:f2:0e:87:1e:18:13:6f:
1e:9a:32:d7:d0:6d:72:02:18:e9:92:6b:8b:03:92:d5:00:a6:
90:e5:12:cd:66:65:d9:0b:8a:9d:43:c5:6e:78:b0:eb:0f:58:
4d:95:f7:81:77:17:e9:71:e2:d0:4c:13:f2:b2:4a:eb:e1:79:
05:60:47:2c:aa:88:4b:65:8d:6d:da:06:ec:64:ad:17:c1:fb:
82:94:1a:e1:6b:77:17:ec:30:92:b4:4a:d0:fb:a5:c6:3b:77:
62:0b:cd:e5:5c:a2:36:31:dc:a1:b6:9f:01:1b:0f:1f:d4:fa:
9a:7a:80:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzw6+YrocSyHBNgaxewAffeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEwMDExMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODkwYmQzNDE1YzBkYThjYWZmYzA4MjBkZTMzNjMzMGE4ZjAwYmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/ZlkrENKTx9LQMaP5O5y0s7uRCn
T2QVaGjGCz5c8hlw2+1VWEp7KupE2KW0ce/pHcXEdNLxv/atj51c9QnHybdXYvO6
SqtvrpLRVeZ7zSBMZAmYYIBemU0pRoDag/ee494WqCyyco6JjDZv+ForG+9eX03C
kjl2Dzqxvc0b4zBRytfdqcBakVvb4XjmUgs6RJNfhekF5yQeDaMmBXSxwS7PBtSb
ZsDrzXkHY6QLKeJ8Hhf17JCW5EhIWhBrgkwLIHfXRQaQa9SZHMdtBFIfjAU3RikY
QdAUcYRI/8c5L0XD6VizCzPpYpyZ6QVxhDGa36n1nEra+/puWrSmh6PbdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNiQvTQVwNqMr/wIIN4zYzCo8Au+MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMkpDOU5CWEEyb3l2X0FnZzNqTmpNS2p3Qzc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKhDx0q1ZBJWhmq+4UDl
jHJ4l3xnK0Yhh9gYs4JGp5yNqTe20lIN4fHLIbKi/+y6wRaOahx1jZXDZ3I7oHIs
0sg0PsvyGaD5RqvJ2H7QxKYcb9SdIQ9nr7klDqO9PZR3HWyW21xWYGPwXfHvVN11
SR5khEQZbMCDV8Ix1Uo9emACUvbh7UsELzNf8g6HHhgTbx6aMtfQbXICGOmSa4sD
ktUAppDlEs1mZdkLip1DxW54sOsPWE2V94F3F+lx4tBME/KySuvheQVgRyyqiEtl
jW3aBuxkrRfB+4KUGuFrdxfsMJK0StD7pcY7d2ILzeVcojYx3KG2nwEbDx/U+pp6
gOE=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:11:52 2025 by rpki-client