Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2LJ8WqyKk3UcSmPBeDHhr7aEbmE.roa
File: 2LJ8WqyKk3UcSmPBeDHhr7aEbmE.roa (raw, json)
Hash identifier: RC5tS9qlSZNKB/WcGCIcTY9oNBw6/I8UBFuTRMEylZU=
Subject key identifier: D8:B2:7C:5A:AC:8A:93:75:1C:4A:63:C1:78:31:E1:AF:B6:84:6E:61
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D62DFE34F4EBA85B000CE9C78BA383E17
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2LJ8WqyKk3UcSmPBeDHhr7aEbmE.roa
Signing time: Thu 01 Feb 2024 04:14:16 +0000
ROA not before: Thu 01 Feb 2024 04:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:df:e3:4f:4e:ba:85:b0:00:ce:9c:78:ba:38:3e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 1 04:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8b27c5aac8a93751c4a63c17831e1afb6846e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:be:d8:f8:62:f9:f7:02:77:7a:2a:ea:3f:7a:
c6:7c:02:6c:15:76:1f:a1:71:2e:64:3d:67:95:f8:
b5:97:bc:fe:0e:20:21:f2:d2:62:d5:7a:b4:7e:4e:
fc:9c:44:55:1c:a6:0f:5b:27:ba:9e:5b:ca:25:d5:
42:72:90:0f:46:6b:00:89:98:f0:75:c4:06:32:5d:
1f:5e:41:19:de:7b:f1:3a:0f:9e:8f:b3:95:f3:b1:
7f:97:ca:65:f2:7c:ac:34:43:c6:2b:8b:09:0e:e1:
c4:8c:88:33:5f:30:b2:c4:0c:ee:ca:c1:76:66:3d:
54:e4:4a:09:82:70:36:68:93:2d:4e:17:96:39:4d:
d9:92:ed:a7:f2:fe:6d:8c:b9:6b:85:50:36:6f:bc:
03:7b:bc:64:11:c3:26:c1:e9:88:70:bc:8e:4c:eb:
b6:ee:c5:f3:26:5f:e7:e7:52:be:59:6d:55:75:17:
92:98:89:84:6d:b3:41:c9:06:5d:a3:d2:de:c9:8d:
71:47:98:ee:70:e8:cb:89:fa:4e:a1:ec:59:fa:d2:
68:c5:b0:07:e3:f0:b4:24:7c:40:39:12:b0:39:4b:
e6:0c:dd:dd:16:6b:70:a3:1f:6a:23:96:1d:4e:95:
ae:eb:1c:fd:54:c1:f2:12:bb:5b:63:b7:39:9e:bd:
15:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B2:7C:5A:AC:8A:93:75:1C:4A:63:C1:78:31:E1:AF:B6:84:6E:61
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2LJ8WqyKk3UcSmPBeDHhr7aEbmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
72:cd:90:28:bd:6f:0a:1e:c0:9d:d1:9e:57:e7:ea:4c:b5:24:
8a:6a:9e:2f:26:5c:55:60:48:d1:ed:6e:af:fc:ae:2d:ef:25:
56:45:2c:58:56:a8:24:28:39:63:ab:8d:5f:7f:94:9d:a1:59:
e7:db:87:53:c0:a2:7f:3f:b9:94:d3:0a:9e:44:f3:3f:8a:d5:
f6:5e:85:34:8c:5f:49:b4:f9:32:d2:8e:b8:ab:3a:a2:6b:ec:
7e:4f:b1:08:5d:ed:f5:70:21:2b:dd:7a:a4:6e:fc:9f:e9:a1:
e6:ce:29:bd:02:ee:a1:1b:f5:c9:76:fd:a9:f1:d9:52:ae:3e:
4a:a0:17:3b:16:06:ac:94:02:dc:aa:04:d6:31:c6:11:1a:69:
d7:7e:87:77:74:bd:f9:11:7b:76:bd:db:ef:20:3c:0c:fc:59:
3b:47:9a:98:09:51:6a:24:d8:76:16:fc:26:29:a3:c0:20:2a:
06:e9:97:60:f0:15:ca:7b:3f:6f:76:e8:c1:d2:39:dc:a0:8f:
fa:b8:05:9d:e9:16:0f:65:2b:99:dc:ec:32:47:f5:37:62:9a:
02:88:fd:9c:93:32:b5:de:1c:26:60:1d:3d:58:df:68:67:73:
d8:0c:86:d3:51:7b:81:fb:33:2e:de:33:74:02:9a:41:e0:3f:
a3:85:0c:80
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1i3+NPTrqFsADOnHi6OD4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAxMDQxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGIyN2M1YWFjOGE5Mzc1MWM0YTYzYzE3ODMxZTFhZmI2ODQ2ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA177Y+GL59wJ3eirqP3rGfAJsFXYf
oXEuZD1nlfi1l7z+DiAh8tJi1Xq0fk78nERVHKYPWye6nlvKJdVCcpAPRmsAiZjw
dcQGMl0fXkEZ3nvxOg+ej7OV87F/l8pl8nysNEPGK4sJDuHEjIgzXzCyxAzuysF2
Zj1U5EoJgnA2aJMtTheWOU3Zku2n8v5tjLlrhVA2b7wDe7xkEcMmwemIcLyOTOu2
7sXzJl/n51K+WW1VdReSmImEbbNByQZdo9LeyY1xR5jucOjLifpOoexZ+tJoxbAH
4/C0JHxAORKwOUvmDN3dFmtwox9qI5YdTpWu6xz9VMHyErtbY7c5nr0VOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNiyfFqsipN1HEpjwXgx4a+2hG5hMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMkxKOFdxeUtrM1VjU21QQmVESGhyN2FFYm1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHLNkCi9bwoewJ3Rnlfn
6ky1JIpqni8mXFVgSNHtbq/8ri3vJVZFLFhWqCQoOWOrjV9/lJ2hWefbh1PAon8/
uZTTCp5E8z+K1fZehTSMX0m0+TLSjrirOqJr7H5PsQhd7fVwISvdeqRu/J/poebO
Kb0C7qEb9cl2/anx2VKuPkqgFzsWBqyUAtyqBNYxxhEaadd+h3d0vfkRe3a92+8g
PAz8WTtHmpgJUWok2HYW/CYpo8AgKgbpl2DwFcp7P2926MHSOdygj/q4BZ3pFg9l
K5nc7DJH9TdimgKI/ZyTMrXeHCZgHT1Y32hnc9gMhtNRe4H7My7eM3QCmkHgP6OF
DIA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:38 2025 by rpki-client