Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2PWf7XODWNO_y_wB6V6malI38iM.roa
File: 2PWf7XODWNO_y_wB6V6malI38iM.roa (raw, json)
Hash identifier: n8AlNfn8oMnAQtxgAPZnDHQ2XmIXiiJwWsFeSGDJ9WI=
Subject key identifier: D8:F5:9F:ED:73:83:58:D3:BF:CB:FC:01:E9:5E:A6:6A:52:37:F2:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E9D68F49C52618AFE0CD8CAEE8DAD705C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2PWf7XODWNO_y_wB6V6malI38iM.roa
Signing time: Tue 02 Apr 2024 06:04:45 +0000
ROA not before: Tue 02 Apr 2024 06:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:9d68:f15e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:68:f4:9c:52:61:8a:fe:0c:d8:ca:ee:8d:ad:70:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 06:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8f59fed738358d3bfcbfc01e95ea66a5237f223
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:12:e9:bd:c5:9d:43:97:b5:f2:6e:47:7b:44:
51:d0:e5:f0:b7:33:0b:96:a3:c3:d2:52:1e:f9:f6:
77:1a:69:fc:c3:37:0d:ee:b5:35:86:83:ac:a3:eb:
4d:8b:eb:f8:6a:d1:6f:39:29:f3:aa:f7:63:88:83:
f6:51:9f:98:8b:b9:1a:32:a8:e4:96:af:ed:dd:9c:
01:47:c2:53:df:97:a8:07:bd:38:a5:bf:42:7a:da:
0a:40:9a:df:15:37:d6:90:d9:18:a6:b9:98:7e:91:
03:b9:17:64:df:ed:8d:97:bd:32:3b:de:da:fd:cc:
fa:9f:27:56:6f:d1:93:d2:7e:ab:a4:3b:b3:af:ce:
9a:7a:06:30:82:a8:c6:c7:25:7c:32:96:59:a7:9f:
d0:9b:f4:8d:04:8c:d3:81:49:cc:71:60:59:22:94:
be:0e:74:e7:e4:76:a6:0a:39:be:89:90:3c:86:d0:
1e:75:4e:53:89:69:5c:75:5e:92:0c:6a:99:f2:f9:
f2:b7:0c:c7:d6:36:f6:c6:34:83:a1:a4:80:26:97:
44:33:53:87:ab:37:21:d4:aa:77:db:a1:ca:df:b2:
aa:ff:b5:b9:6d:ce:6d:a8:ee:8a:d3:62:3c:4b:eb:
ed:21:20:45:ea:1e:ce:54:4f:4b:e3:2c:37:8b:e2:
a4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F5:9F:ED:73:83:58:D3:BF:CB:FC:01:E9:5E:A6:6A:52:37:F2:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2PWf7XODWNO_y_wB6V6malI38iM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:8d:40:36:a7:ab:67:8f:64:01:58:66:7a:49:d8:45:39:3d:
82:8f:9c:b6:61:47:60:8a:6b:c1:c5:7e:54:da:20:0c:ea:73:
4a:b5:ae:9b:07:24:16:90:13:26:3f:cc:02:25:ae:6d:df:fc:
a4:21:2a:c8:9a:94:bf:20:1b:35:b5:5a:9e:cb:47:41:34:bb:
5d:2a:e1:5c:65:2e:06:52:28:25:3b:8c:0b:60:c5:fc:4a:f9:
a9:a5:50:87:a3:f6:ce:df:07:1f:f1:72:bb:c5:d0:a2:01:96:
8f:83:27:8b:60:ce:61:2c:ea:77:fa:e0:91:b6:b3:e7:a0:f0:
5e:30:30:13:b6:c9:ae:96:60:94:05:5c:32:67:c2:74:74:0b:
b0:d8:9b:71:52:46:d2:57:03:33:bc:db:b6:d1:1a:a2:d0:be:
1d:af:d9:a7:de:4c:55:c9:ba:17:45:d9:38:39:01:8d:2b:a9:
ef:ee:24:58:a1:57:9a:30:c9:50:f2:f8:94:a8:3b:96:04:19:
cd:02:bc:90:2b:f3:54:88:ca:f7:ae:e6:12:3a:1c:2e:15:82:
fc:28:2b:18:81:4d:f3:14:f6:49:3d:49:96:95:02:85:4c:cd:
37:0d:95:e8:df:75:34:d8:78:4a:0c:4a:f8:8b:c6:ba:b8:a9:
86:d4:26:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6daPScUmGK/gzYyu6NrXBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMDYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGY1OWZlZDczODM1OGQzYmZjYmZjMDFlOTVlYTY2YTUyMzdmMjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRLpvcWdQ5e18m5He0RR0OXwtzML
lqPD0lIe+fZ3Gmn8wzcN7rU1hoOso+tNi+v4atFvOSnzqvdjiIP2UZ+Yi7kaMqjk
lq/t3ZwBR8JT35eoB704pb9CetoKQJrfFTfWkNkYprmYfpEDuRdk3+2Nl70yO97a
/cz6nydWb9GT0n6rpDuzr86aegYwgqjGxyV8MpZZp5/Qm/SNBIzTgUnMcWBZIpS+
DnTn5HamCjm+iZA8htAedU5TiWlcdV6SDGqZ8vnytwzH1jb2xjSDoaSAJpdEM1OH
qzch1Kp326HK37Kq/7W5bc5tqO6K02I8S+vtISBF6h7OVE9L4yw3i+KkZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNj1n+1zg1jTv8v8AelepmpSN/IjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMlBXZjdYT0RXTk9feV93QjZWNm1hbEkzOGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIGNQDanq2ePZAFYZnpJ
2EU5PYKPnLZhR2CKa8HFflTaIAzqc0q1rpsHJBaQEyY/zAIlrm3f/KQhKsialL8g
GzW1Wp7LR0E0u10q4VxlLgZSKCU7jAtgxfxK+amlUIej9s7fBx/xcrvF0KIBlo+D
J4tgzmEs6nf64JG2s+eg8F4wMBO2ya6WYJQFXDJnwnR0C7DYm3FSRtJXAzO827bR
GqLQvh2v2afeTFXJuhdF2Tg5AY0rqe/uJFihV5owyVDy+JSoO5YEGc0CvJAr81SI
yveu5hI6HC4VgvwoKxiBTfMU9kk9SZaVAoVMzTcNlejfdTTYeEoMSviLxrq4qYbU
JgU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:49 2025 by rpki-client