Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2bsK2VRXEd8mchQS3qdH6c8L8h8.roa
File: 2bsK2VRXEd8mchQS3qdH6c8L8h8.roa (raw, json)
Hash identifier: TtF/8olAndNDtffDl/bBFA0IgaFQ4WfNQo/WYXnTj2g=
Subject key identifier: D9:BB:0A:D9:54:57:11:DF:26:72:14:12:DE:A7:47:E9:CF:0B:F2:1F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6BDE28CD1E9D006D2FADF9B0D891CB52
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2bsK2VRXEd8mchQS3qdH6c8L8h8.roa
Signing time: Sat 23 Mar 2024 15:11:45 +0000
ROA not before: Sat 23 Mar 2024 15:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6b:de:28:cd:1e:9d:00:6d:2f:ad:f9:b0:d8:91:cb:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 15:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9bb0ad9545711df26721412dea747e9cf0bf21f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:43:90:da:c0:be:d3:25:bf:95:36:97:9c:6b:
d0:e9:38:bd:58:b7:fb:0e:24:05:13:6e:5f:0e:4a:
96:db:df:01:17:77:c2:91:03:fb:36:20:0a:b4:60:
e5:eb:97:cc:6f:30:22:cc:83:9c:03:16:24:e0:05:
71:af:70:e1:a2:20:6f:0c:c7:3a:3a:7f:ce:28:85:
94:91:e9:68:72:c4:df:66:23:6b:b4:53:3c:61:db:
d5:c2:88:c4:38:6c:93:79:76:b8:96:02:a6:01:8e:
14:c0:a5:73:8d:a6:86:cd:1e:40:27:8a:22:1c:ba:
32:fc:48:16:d0:9d:fe:ea:d6:1c:7e:8b:d8:d5:b4:
3b:e5:97:a8:68:45:8c:92:09:7d:ae:9f:11:6e:0c:
cf:12:b5:54:99:53:9c:2e:4a:06:8b:52:bd:01:32:
0b:80:8d:8c:ec:e3:c9:a2:58:42:a4:35:28:a3:92:
9b:77:76:f7:5b:82:69:a0:80:ee:a4:07:30:7c:89:
1d:de:2e:60:95:c4:db:01:68:5f:96:14:8f:22:b6:
f0:83:1c:7c:b6:11:7a:dd:5a:7b:98:4b:17:94:a5:
a6:ab:d5:06:ca:49:8e:4d:02:17:59:a2:dd:b3:08:
9e:7f:ac:12:90:a5:ba:4d:33:33:81:6f:6f:75:ca:
d1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BB:0A:D9:54:57:11:DF:26:72:14:12:DE:A7:47:E9:CF:0B:F2:1F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2bsK2VRXEd8mchQS3qdH6c8L8h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1f:ba:bb:7c:71:4f:f2:46:11:40:0e:bf:e2:d2:c4:0d:a5:13:
7f:32:16:45:b6:5d:49:fd:ea:c5:7f:82:be:49:5f:24:79:3c:
f3:67:40:25:10:67:aa:5e:c4:d4:9f:17:ed:fd:c8:bf:fa:06:
6b:a8:d7:5f:56:b4:3a:ee:1b:52:80:15:7a:7b:82:b6:0f:f6:
6d:1e:b7:85:86:48:51:9c:15:c7:ab:88:fd:fd:ec:08:82:1a:
08:6b:aa:cb:e5:cf:0b:05:c2:bf:de:c7:68:d9:f7:39:9c:84:
d7:65:a0:01:4e:6a:06:fc:98:ba:3b:81:40:2b:8c:bf:83:97:
85:34:50:81:74:16:2f:fd:e3:93:fe:d7:f9:50:83:ed:72:e3:
fd:0e:ff:4b:b3:ce:10:0e:e8:df:d5:d7:ea:8c:60:b1:a1:10:
fc:13:0e:e6:bf:67:c5:ea:e2:85:cc:26:62:0d:ac:54:a2:0a:
9b:6b:f7:e4:88:ef:e2:46:f3:37:87:af:69:89:f7:d2:a2:6e:
94:6c:51:bb:58:a2:71:e6:2e:45:7e:4d:0d:49:82:17:db:6e:
cc:d5:40:b4:24:2d:83:7d:1d:cd:8e:6a:17:f0:98:3d:61:2a:
6e:1b:1d:a0:54:7c:ca:15:66:bf:93:36:00:2c:dc:c9:b8:91:
cf:a6:19:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5r3ijNHp0AbS+t+bDYkctSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMTUxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWJiMGFkOTU0NTcxMWRmMjY3MjE0MTJkZWE3NDdlOWNmMGJmMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEOQ2sC+0yW/lTaXnGvQ6Ti9WLf7
DiQFE25fDkqW298BF3fCkQP7NiAKtGDl65fMbzAizIOcAxYk4AVxr3DhoiBvDMc6
On/OKIWUkelocsTfZiNrtFM8YdvVwojEOGyTeXa4lgKmAY4UwKVzjaaGzR5AJ4oi
HLoy/EgW0J3+6tYcfovY1bQ75ZeoaEWMkgl9rp8RbgzPErVUmVOcLkoGi1K9ATIL
gI2M7OPJolhCpDUoo5Kbd3b3W4JpoIDupAcwfIkd3i5glcTbAWhflhSPIrbwgxx8
thF63Vp7mEsXlKWmq9UGykmOTQIXWaLdswief6wSkKW6TTMzgW9vdcrR7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNm7CtlUVxHfJnIUEt6nR+nPC/IfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMmJzSzJWUlhFZDhtY2hRUzNxZEg2YzhMOGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB+6u3xxT/JGEUAOv+LS
xA2lE38yFkW2XUn96sV/gr5JXyR5PPNnQCUQZ6pexNSfF+39yL/6Bmuo119WtDru
G1KAFXp7grYP9m0et4WGSFGcFceriP397AiCGghrqsvlzwsFwr/ex2jZ9zmchNdl
oAFOagb8mLo7gUArjL+Dl4U0UIF0Fi/945P+1/lQg+1y4/0O/0uzzhAO6N/V1+qM
YLGhEPwTDua/Z8Xq4oXMJmINrFSiCptr9+SI7+JG8zeHr2mJ99KibpRsUbtYonHm
LkV+TQ1JghfbbszVQLQkLYN9Hc2OahfwmD1hKm4bHaBUfMoVZr+TNgAs3Mm4kc+m
GfI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:46 2025 by rpki-client