Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2ria1SC79x6w_7kq4zl-aVir-sM.roa
File: 2ria1SC79x6w_7kq4zl-aVir-sM.roa (raw, json)
Hash identifier: mQXkiQG+0LxVJqnBDfdcxa2xgLbBQyCiGHsw9zymgPw=
Subject key identifier: DA:B8:9A:D5:20:BB:F7:1E:B0:FF:B9:2A:E3:39:7E:69:58:AB:FA:C3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E724F05AF27FBF2EF1BE605150F2C426B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2ria1SC79x6w_7kq4zl-aVir-sM.roa
Signing time: Sun 24 Mar 2024 21:12:45 +0000
ROA not before: Sun 24 Mar 2024 21:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:72:4f:05:af:27:fb:f2:ef:1b:e6:05:15:0f:2c:42:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 24 21:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dab89ad520bbf71eb0ffb92ae3397e6958abfac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:7c:dc:4a:51:a2:7a:8c:42:22:be:94:47:
de:8f:90:a8:e3:e9:c9:e1:e5:f7:c4:3f:26:e1:4e:
f4:c5:a8:5c:16:d5:cf:72:27:3d:9e:47:44:ed:72:
a4:dd:0e:6e:1b:bf:19:89:7e:f2:ae:2c:7c:f8:9b:
74:25:6f:b8:b8:21:2f:14:45:72:5a:a3:ed:fa:2e:
04:b8:78:58:80:5c:3e:95:b5:74:d0:51:04:03:1f:
be:15:36:b3:b8:57:a6:0b:05:c1:29:ed:9e:1d:44:
67:4d:ec:7e:cf:12:e7:da:4d:14:e9:5c:ff:bf:15:
3e:2f:41:45:95:8e:4e:4f:84:34:61:8f:54:3c:6d:
f5:38:f9:20:b9:be:29:b7:19:85:7b:a5:92:c2:c7:
97:36:a9:89:b8:02:fd:19:95:a9:75:db:3d:fa:bb:
6f:21:55:f1:b7:39:e9:5b:9d:bd:b4:7d:b2:de:2f:
32:dd:8f:36:f7:af:05:76:6a:46:6e:1f:f9:d4:b5:
73:06:a3:04:15:ec:ed:39:2d:5e:f3:1f:fe:40:77:
a7:32:72:14:63:95:dd:23:13:4e:cb:45:27:53:2c:
40:38:77:58:c6:40:ff:09:53:23:c8:b5:28:5b:97:
21:20:21:a1:71:86:42:c8:00:96:0c:7b:05:4a:6c:
09:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B8:9A:D5:20:BB:F7:1E:B0:FF:B9:2A:E3:39:7E:69:58:AB:FA:C3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2ria1SC79x6w_7kq4zl-aVir-sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:61:20:e4:dd:54:c5:11:88:24:77:bc:78:fd:81:01:ef:71:
14:a4:51:9f:f3:ab:93:fb:7b:0a:5d:9c:7b:9c:a3:a5:56:e4:
58:b2:4d:e3:91:bd:ab:de:4a:a6:6a:54:7f:16:ab:ca:28:0c:
44:57:45:f7:f6:66:a0:79:12:0c:45:13:25:19:95:3e:31:b0:
26:4c:ae:f9:9c:c9:9c:f4:de:c7:58:44:13:cf:bc:cf:6a:51:
08:34:0c:98:f0:93:39:cb:06:e5:48:59:37:9d:54:ce:31:26:
a1:cb:8e:a4:9b:e2:41:a9:8a:c6:81:35:10:29:f9:2c:6f:18:
31:48:6e:62:9c:a9:ee:ad:eb:9c:38:60:e0:53:83:4d:0f:0e:
82:15:8a:f7:a7:24:0e:3a:ba:c2:b4:25:91:50:09:f4:41:10:
8b:08:d5:60:60:28:72:8c:45:0b:ab:94:7b:32:45:4c:a5:aa:
64:dc:42:4a:79:fb:67:af:1a:ee:7a:55:70:3a:b5:c0:ef:ce:
ed:01:a8:37:99:23:b3:28:72:d4:98:9c:02:b4:d4:35:6c:d1:
d0:d8:50:38:cd:8d:bf:24:db:4d:0d:b1:21:6a:15:6c:87:c8:
08:1c:44:9d:a1:fe:03:ef:28:2b:72:89:04:eb:df:d5:d6:a6:
c8:ca:e5:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5yTwWvJ/vy7xvmBRUPLEJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI0MjExMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWI4OWFkNTIwYmJmNzFlYjBmZmI5MmFlMzM5N2U2OTU4YWJmYWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNd83EpRonqMQiK+lEfej5Co4+nJ
4eX3xD8m4U70xahcFtXPcic9nkdE7XKk3Q5uG78ZiX7yrix8+Jt0JW+4uCEvFEVy
WqPt+i4EuHhYgFw+lbV00FEEAx++FTazuFemCwXBKe2eHURnTex+zxLn2k0U6Vz/
vxU+L0FFlY5OT4Q0YY9UPG31OPkgub4ptxmFe6WSwseXNqmJuAL9GZWpdds9+rtv
IVXxtznpW529tH2y3i8y3Y82968FdmpGbh/51LVzBqMEFeztOS1e8x/+QHenMnIU
Y5XdIxNOy0UnUyxAOHdYxkD/CVMjyLUoW5chICGhcYZCyACWDHsFSmwJCQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNq4mtUgu/cesP+5KuM5fmlYq/rDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMnJpYTFTQzc5eDZ3XzdrcTR6bC1hVmlyLXNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEdhIOTdVMURiCR3vHj9
gQHvcRSkUZ/zq5P7ewpdnHuco6VW5FiyTeORvaveSqZqVH8Wq8ooDERXRff2ZqB5
EgxFEyUZlT4xsCZMrvmcyZz03sdYRBPPvM9qUQg0DJjwkznLBuVIWTedVM4xJqHL
jqSb4kGpisaBNRAp+SxvGDFIbmKcqe6t65w4YOBTg00PDoIVivenJA46usK0JZFQ
CfRBEIsI1WBgKHKMRQurlHsyRUylqmTcQkp5+2evGu56VXA6tcDvzu0BqDeZI7Mo
ctSYnAK01DVs0dDYUDjNjb8k200NsSFqFWyHyAgcRJ2h/gPvKCtyiQTr39XWpsjK
5X4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:09 2025 by rpki-client