Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2zR-KydW7cHKlHpmoCcbDFIgFtA.roa
File: 2zR-KydW7cHKlHpmoCcbDFIgFtA.roa (raw, json)
Hash identifier: l6hU77p9wqdVlQTrkmvLcUGboP/9h2u0mqcwWbDa2Fg=
Subject key identifier: DB:34:7E:2B:27:56:ED:C1:CA:94:7A:66:A0:27:1B:0C:52:20:16:D0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E1D22262C05E44E968AFE65FEB4436E0C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2zR-KydW7cHKlHpmoCcbDFIgFtA.roa
Signing time: Fri 08 Mar 2024 08:16:01 +0000
ROA not before: Fri 08 Mar 2024 08:16:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1d:22:26:2c:05:e4:4e:96:8a:fe:65:fe:b4:43:6e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 8 08:16:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db347e2b2756edc1ca947a66a0271b0c522016d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:71:46:66:f5:f4:73:37:a4:2a:41:a8:57:67:
88:78:a1:7b:5f:4c:d3:77:79:27:fe:bc:80:84:42:
20:bd:2b:ed:0b:33:ec:cb:28:50:33:1e:e5:11:a4:
d3:d1:05:f5:05:a5:37:7e:e6:c1:52:eb:5b:01:3d:
37:69:d1:c1:57:2c:9a:54:fc:fb:20:ed:38:27:22:
29:79:e5:dc:2e:22:3c:ff:f5:42:d7:37:8a:1f:a1:
bd:6c:5c:dc:de:ba:5a:32:6d:f2:67:60:b5:b3:6a:
5e:46:aa:25:59:74:d0:b9:b1:38:a7:a6:45:fb:f6:
85:94:b6:00:5a:6b:0d:db:9d:c5:21:62:f7:1c:9f:
ef:e9:21:71:7a:13:b7:80:8f:a1:e6:b9:d3:ab:71:
01:e5:61:39:e9:a5:ae:bb:c0:e2:e0:23:08:1f:4c:
eb:14:57:fb:85:7b:22:b2:11:f2:71:cb:82:0a:46:
f0:31:ee:4e:70:d9:de:ba:61:f3:a5:0a:35:bb:fc:
3e:f4:ec:6c:bc:aa:5d:cb:bc:c9:d9:04:a6:cb:bc:
5a:b5:10:c3:c2:9a:84:4b:d7:1e:ab:53:b2:61:6a:
61:a1:2b:02:41:ee:8e:2b:25:3e:25:e9:95:7e:5b:
b0:3e:88:25:b6:50:b4:70:e2:36:ca:51:9d:09:09:
3d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:34:7E:2B:27:56:ED:C1:CA:94:7A:66:A0:27:1B:0C:52:20:16:D0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/2zR-KydW7cHKlHpmoCcbDFIgFtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:44:ef:47:c0:6f:27:bc:ec:31:ab:53:61:be:03:28:d4:d4:
7d:b4:55:71:49:49:20:84:ab:a1:63:c8:d4:6f:1d:6e:3a:4e:
02:39:66:bc:27:5d:9b:c3:20:b9:79:63:e1:82:d7:8e:4d:fd:
b8:0f:3c:44:28:95:f6:4c:93:b4:c5:07:d9:3e:fd:d3:3f:ee:
ad:54:e1:39:20:c9:12:bf:8f:a0:f3:19:1a:69:52:af:f9:70:
8e:89:e9:92:4c:98:b0:1b:27:2e:61:df:b7:cb:ae:1d:2c:50:
69:48:fe:32:4c:f8:ad:33:cf:a5:04:49:ec:2c:35:d9:fa:47:
10:fb:22:58:93:d0:24:5d:fe:eb:f1:80:79:ae:ea:a5:98:39:
47:03:f4:2a:60:b3:6d:e2:37:5a:7c:43:94:5f:ff:97:78:4b:
46:73:2f:81:53:70:45:d8:9b:e3:89:34:f5:9b:e4:9b:88:70:
bd:50:19:c0:62:91:66:ee:60:c9:a4:42:e1:55:8e:0f:d4:0d:
68:9b:f9:66:50:d8:d1:22:36:07:05:af:39:3f:b3:a9:72:7a:
4b:50:8f:b2:5e:03:4c:0a:9f:d0:38:69:0f:fc:92:9d:68:a2:
e4:94:7f:f5:52:cd:05:03:4c:3c:b7:e2:d6:db:bf:e1:c3:83:
9c:ef:8e:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4dIiYsBeROlor+Zf60Q24MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA4MDgxNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjM0N2UyYjI3NTZlZGMxY2E5NDdhNjZhMDI3MWIwYzUyMjAxNmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHFGZvX0czekKkGoV2eIeKF7X0zT
d3kn/ryAhEIgvSvtCzPsyyhQMx7lEaTT0QX1BaU3fubBUutbAT03adHBVyyaVPz7
IO04JyIpeeXcLiI8//VC1zeKH6G9bFzc3rpaMm3yZ2C1s2peRqolWXTQubE4p6ZF
+/aFlLYAWmsN253FIWL3HJ/v6SFxehO3gI+h5rnTq3EB5WE56aWuu8Di4CMIH0zr
FFf7hXsishHyccuCCkbwMe5OcNneumHzpQo1u/w+9OxsvKpdy7zJ2QSmy7xatRDD
wpqES9ceq1OyYWphoSsCQe6OKyU+JemVfluwPogltlC0cOI2ylGdCQk9KwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNs0fisnVu3BypR6ZqAnGwxSIBbQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMnpSLUt5ZFc3Y0hLbEhwbW9DY2JERklnRnRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFFE70fAbye87DGrU2G+
AyjU1H20VXFJSSCEq6FjyNRvHW46TgI5ZrwnXZvDILl5Y+GC145N/bgPPEQolfZM
k7TFB9k+/dM/7q1U4TkgyRK/j6DzGRppUq/5cI6J6ZJMmLAbJy5h37fLrh0sUGlI
/jJM+K0zz6UESewsNdn6RxD7IliT0CRd/uvxgHmu6qWYOUcD9Cpgs23iN1p8Q5Rf
/5d4S0ZzL4FTcEXYm+OJNPWb5JuIcL1QGcBikWbuYMmkQuFVjg/UDWib+WZQ2NEi
NgcFrzk/s6lyektQj7JeA0wKn9A4aQ/8kp1oouSUf/VSzQUDTDy34tbbv+HDg5zv
jnU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:55 2025 by rpki-client