Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/34ew1R4DC4QSaaDB6jf0unQtdbQ.roa
File: 34ew1R4DC4QSaaDB6jf0unQtdbQ.roa (raw, json)
Hash identifier: muM2KdUlwceGPtsrCEBQbURLHLNGDjuHLF1lTawcce4=
Subject key identifier: DF:87:B0:D5:1E:03:0B:84:12:69:A0:C1:EA:37:F4:BA:74:2D:75:B4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0ADD23165CC548C8EAC3FC23DE34847D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/34ew1R4DC4QSaaDB6jf0unQtdbQ.roa
Signing time: Mon 15 Jan 2024 02:04:41 +0000
ROA not before: Mon 15 Jan 2024 02:04:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:adc:a8fe/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0a:dd:23:16:5c:c5:48:c8:ea:c3:fc:23:de:34:84:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 15 02:04:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df87b0d51e030b841269a0c1ea37f4ba742d75b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:45:0c:6c:e9:7b:13:f0:cf:5a:70:54:18:24:
9a:f5:12:dd:d3:32:47:41:6c:95:0b:7d:04:b2:9e:
40:68:ae:77:17:99:c7:18:6f:f2:57:37:0d:59:c3:
95:3d:09:99:14:12:b9:69:37:6f:af:a8:ab:39:e8:
f8:69:7c:ba:18:37:36:7f:bd:ea:8f:17:1d:87:a2:
aa:1a:8e:0e:6d:bb:ff:83:e5:13:2b:23:33:d0:8e:
8b:04:80:3d:0c:76:8e:5f:a3:9c:81:1e:36:1d:e5:
52:f5:e4:db:7b:bb:42:10:97:d6:74:42:92:cd:43:
71:c6:f7:d8:20:ca:4a:b1:1e:90:22:48:78:6c:b0:
17:9c:b9:71:31:15:10:9b:ed:3e:51:2c:87:dc:27:
4f:19:eb:40:fd:d9:34:78:47:eb:4b:e7:5a:29:62:
f1:0b:bf:a8:10:d1:0b:52:cb:92:10:ab:22:2d:b9:
7b:ae:03:41:7b:cf:22:aa:fc:d3:5a:75:41:6f:8b:
43:fd:d6:6b:60:04:07:9c:4a:12:58:85:ce:51:75:
a3:bf:c4:27:0b:f5:af:f9:48:60:84:90:b3:4d:2c:
fa:f2:d4:21:b7:ff:32:8c:f2:bd:91:47:02:85:06:
56:ec:00:63:f2:76:20:fc:75:89:f1:83:cd:78:45:
f3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:87:B0:D5:1E:03:0B:84:12:69:A0:C1:EA:37:F4:BA:74:2D:75:B4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/34ew1R4DC4QSaaDB6jf0unQtdbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
04:86:17:15:6c:3b:59:db:3e:49:ff:b8:ab:59:59:b1:ee:f4:
f4:12:7a:1d:62:f7:21:4d:ab:0d:f6:58:e1:cd:75:ed:8c:b4:
96:68:78:18:29:6a:5e:20:61:a9:53:1e:c8:39:fb:96:aa:68:
36:fb:73:b0:da:5d:8a:ff:1f:7f:8f:11:bd:cf:20:2d:f9:38:
e7:05:28:37:73:bf:da:78:be:ed:fb:35:aa:7d:24:d3:5f:00:
88:67:92:5c:00:c3:4e:9c:a6:b1:9a:67:4e:0e:f1:46:8c:f6:
18:2b:3a:18:73:ea:6a:e7:3c:e0:a0:81:11:0f:d8:cb:46:12:
a6:6c:aa:21:4a:cc:13:0b:2b:c6:41:21:94:5f:80:f5:17:d1:
70:9d:23:7e:0a:4b:59:20:a9:56:17:5f:90:c6:b3:a6:e1:aa:
1e:b2:a5:a0:1a:a5:6c:c7:cf:3b:86:50:a2:7d:f3:23:df:79:
6b:aa:54:51:20:6b:f7:99:8b:f8:74:a4:8d:93:a1:b0:0d:20:
96:f7:60:91:81:28:61:2e:b7:2f:95:3b:6a:79:52:0b:1a:cc:
53:b9:f3:cd:d7:ed:8e:14:fe:49:18:2f:50:d4:bd:95:5c:2a:
9c:a2:8a:13:8c:d2:f8:5f:87:c2:56:1f:40:80:32:56:42:5a:
f2:50:be:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0K3SMWXMVIyOrD/CPeNIR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE1MDIwNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg3YjBkNTFlMDMwYjg0MTI2OWEwYzFlYTM3ZjRiYTc0MmQ3NWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0UMbOl7E/DPWnBUGCSa9RLd0zJH
QWyVC30Esp5AaK53F5nHGG/yVzcNWcOVPQmZFBK5aTdvr6irOej4aXy6GDc2f73q
jxcdh6KqGo4Obbv/g+UTKyMz0I6LBIA9DHaOX6OcgR42HeVS9eTbe7tCEJfWdEKS
zUNxxvfYIMpKsR6QIkh4bLAXnLlxMRUQm+0+USyH3CdPGetA/dk0eEfrS+daKWLx
C7+oENELUsuSEKsiLbl7rgNBe88iqvzTWnVBb4tD/dZrYAQHnEoSWIXOUXWjv8Qn
C/Wv+UhghJCzTSz68tQht/8yjPK9kUcChQZW7ABj8nYg/HWJ8YPNeEXzcwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN+HsNUeAwuEEmmgweo39Lp0LXW0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMzRldzFSNERDNFFTYWFEQjZqZjB1blF0ZGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAASGFxVsO1nbPkn/uKtZ
WbHu9PQSeh1i9yFNqw32WOHNde2MtJZoeBgpal4gYalTHsg5+5aqaDb7c7DaXYr/
H3+PEb3PIC35OOcFKDdzv9p4vu37Nap9JNNfAIhnklwAw06cprGaZ04O8UaM9hgr
Ohhz6mrnPOCggREP2MtGEqZsqiFKzBMLK8ZBIZRfgPUX0XCdI34KS1kgqVYXX5DG
s6bhqh6ypaAapWzHzzuGUKJ98yPfeWuqVFEga/eZi/h0pI2TobANIJb3YJGBKGEu
ty+VO2p5UgsazFO5883X7Y4U/kkYL1DUvZVcKpyiihOM0vhfh8JWH0CAMlZCWvJQ
viA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:42 2025 by rpki-client