Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/36H-c4mKwy6MBcuA-79gnUPeGbo.roa
File: 36H-c4mKwy6MBcuA-79gnUPeGbo.roa (raw, json)
Hash identifier: p/QI6VAZUmPoWBZPh7atneyj2iUiwVLT+MyJ4eOCyiM=
Subject key identifier: DF:A1:FE:73:89:8A:C3:2E:8C:05:CB:80:FB:BF:60:9D:43:DE:19:BA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7DB3417F36675AA0B61EBE9B91D9A607
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/36H-c4mKwy6MBcuA-79gnUPeGbo.roa
Signing time: Tue 06 Feb 2024 09:15:16 +0000
ROA not before: Tue 06 Feb 2024 09:15:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:b3:41:7f:36:67:5a:a0:b6:1e:be:9b:91:d9:a6:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 6 09:15:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfa1fe73898ac32e8c05cb80fbbf609d43de19ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:91:9b:d2:de:a0:a2:69:56:db:da:46:f3:6f:
29:e0:a3:c9:da:52:1c:67:f8:f0:17:4a:d1:b5:83:
dc:38:03:70:1c:7c:a3:e1:7a:89:fa:81:99:10:5b:
4e:a0:df:47:39:64:c8:73:56:69:af:f2:50:45:b5:
2a:9f:e9:76:82:44:32:61:c7:50:42:fb:bd:09:18:
a9:d3:36:ff:27:4d:92:7d:fa:b6:a9:81:68:96:3c:
4d:be:52:3e:79:48:0e:fe:e0:9f:0a:fb:bb:47:e9:
80:63:0f:6c:72:a6:2a:6c:4a:b9:7e:dc:81:d7:52:
e0:52:6b:00:20:51:35:6f:77:61:22:73:86:72:97:
6b:06:9e:82:af:36:46:10:44:8a:49:0d:93:7a:e8:
32:02:76:0d:b2:bb:db:31:ce:a5:36:78:da:fb:10:
b1:15:5b:b7:f5:db:2a:cb:46:7a:51:f0:2b:4c:46:
42:69:f7:17:18:c7:eb:ab:c8:15:af:f5:a4:8e:8a:
f6:8d:b7:15:81:c1:62:21:0e:73:58:bb:3d:2e:84:
5f:9e:eb:20:b6:e8:cb:ee:44:a7:8b:f9:35:50:8a:
02:80:67:4e:9b:9f:70:30:36:26:60:87:da:23:2b:
71:3d:ef:4c:06:3e:a3:74:83:58:45:74:45:ca:90:
94:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A1:FE:73:89:8A:C3:2E:8C:05:CB:80:FB:BF:60:9D:43:DE:19:BA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/36H-c4mKwy6MBcuA-79gnUPeGbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
78:ee:f8:4c:f2:2e:0b:cd:4b:f7:f3:df:a9:66:25:ee:74:de:
a4:f5:ff:08:09:d5:7e:5a:25:4a:a1:34:90:f4:82:86:cd:db:
53:72:f0:2d:3e:a4:4c:78:fb:b1:25:0e:10:33:2e:2f:2e:ef:
9e:4e:a8:7c:e7:ba:d2:8c:96:d9:72:cb:e2:85:83:80:76:7d:
23:26:09:8f:dc:6b:6c:f9:c1:2f:6f:5d:b3:44:82:4c:ab:1e:
7e:cb:94:75:6a:16:21:f2:8f:2f:50:3f:8d:83:27:e8:41:4f:
e2:a1:ad:b9:37:3b:98:80:27:4a:94:9b:13:9c:d5:a7:f9:c2:
51:f3:49:c5:19:f6:67:37:1c:58:04:1d:2e:3b:b6:82:d0:9b:
c5:10:36:11:a9:b9:bc:f5:1e:da:5b:5b:3f:fe:61:d5:ad:c2:
c1:dd:97:23:c1:25:7d:c5:3f:5b:20:b2:7f:fd:b9:30:07:a9:
9d:d6:af:01:0e:42:02:31:90:be:09:c2:b4:e3:10:71:4b:43:
b4:b6:da:c4:fe:13:17:48:fe:d1:25:e5:a2:35:25:3d:95:1b:
c7:8a:d3:1f:fe:b1:84:be:38:9a:9e:75:b8:31:93:50:c8:b2:
1b:ca:4c:67:69:8a:d1:a3:ba:97:43:d4:b3:7e:d3:b7:b6:ba:
33:ea:b8:c1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY19s0F/NmdaoLYevpuR2aYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA2MDkxNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmExZmU3Mzg5OGFjMzJlOGMwNWNiODBmYmJmNjA5ZDQzZGUxOWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpGb0t6gomlW29pG828p4KPJ2lIc
Z/jwF0rRtYPcOANwHHyj4XqJ+oGZEFtOoN9HOWTIc1Zpr/JQRbUqn+l2gkQyYcdQ
Qvu9CRip0zb/J02Sffq2qYFoljxNvlI+eUgO/uCfCvu7R+mAYw9scqYqbEq5ftyB
11LgUmsAIFE1b3dhInOGcpdrBp6CrzZGEESKSQ2TeugyAnYNsrvbMc6lNnja+xCx
FVu39dsqy0Z6UfArTEZCafcXGMfrq8gVr/Wkjor2jbcVgcFiIQ5zWLs9LoRfnusg
tujL7kSni/k1UIoCgGdOm59wMDYmYIfaIytxPe9MBj6jdINYRXRFypCUswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN+h/nOJisMujAXLgPu/YJ1D3hm6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvMzZILWM0bUt3eTZNQmN1QS03OWduVVBlR2JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHju+EzyLgvNS/fz36lm
Je503qT1/wgJ1X5aJUqhNJD0gobN21Ny8C0+pEx4+7ElDhAzLi8u755OqHznutKM
ltlyy+KFg4B2fSMmCY/ca2z5wS9vXbNEgkyrHn7LlHVqFiHyjy9QP42DJ+hBT+Kh
rbk3O5iAJ0qUmxOc1af5wlHzScUZ9mc3HFgEHS47toLQm8UQNhGpubz1HtpbWz/+
YdWtwsHdlyPBJX3FP1sgsn/9uTAHqZ3WrwEOQgIxkL4JwrTjEHFLQ7S22sT+ExdI
/tEl5aI1JT2VG8eK0x/+sYS+OJqedbgxk1DIshvKTGdpitGjupdD1LN+07e2ujPq
uME=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:44 2025 by rpki-client