Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3JG6W6Ic2CUZPH1BWHwXyeWqREw.roa
File: 3JG6W6Ic2CUZPH1BWHwXyeWqREw.roa (raw, json)
Hash identifier: xcDJca2k+EZ4Eo1pu/ucJFHIB8DUg5Ru2GtjugUYKJU=
Subject key identifier: DC:91:BA:5B:A2:1C:D8:25:19:3C:7D:41:58:7C:17:C9:E5:AA:44:4C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCE2A2768829E1C634D59C8B04C2E0361
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3JG6W6Ic2CUZPH1BWHwXyeWqREw.roa
Signing time: Wed 03 Jan 2024 07:11:58 +0000
ROA not before: Wed 03 Jan 2024 07:11:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:2a:27:68:82:9e:1c:63:4d:59:c8:b0:4c:2e:03:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 07:11:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dc91ba5ba21cd825193c7d41587c17c9e5aa444c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:75:f3:3d:b4:a1:7e:f2:50:13:0a:0a:39:c2:
38:91:7a:4d:c3:47:51:6f:d0:40:a7:04:6a:c8:41:
91:4b:ef:f9:cf:6e:12:9b:ac:be:3d:d7:d5:15:c4:
ec:6f:af:84:d8:72:b5:69:13:c8:51:27:2c:9f:cc:
a3:94:fd:d0:44:82:60:17:1b:55:d7:a1:6b:ce:78:
92:bc:d5:da:be:84:0d:76:ea:ed:ca:50:ad:58:6e:
ae:3d:94:10:8b:1e:ef:f0:3a:aa:e7:9f:f1:ae:c0:
40:e7:81:6d:98:3e:2e:f4:d1:b0:84:b7:f6:d8:d5:
32:27:87:4c:17:1f:92:d5:f1:3d:3e:5a:1c:dc:25:
42:fc:75:63:13:66:2b:34:04:3e:e7:eb:e9:1c:c5:
71:4a:54:18:67:60:02:48:20:1a:cc:d9:89:3a:9a:
49:56:57:db:87:37:ad:0a:33:ff:f3:1a:09:78:0d:
0d:30:7a:cd:a5:46:d9:41:6c:d3:e9:c5:52:86:cf:
21:93:b9:96:f3:22:4f:2e:5f:ec:0e:75:94:ea:31:
8b:ee:a2:31:7b:64:b6:4c:8d:1e:c3:e5:eb:4a:aa:
72:fc:d1:75:29:e2:0f:b9:3b:76:f0:e5:f3:2c:4a:
e2:6c:fe:9e:f6:4b:28:c4:34:8d:f8:dc:68:77:7d:
ee:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:91:BA:5B:A2:1C:D8:25:19:3C:7D:41:58:7C:17:C9:E5:AA:44:4C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3JG6W6Ic2CUZPH1BWHwXyeWqREw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0f:a2:13:8f:f6:f4:c4:05:d1:66:f2:49:5e:bf:07:9d:ee:75:
6b:90:17:bb:e7:a9:33:a2:50:20:75:33:0d:6c:ea:97:f4:48:
0b:a7:93:4e:24:2d:e0:83:5e:9b:bf:31:d3:8e:47:91:b2:21:
53:0c:27:4e:eb:75:f3:c8:5f:83:61:c4:e0:2e:9a:38:be:07:
4e:1d:70:0f:17:ff:d5:1a:3c:25:b1:f0:2b:0d:ee:58:d2:18:
d1:2c:7b:b8:1f:5e:02:63:8b:65:33:fd:d7:49:37:f8:3b:41:
46:ef:78:60:a1:a6:f8:af:a9:72:b1:e4:80:f0:ca:4a:cd:24:
3c:94:a5:c2:51:a8:04:e3:b1:3d:b9:0c:aa:17:4b:c0:81:8d:
dc:f3:57:74:3d:50:28:a8:9f:6b:31:36:61:42:09:e2:1f:f9:
3d:98:c8:da:40:5d:8b:99:08:83:8c:d3:3d:8f:67:2e:6c:14:
36:ef:f7:33:00:53:33:58:7c:11:7a:a6:df:0b:cb:51:c9:15:
a0:41:52:4b:a7:0b:be:86:d0:00:da:10:85:9f:3a:c2:97:7a:
fe:85:3e:03:30:ff:40:b8:ae:3f:a6:98:10:f3:04:32:b0:2e:
2b:39:25:fb:18:2a:f1:94:9c:2c:40:42:3c:ca:8e:c1:b4:fd:
b5:54:1c:51
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzOKidogp4cY01ZyLBMLgNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMDcxMTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzkxYmE1YmEyMWNkODI1MTkzYzdkNDE1ODdjMTdjOWU1YWE0NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnXzPbShfvJQEwoKOcI4kXpNw0dR
b9BApwRqyEGRS+/5z24Sm6y+PdfVFcTsb6+E2HK1aRPIUScsn8yjlP3QRIJgFxtV
16FrzniSvNXavoQNdurtylCtWG6uPZQQix7v8Dqq55/xrsBA54FtmD4u9NGwhLf2
2NUyJ4dMFx+S1fE9Ploc3CVC/HVjE2YrNAQ+5+vpHMVxSlQYZ2ACSCAazNmJOppJ
VlfbhzetCjP/8xoJeA0NMHrNpUbZQWzT6cVShs8hk7mW8yJPLl/sDnWU6jGL7qIx
e2S2TI0ew+XrSqpy/NF1KeIPuTt28OXzLEribP6e9ksoxDSN+Nxod33umwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNyRuluiHNglGTx9QVh8F8nlqkRMMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM0pHNlc2SWMyQ1VaUEgxQldId1h5ZVdxUkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA+iE4/29MQF0WbySV6/
B53udWuQF7vnqTOiUCB1Mw1s6pf0SAunk04kLeCDXpu/MdOOR5GyIVMMJ07rdfPI
X4NhxOAumji+B04dcA8X/9UaPCWx8CsN7ljSGNEse7gfXgJji2Uz/ddJN/g7QUbv
eGChpvivqXKx5IDwykrNJDyUpcJRqATjsT25DKoXS8CBjdzzV3Q9UCion2sxNmFC
CeIf+T2YyNpAXYuZCIOM0z2PZy5sFDbv9zMAUzNYfBF6pt8Ly1HJFaBBUkunC76G
0ADaEIWfOsKXev6FPgMw/0C4rj+mmBDzBDKwLis5JfsYKvGUnCxAQjzKjsG0/bVU
HFE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:26 2025 by rpki-client