Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3N2HPUjfyYda2GX7BukDHJWspsA.roa
File: 3N2HPUjfyYda2GX7BukDHJWspsA.roa (raw, json)
Hash identifier: pcOpW8xTQOtQ3kZ2y1Ukqt8tkGn9++8xPAe8UQSYgwk=
Subject key identifier: DC:DD:87:3D:48:DF:C9:87:5A:D8:65:FB:06:E9:03:1C:95:AC:A6:C0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D65722729DD846EE1B065C3E26DDA701D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3N2HPUjfyYda2GX7BukDHJWspsA.roa
Signing time: Thu 01 Feb 2024 16:13:16 +0000
ROA not before: Thu 01 Feb 2024 16:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:65:72:27:29:dd:84:6e:e1:b0:65:c3:e2:6d:da:70:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 1 16:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcdd873d48dfc9875ad865fb06e9031c95aca6c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:76:90:ab:f4:5d:20:49:9a:0a:6b:b4:b4:16:
ed:f6:8c:04:a4:a6:21:37:f0:f3:76:e1:d7:93:32:
88:69:33:e8:85:04:24:17:ba:35:85:3a:15:15:eb:
84:e5:b2:07:31:f8:0d:eb:b0:a7:51:6d:58:00:64:
fd:20:5b:59:26:db:a9:14:c0:c4:15:bb:8e:99:7d:
e0:73:f4:af:5c:eb:72:d6:19:70:c5:74:31:90:3c:
f9:ce:df:4a:15:27:31:4a:12:83:1a:cf:98:f0:31:
81:19:0a:5e:8a:d9:98:e8:44:ff:34:31:38:f3:44:
b2:da:5f:1f:9b:15:38:90:4a:3c:b0:98:c6:0b:3b:
19:b0:08:79:10:1b:e1:81:72:f6:ca:a2:fb:c6:dd:
0b:62:00:ec:5b:41:ee:07:76:ce:da:b6:c0:8b:6a:
2f:d9:23:de:99:35:b1:91:ac:fe:8d:a8:b7:93:23:
38:17:1a:33:d6:41:19:95:17:1b:09:b3:43:fb:ac:
18:59:db:3f:99:9d:18:ab:b4:ac:66:7a:9f:81:34:
a1:4c:4f:2a:dc:74:d7:bd:29:47:c4:2c:b4:0a:2a:
19:8a:c6:c2:80:ad:dd:48:ef:01:05:15:7c:46:6f:
36:c7:86:6c:7a:1c:30:9a:f7:4c:72:88:7b:d5:de:
c8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:DD:87:3D:48:DF:C9:87:5A:D8:65:FB:06:E9:03:1C:95:AC:A6:C0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3N2HPUjfyYda2GX7BukDHJWspsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:ad:4a:04:d5:fe:44:56:42:46:fa:37:1f:7f:5a:d2:3a:12:
fb:d1:3d:f2:aa:87:d0:b3:d6:69:27:20:ef:a6:57:35:c7:cf:
98:92:65:54:70:37:6e:28:0c:06:46:27:a1:8d:22:3e:16:b2:
52:b8:1d:92:62:8f:2c:a0:a5:f4:14:5c:1e:40:75:6d:9d:75:
90:33:28:5e:ac:76:47:e0:e4:09:bd:b1:8d:1d:34:62:39:3d:
87:2f:00:86:8a:8c:ee:66:4a:12:dc:72:7e:2b:c9:31:24:ba:
84:0e:b1:5a:e0:04:3a:28:4b:8e:de:47:30:41:73:78:d1:da:
59:88:83:64:90:9b:1a:4d:63:f5:5b:80:97:ad:2c:33:0f:97:
93:e8:f8:20:f5:bd:0e:06:e0:b9:86:69:08:9b:bb:46:d3:44:
24:f9:3c:2b:21:56:16:1a:3d:84:65:1e:52:36:f0:74:b4:aa:
6b:96:71:ff:21:67:d1:2d:47:6e:59:b4:e9:c3:1f:9a:6c:eb:
d7:66:9a:de:53:f8:5c:29:80:3d:7e:47:49:45:e3:35:1d:d3:
11:c4:65:55:38:87:47:64:ff:2b:21:3c:a6:37:f8:c0:e2:53:
99:8f:06:66:7b:2f:e3:4f:fa:8b:0a:48:a8:96:81:bb:ab:6f:
7b:aa:c3:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1lcicp3YRu4bBlw+Jt2nAdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAxMTYxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2RkODczZDQ4ZGZjOTg3NWFkODY1ZmIwNmU5MDMxYzk1YWNhNmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHaQq/RdIEmaCmu0tBbt9owEpKYh
N/DzduHXkzKIaTPohQQkF7o1hToVFeuE5bIHMfgN67CnUW1YAGT9IFtZJtupFMDE
FbuOmX3gc/SvXOty1hlwxXQxkDz5zt9KFScxShKDGs+Y8DGBGQpeitmY6ET/NDE4
80Sy2l8fmxU4kEo8sJjGCzsZsAh5EBvhgXL2yqL7xt0LYgDsW0HuB3bO2rbAi2ov
2SPemTWxkaz+jai3kyM4Fxoz1kEZlRcbCbND+6wYWds/mZ0Yq7SsZnqfgTShTE8q
3HTXvSlHxCy0CioZisbCgK3dSO8BBRV8Rm82x4ZsehwwmvdMcoh71d7IDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNzdhz1I38mHWthl+wbpAxyVrKbAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM04ySFBVamZ5WWRhMkdYN0J1a0RISldzcHNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJOtSgTV/kRWQkb6Nx9/
WtI6EvvRPfKqh9Cz1mknIO+mVzXHz5iSZVRwN24oDAZGJ6GNIj4WslK4HZJijyyg
pfQUXB5AdW2ddZAzKF6sdkfg5Am9sY0dNGI5PYcvAIaKjO5mShLccn4ryTEkuoQO
sVrgBDooS47eRzBBc3jR2lmIg2SQmxpNY/VbgJetLDMPl5Po+CD1vQ4G4LmGaQib
u0bTRCT5PCshVhYaPYRlHlI28HS0qmuWcf8hZ9EtR25ZtOnDH5ps69dmmt5T+Fwp
gD1+R0lF4zUd0xHEZVU4h0dk/yshPKY3+MDiU5mPBmZ7L+NP+osKSKiWgburb3uq
w+E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:56 2025 by rpki-client