Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3iCcC_U7QdTqAX1t018DMWIxJAM.roa
File: 3iCcC_U7QdTqAX1t018DMWIxJAM.roa (raw, json)
Hash identifier: pWP0FRhXuQRghQgGynEdK84oVfZuB2qZcRHhe0ODkDk=
Subject key identifier: DE:20:9C:0B:F5:3B:41:D4:EA:01:7D:6D:D3:5F:03:31:62:31:24:03
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E047212119A9D6D4888D27563B2A8116B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3iCcC_U7QdTqAX1t018DMWIxJAM.roa
Signing time: Sun 03 Mar 2024 13:12:48 +0000
ROA not before: Sun 03 Mar 2024 13:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:04:72:12:11:9a:9d:6d:48:88:d2:75:63:b2:a8:11:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 3 13:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=de209c0bf53b41d4ea017d6dd35f033162312403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bd:07:84:be:d5:16:e7:40:42:28:fa:1b:68:
e9:16:41:88:89:5e:68:76:ba:14:60:07:9f:5d:72:
55:1d:5b:50:f5:77:a4:69:c3:0f:1b:b4:3e:f2:bf:
ac:6d:a2:28:ed:65:a2:f3:88:64:c5:b9:30:63:d5:
61:2d:ed:98:6f:c4:e3:eb:1c:f4:67:e0:f7:f5:74:
d5:50:a0:9a:a5:44:26:e6:70:40:e8:61:47:fc:7e:
4b:aa:cf:c2:1f:a9:c8:dd:9d:ce:7a:d3:29:15:7f:
1a:5e:4b:25:ca:d6:b9:90:bf:e9:f2:e6:23:2a:e5:
a1:99:59:2b:c5:ea:64:19:bd:25:49:27:48:7c:cb:
5c:91:73:53:33:e9:d4:0c:b5:3d:8a:9d:e4:40:e0:
23:f5:f4:a0:f1:1c:1a:32:7e:3d:7d:fe:96:c3:c9:
aa:80:e3:19:35:61:cc:f9:d8:f7:0a:4f:88:48:a5:
33:e0:e0:41:9d:cf:0d:76:f5:39:2e:b7:c3:0f:e8:
5d:59:9b:2b:ce:f5:c0:26:cb:fc:0e:4f:7a:76:32:
e4:25:08:e5:b9:00:37:16:3a:84:62:8f:7b:91:5d:
d5:ac:e5:67:d0:41:a2:ce:5a:b9:8a:f7:62:cc:e5:
5f:41:9e:bb:56:c2:57:45:c1:de:fa:f2:6e:58:f0:
ee:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:20:9C:0B:F5:3B:41:D4:EA:01:7D:6D:D3:5F:03:31:62:31:24:03
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/3iCcC_U7QdTqAX1t018DMWIxJAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:e9:d0:04:ac:34:d4:61:96:1c:e3:0e:16:80:eb:f1:bd:41:
cd:0d:ec:69:39:f4:de:08:06:cf:f8:84:d9:01:be:49:4b:1d:
a5:14:00:db:2c:e9:f7:89:c2:50:54:d5:48:19:eb:37:0c:63:
82:a9:61:d5:24:25:89:1f:ee:af:9b:25:1d:cc:13:12:62:ab:
42:de:5a:4a:48:ce:84:bb:ca:1b:28:ff:de:ac:6a:b0:1c:f3:
e7:b3:82:cd:3c:e9:22:a5:04:15:cf:d2:b8:76:dc:fe:3c:54:
51:22:2d:f9:f6:2b:8d:69:3a:41:f6:47:3a:c8:2f:21:82:d7:
91:6a:31:32:9a:3b:46:56:15:28:20:e5:bf:44:c2:7f:b0:43:
6d:c6:9f:d0:b9:70:fb:e6:b6:97:72:f6:a8:c0:de:8d:3c:a2:
f5:e1:c7:24:27:c9:3b:a5:a8:b2:32:09:aa:79:da:7e:ec:c5:
6d:d9:af:66:11:bf:47:0b:bf:e4:b2:ba:70:7b:8c:1d:d8:f2:
1e:41:67:27:d7:b9:22:34:12:25:33:8b:7b:bd:8f:ee:56:b4:
e5:96:ea:7e:4a:4b:76:2d:81:a4:ef:12:e4:63:f7:fc:93:37:
30:4c:2d:1f:36:50:e8:79:b9:75:d3:78:15:a0:78:ba:de:0e:
1e:99:4c:3d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4EchIRmp1tSIjSdWOyqBFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAzMTMxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTIwOWMwYmY1M2I0MWQ0ZWEwMTdkNmRkMzVmMDMzMTYyMzEyNDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb0HhL7VFudAQij6G2jpFkGIiV5o
droUYAefXXJVHVtQ9XekacMPG7Q+8r+sbaIo7WWi84hkxbkwY9VhLe2Yb8Tj6xz0
Z+D39XTVUKCapUQm5nBA6GFH/H5Lqs/CH6nI3Z3OetMpFX8aXkslyta5kL/p8uYj
KuWhmVkrxepkGb0lSSdIfMtckXNTM+nUDLU9ip3kQOAj9fSg8RwaMn49ff6Ww8mq
gOMZNWHM+dj3Ck+ISKUz4OBBnc8NdvU5LrfDD+hdWZsrzvXAJsv8Dk96djLkJQjl
uQA3FjqEYo97kV3VrOVn0EGizlq5ivdizOVfQZ67VsJXRcHe+vJuWPDu0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN4gnAv1O0HU6gF9bdNfAzFiMSQDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvM2lDY0NfVTdRZFRxQVgxdDAxOERNV0l4SkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABLp0ASsNNRhlhzjDhaA
6/G9Qc0N7Gk59N4IBs/4hNkBvklLHaUUANss6feJwlBU1UgZ6zcMY4KpYdUkJYkf
7q+bJR3MExJiq0LeWkpIzoS7yhso/96sarAc8+ezgs086SKlBBXP0rh23P48VFEi
Lfn2K41pOkH2RzrILyGC15FqMTKaO0ZWFSgg5b9Ewn+wQ23Gn9C5cPvmtpdy9qjA
3o08ovXhxyQnyTulqLIyCap52n7sxW3Zr2YRv0cLv+SyunB7jB3Y8h5BZyfXuSI0
EiUzi3u9j+5WtOWW6n5KS3YtgaTvEuRj9/yTNzBMLR82UOh5uXXTeBWgeLreDh6Z
TD0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:24:48 2025 by rpki-client