Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-gDhDAdifAGWmu6fjXxX138UGE.roa
File: 4-gDhDAdifAGWmu6fjXxX138UGE.roa (raw, json)
Hash identifier: /gdMdlVI2oAY9p+1hJh0am+e9Wek445QAfAIVnQarPg=
Subject key identifier: E3:E8:03:84:30:1D:89:F0:06:5A:6B:BA:7E:35:F1:5F:5D:FC:50:61
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E363A2956E8AA4753F044DAF991BB2AB3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-gDhDAdifAGWmu6fjXxX138UGE.roa
Signing time: Wed 13 Mar 2024 05:12:45 +0000
ROA not before: Wed 13 Mar 2024 05:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:36:3a:29:56:e8:aa:47:53:f0:44:da:f9:91:bb:2a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 05:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3e80384301d89f0065a6bba7e35f15f5dfc5061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f7:12:35:90:26:8c:69:95:ac:9d:5e:4f:af:
16:f3:f1:63:88:ca:5a:ba:a9:00:cd:4e:5b:f6:5b:
ef:d5:2a:cd:bb:22:66:02:65:a8:dc:57:01:9a:b0:
e3:92:39:d4:d7:da:3d:5d:9c:96:f2:01:67:58:aa:
eb:5e:8e:62:5e:f5:b0:8c:74:f1:d6:fb:23:2b:8d:
96:4c:a8:c6:f9:c0:27:55:e6:c3:7c:fd:9f:02:b8:
40:a0:1e:ab:41:1d:8b:9a:e0:2a:c8:5e:39:45:e6:
2f:d7:3a:a4:a6:5c:44:11:2f:5a:3e:2d:35:d7:4b:
a1:30:bf:c4:82:c7:36:3c:70:f6:39:63:17:ec:41:
39:16:5c:f7:06:fa:69:6d:e3:a6:e9:2e:ec:a3:2e:
b8:61:ff:ef:f1:e0:f9:40:66:76:c3:31:e6:b0:cd:
ca:b7:1f:c8:b8:e2:ae:52:77:fe:d9:60:41:b4:4f:
3d:fa:38:d4:e9:78:cc:a9:4f:4f:7d:1e:a4:ad:19:
2e:f2:df:dd:05:65:6a:79:6f:15:d5:43:6c:f6:c1:
7d:90:bd:d8:1d:79:00:aa:f1:61:bb:4a:95:88:5f:
70:74:75:ff:5d:06:dd:c6:04:2a:e0:6c:48:fa:92:
05:7d:76:02:3e:72:e3:e0:1f:9b:1c:c0:7b:1b:5e:
0d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E8:03:84:30:1D:89:F0:06:5A:6B:BA:7E:35:F1:5F:5D:FC:50:61
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4-gDhDAdifAGWmu6fjXxX138UGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:5f:22:eb:cf:c1:3a:15:59:87:45:d6:1e:ea:8d:ab:3b:ea:
5a:00:a4:97:c7:66:9a:4e:85:3e:31:aa:5c:5e:b2:e9:88:f1:
9b:01:65:81:9f:66:e5:49:1b:7c:bf:66:29:17:56:a2:dd:f2:
ba:57:73:92:41:a3:31:32:8d:b7:b1:88:a2:fc:b1:e2:28:d0:
2a:89:09:31:12:7f:06:f2:92:f7:8e:25:6a:cb:3a:a3:70:80:
36:a6:01:29:a0:54:13:af:65:e7:c1:c5:c8:b3:ad:f1:b1:17:
63:28:7d:77:18:c8:6c:5f:b6:49:43:0f:43:6e:6d:69:82:54:
5e:64:1e:37:6f:0f:32:f2:ba:15:ee:63:23:22:25:96:da:19:
2e:8d:3a:a1:3b:03:e4:3b:b4:dc:95:22:fc:2c:94:2b:ef:0c:
dc:46:0a:43:18:fd:d4:04:c6:7f:b2:b2:ba:fe:5f:d3:e2:c5:
8c:6d:bc:be:a4:98:47:0a:3e:51:74:cb:38:57:46:e0:e3:62:
5e:e3:25:b1:ad:18:1b:90:06:93:5a:0a:13:b1:a9:50:c1:5d:
b9:f3:0d:65:1f:01:14:50:26:1f:fb:3a:cb:d8:9a:eb:2f:9f:
0b:73:b3:f8:f2:bf:d5:a3:85:90:08:5d:4b:e9:6a:32:74:32:
30:82:e3:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY42OilW6KpHU/BE2vmRuyqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMDUxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U4MDM4NDMwMWQ4OWYwMDY1YTZiYmE3ZTM1ZjE1ZjVkZmM1MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7PcSNZAmjGmVrJ1eT68W8/FjiMpa
uqkAzU5b9lvv1SrNuyJmAmWo3FcBmrDjkjnU19o9XZyW8gFnWKrrXo5iXvWwjHTx
1vsjK42WTKjG+cAnVebDfP2fArhAoB6rQR2LmuAqyF45ReYv1zqkplxEES9aPi01
10uhML/Egsc2PHD2OWMX7EE5Flz3BvppbeOm6S7soy64Yf/v8eD5QGZ2wzHmsM3K
tx/IuOKuUnf+2WBBtE89+jjU6XjMqU9PfR6krRku8t/dBWVqeW8V1UNs9sF9kL3Y
HXkAqvFhu0qViF9wdHX/XQbdxgQq4GxI+pIFfXYCPnLj4B+bHMB7G14NVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOPoA4QwHYnwBlprun418V9d/FBhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNC1nRGhEQWRpZkFHV211NmZqWHhYMTM4VUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFdfIuvPwToVWYdF1h7q
jas76loApJfHZppOhT4xqlxesumI8ZsBZYGfZuVJG3y/ZikXVqLd8rpXc5JBozEy
jbexiKL8seIo0CqJCTESfwbykveOJWrLOqNwgDamASmgVBOvZefBxcizrfGxF2Mo
fXcYyGxftklDD0NubWmCVF5kHjdvDzLyuhXuYyMiJZbaGS6NOqE7A+Q7tNyVIvws
lCvvDNxGCkMY/dQExn+ysrr+X9PixYxtvL6kmEcKPlF0yzhXRuDjYl7jJbGtGBuQ
BpNaChOxqVDBXbnzDWUfARRQJh/7OsvYmusvnwtzs/jyv9WjhZAIXUvpajJ0MjCC
49I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:15 2025 by rpki-client