Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/41Y8BflSwxC671InPHqEPxwbxig.roa
File: 41Y8BflSwxC671InPHqEPxwbxig.roa (raw, json)
Hash identifier: 9bdSOjBAnbBAH5wUm7s37+ugqvFS/zyK8goczigWckc=
Subject key identifier: E3:56:3C:05:F9:52:C3:10:BA:EF:52:27:3C:7A:84:3F:1C:1B:C6:28
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E2D66D47C481C97E8C8123FF1ED5BCD7E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/41Y8BflSwxC671InPHqEPxwbxig.roa
Signing time: Mon 11 Mar 2024 12:04:57 +0000
ROA not before: Mon 11 Mar 2024 12:04:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:2d66:3cec/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:66:d4:7c:48:1c:97:e8:c8:12:3f:f1:ed:5b:cd:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 11 12:04:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3563c05f952c310baef52273c7a843f1c1bc628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9c:b5:63:25:02:4c:15:79:72:2c:ef:7b:a6:
8c:32:85:a5:30:a2:2a:7e:34:da:2d:ab:88:93:af:
8b:47:a0:2c:5e:32:8b:6a:30:60:0a:2b:d4:1e:4d:
b3:02:95:6e:21:81:5e:e9:b8:d4:32:05:91:69:26:
f2:ca:cf:ea:a5:79:76:a5:ac:f0:21:8b:b2:06:ba:
54:11:52:15:5c:a8:6c:0d:f6:cf:e4:72:53:84:0e:
5a:0b:97:cc:b3:e3:b3:09:d9:e8:b8:d7:60:0a:8c:
0b:8d:7d:e2:ab:0b:70:5c:a4:47:3f:7c:95:15:d4:
37:d4:f7:68:f3:87:bb:12:1b:00:7b:85:53:91:7b:
a5:68:7f:bb:63:86:df:e8:f4:c7:8b:f7:4d:87:6b:
e7:57:83:3f:16:33:d9:6f:14:70:d2:1b:80:9b:f4:
03:16:c5:62:11:0c:25:2c:c0:93:c4:f6:f0:70:ef:
1c:30:a7:ce:d8:ce:2a:a2:4e:20:3c:58:a6:f1:f9:
bb:96:50:83:d4:53:5f:7e:a9:af:de:31:5f:ac:ee:
04:c8:98:9c:0c:d5:aa:8a:94:67:a5:7f:6a:fd:78:
33:bc:79:1b:5c:30:3f:04:ae:01:a4:31:ab:fe:9c:
68:83:a1:f5:bd:8f:66:cd:2f:7e:22:0a:60:ab:00:
2f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:56:3C:05:F9:52:C3:10:BA:EF:52:27:3C:7A:84:3F:1C:1B:C6:28
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/41Y8BflSwxC671InPHqEPxwbxig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:db:42:4e:79:c7:37:f6:8e:d3:d6:ea:6e:eb:29:03:65:c3:
79:32:44:7a:a2:7d:70:04:01:c3:62:d2:89:af:e1:6f:b1:4b:
12:d7:9b:f3:80:4d:9c:51:6d:b1:80:f0:7c:00:39:04:b8:8e:
87:5b:a1:db:f7:0c:fa:a3:76:9b:34:b5:33:b3:f0:26:e1:ab:
fc:4d:85:ab:44:97:8d:19:0e:e6:72:a4:01:dd:fe:b8:c9:06:
ba:55:0d:25:72:cc:db:6b:22:9e:d3:67:f9:c9:8a:20:90:89:
3d:fc:3b:bd:08:87:17:58:60:bd:39:7c:ac:bb:3e:45:91:df:
9a:69:b0:43:73:b6:a9:b1:6c:24:ed:30:d3:30:ac:08:57:3c:
a8:7a:8e:3b:0f:7c:b0:ce:21:7c:ef:d3:17:ad:d9:cd:a0:3a:
6d:06:fd:f9:2e:f9:68:e4:ab:ec:b2:88:dd:04:50:bf:8b:bb:
5c:05:5b:d5:4e:f8:80:3e:f3:b0:72:cf:79:74:f9:ad:3d:2d:
02:92:f5:3d:f5:3c:dd:b9:8d:6e:e8:d1:6a:bc:b0:76:3d:1a:
73:9a:91:d3:12:97:6f:8e:0e:d2:8e:7e:90:3f:b1:d5:dd:25:
99:1b:7d:c8:13:0f:16:61:05:69:fd:3e:36:37:ba:3e:a2:2f:
1e:0f:0c:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4tZtR8SByX6MgSP/HtW81+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzExMTIwNDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU2M2MwNWY5NTJjMzEwYmFlZjUyMjczYzdhODQzZjFjMWJjNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJy1YyUCTBV5cizve6aMMoWlMKIq
fjTaLauIk6+LR6AsXjKLajBgCivUHk2zApVuIYFe6bjUMgWRaSbyys/qpXl2pazw
IYuyBrpUEVIVXKhsDfbP5HJThA5aC5fMs+OzCdnouNdgCowLjX3iqwtwXKRHP3yV
FdQ31Pdo84e7EhsAe4VTkXulaH+7Y4bf6PTHi/dNh2vnV4M/FjPZbxRw0huAm/QD
FsViEQwlLMCTxPbwcO8cMKfO2M4qok4gPFim8fm7llCD1FNffqmv3jFfrO4EyJic
DNWqipRnpX9q/XgzvHkbXDA/BK4BpDGr/pxog6H1vY9mzS9+IgpgqwAvGwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFONWPAX5UsMQuu9SJzx6hD8cG8YoMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNDFZOEJmbFN3eEM2NzFJblBIcUVQeHdieGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAILbQk55xzf2jtPW6m7r
KQNlw3kyRHqifXAEAcNi0omv4W+xSxLXm/OATZxRbbGA8HwAOQS4jodbodv3DPqj
dps0tTOz8Cbhq/xNhatEl40ZDuZypAHd/rjJBrpVDSVyzNtrIp7TZ/nJiiCQiT38
O70IhxdYYL05fKy7PkWR35ppsENztqmxbCTtMNMwrAhXPKh6jjsPfLDOIXzv0xet
2c2gOm0G/fku+Wjkq+yyiN0EUL+Lu1wFW9VO+IA+87Byz3l0+a09LQKS9T31PN25
jW7o0Wq8sHY9GnOakdMSl2+ODtKOfpA/sdXdJZkbfcgTDxZhBWn9PjY3uj6iLx4P
DJM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:09:55 2025 by rpki-client