Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/425_i7ct67EMt2fzkh-3pX2_cQI.roa
File: 425_i7ct67EMt2fzkh-3pX2_cQI.roa (raw, json)
Hash identifier: 3aF6yMOn/mjXB0r+1+bfO/f+CTow8CAjmdQnm4uPgfU=
Subject key identifier: E3:6E:7F:8B:B7:2D:EB:B1:0C:B7:67:F3:92:1F:B7:A5:7D:BF:71:02
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF48F4D305256D006821BF556DF6A8D2C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/425_i7ct67EMt2fzkh-3pX2_cQI.roa
Signing time: Thu 29 Feb 2024 11:10:48 +0000
ROA not before: Thu 29 Feb 2024 11:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:8f:4d:30:52:56:d0:06:82:1b:f5:56:df:6a:8d:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 29 11:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e36e7f8bb72debb10cb767f3921fb7a57dbf7102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:17:06:53:9d:e8:4c:c8:a4:39:e9:9e:df:9b:
c8:ce:c3:21:ad:ec:55:6c:81:95:28:d7:3b:4c:08:
ad:29:c0:48:ba:0f:76:7f:ff:e9:dc:80:80:6c:1e:
dd:1c:af:93:fd:bc:d6:ea:6a:54:77:b0:e9:87:a8:
2d:0d:20:c6:0a:33:7f:2c:bb:2e:f9:59:99:9f:c2:
dd:04:10:41:df:d6:14:ef:0a:f5:58:17:bb:a6:0d:
76:67:e1:75:a3:d8:3e:90:a5:0e:22:e2:29:32:4e:
03:2e:cb:2b:b8:c8:4d:9d:49:c5:81:4c:77:57:8f:
d8:68:b8:a2:2d:11:90:82:f1:fb:31:0f:2b:f9:0c:
8b:bd:e9:0a:38:a5:dd:31:92:05:8d:8a:23:48:47:
5b:76:2a:dc:d6:dd:2f:2e:ca:8e:55:63:93:f1:03:
73:e5:e8:0c:30:52:7b:8c:c9:c4:1d:3c:66:f7:4c:
dd:c6:ea:15:f5:98:f6:2f:69:89:38:6d:5d:78:a2:
52:d1:e9:6d:f9:b5:f8:a9:7d:ef:d1:95:c3:54:6d:
ba:f7:4e:c9:53:e8:4f:b7:ea:10:1f:3d:92:0e:23:
4d:21:5c:ac:7a:5e:a1:08:ee:2c:26:c8:ae:20:fd:
fa:65:6c:1b:b3:4a:10:8f:c9:f9:e2:c4:5c:86:5c:
5e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6E:7F:8B:B7:2D:EB:B1:0C:B7:67:F3:92:1F:B7:A5:7D:BF:71:02
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/425_i7ct67EMt2fzkh-3pX2_cQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:4a:de:42:87:af:a0:f6:63:e8:bb:82:d7:7d:1c:57:fb:9e:
1d:47:34:ea:d3:a0:b5:61:d7:c3:14:66:0f:37:a9:89:c2:86:
e4:d3:05:18:8b:c9:90:eb:0a:4a:98:f2:27:2e:d3:18:20:f9:
33:81:6a:f1:6a:fd:ad:71:c6:b6:92:77:89:06:dd:f2:19:c6:
1a:e0:94:7b:d7:4f:b7:f7:19:ea:de:d1:0b:3b:64:c3:36:34:
d2:46:67:32:b2:a1:0d:f8:39:db:18:82:2b:cc:d5:1d:e5:61:
b5:20:52:5a:dc:36:ae:94:21:01:14:ab:36:cb:23:3b:90:4e:
f4:71:e8:e9:bd:c6:ef:52:5a:2d:02:88:a3:81:28:f7:09:34:
9d:ac:ba:8c:56:d3:c5:a8:fb:00:7a:ed:8c:82:32:d6:01:e5:
46:aa:41:15:c0:2a:6d:06:2e:8d:73:70:5c:2a:0f:d1:21:02:
99:d6:e3:0c:1f:28:c4:20:49:9e:e9:06:8c:68:b9:4b:d6:28:
aa:c8:8a:3b:05:8f:ec:fe:30:37:13:62:69:9c:d2:85:14:ad:
8e:d3:bc:3b:8c:9f:2c:5b:9b:b6:02:33:16:29:4c:c1:8a:72:
38:2d:fe:29:5d:f1:39:de:69:a8:f3:e6:db:0a:ae:0e:2d:50:
6a:e3:95:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY30j00wUlbQBoIb9Vbfao0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI5MTExMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzZlN2Y4YmI3MmRlYmIxMGNiNzY3ZjM5MjFmYjdhNTdkYmY3MTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBcGU53oTMikOeme35vIzsMhrexV
bIGVKNc7TAitKcBIug92f//p3ICAbB7dHK+T/bzW6mpUd7Dph6gtDSDGCjN/LLsu
+VmZn8LdBBBB39YU7wr1WBe7pg12Z+F1o9g+kKUOIuIpMk4DLssruMhNnUnFgUx3
V4/YaLiiLRGQgvH7MQ8r+QyLvekKOKXdMZIFjYojSEdbdirc1t0vLsqOVWOT8QNz
5egMMFJ7jMnEHTxm90zdxuoV9Zj2L2mJOG1deKJS0elt+bX4qX3v0ZXDVG26907J
U+hPt+oQHz2SDiNNIVysel6hCO4sJsiuIP36ZWwbs0oQj8n54sRchlxeMwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFONuf4u3LeuxDLdn85Ift6V9v3ECMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNDI1X2k3Y3Q2N0VNdDJmemtoLTNwWDJfY1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKhK3kKHr6D2Y+i7gtd9
HFf7nh1HNOrToLVh18MUZg83qYnChuTTBRiLyZDrCkqY8icu0xgg+TOBavFq/a1x
xraSd4kG3fIZxhrglHvXT7f3Gere0Qs7ZMM2NNJGZzKyoQ34OdsYgivM1R3lYbUg
UlrcNq6UIQEUqzbLIzuQTvRx6Om9xu9SWi0CiKOBKPcJNJ2suoxW08Wo+wB67YyC
MtYB5UaqQRXAKm0GLo1zcFwqD9EhApnW4wwfKMQgSZ7pBoxouUvWKKrIijsFj+z+
MDcTYmmc0oUUrY7TvDuMnyxbm7YCMxYpTMGKcjgt/ild8Tneaajz5tsKrg4tUGrj
lSk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:59 2025 by rpki-client