Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4AZbWSudVPhtDsNMeIs1uLEjClM.roa
File: 4AZbWSudVPhtDsNMeIs1uLEjClM.roa (raw, json)
Hash identifier: a5ECZCB65A8KgqB60WyJaqnoAgxVqe7hMNVI03iGdwk=
Subject key identifier: E0:06:5B:59:2B:9D:54:F8:6D:0E:C3:4C:78:8B:35:B8:B1:23:0A:53
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD2034E40CC103117128AEB9D710A87E8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4AZbWSudVPhtDsNMeIs1uLEjClM.roa
Signing time: Thu 22 Feb 2024 18:10:48 +0000
ROA not before: Thu 22 Feb 2024 18:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d2:03:4e:40:cc:10:31:17:12:8a:eb:9d:71:0a:87:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 22 18:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0065b592b9d54f86d0ec34c788b35b8b1230a53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c0:a5:0a:be:32:52:c3:72:d3:91:0f:0f:d2:
d7:39:6e:ef:82:c8:ec:f9:20:4b:b3:f2:a0:b4:2f:
41:91:b6:e1:b4:96:6e:10:a0:7a:a8:40:1e:19:ac:
dd:0e:c6:ed:0a:93:00:44:18:18:ea:0b:01:e6:57:
94:40:4a:40:82:fc:2c:0c:25:ee:cb:fe:8d:69:c2:
40:eb:85:4d:62:ea:49:a7:2c:fb:9c:54:12:31:6a:
b6:78:ce:51:62:48:dc:6c:6d:0e:6d:31:72:3c:89:
1e:00:c1:54:09:bd:fe:f1:c9:9c:35:8d:a1:86:7c:
d0:38:47:4d:61:22:57:05:ee:8f:f2:07:70:79:d9:
12:98:01:39:90:84:01:c5:7d:3d:4e:fd:95:a9:c9:
9f:44:c2:6c:87:50:61:1f:c9:f1:7b:11:8e:3b:d1:
6f:35:92:eb:6d:f3:3d:e0:84:84:78:de:7b:b3:96:
83:27:23:ed:55:7b:90:66:77:cb:7e:76:90:f4:3b:
30:e9:41:af:5e:fa:0d:cd:de:5c:68:b8:3d:dc:4d:
f5:18:13:ef:df:b1:b8:d9:81:9c:8d:43:c5:24:86:
45:d4:64:77:08:3e:8a:82:6e:5a:2d:bd:3b:df:52:
59:f7:77:a9:5a:da:36:0c:e0:72:7b:be:42:68:ca:
26:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:06:5B:59:2B:9D:54:F8:6D:0E:C3:4C:78:8B:35:B8:B1:23:0A:53
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/4AZbWSudVPhtDsNMeIs1uLEjClM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:ff:db:a5:2a:0e:c6:48:dc:e3:25:ee:c8:e0:dc:05:9b:4f:
fe:28:65:12:08:c3:56:93:5f:60:13:14:84:9b:53:9b:dd:cd:
e4:81:31:b0:59:1c:e1:63:ab:a5:74:be:68:91:96:d0:7f:e3:
a9:87:a9:16:df:88:05:8a:ec:a4:87:9f:33:12:d3:56:d1:d7:
f6:ee:78:62:36:3f:f5:39:3d:51:84:a0:51:59:70:00:b5:6f:
31:2e:7a:f5:d8:a8:51:d0:ba:b3:1e:a5:2c:2c:53:86:5a:7d:
09:76:73:92:2b:c3:99:6d:21:38:30:f0:77:89:46:9a:fc:f5:
e9:c1:6a:2d:1b:05:7d:22:ba:03:69:3c:38:ad:dd:56:84:0a:
f1:c4:9d:73:62:ce:9e:46:7c:c1:f1:ff:05:e2:69:84:4a:86:
01:8b:4c:42:50:f2:46:91:f9:73:15:fb:e2:f3:d4:88:2f:97:
7b:42:25:13:5e:35:44:a9:c0:b8:77:48:7c:99:f0:d5:c3:e3:
c3:94:be:4b:b4:69:59:61:c9:ed:3b:76:ab:13:46:f1:cb:67:
58:84:65:e8:80:07:5a:e8:0a:93:f8:87:06:db:31:a9:fc:a2:
b8:43:51:ba:95:cb:4f:86:3b:ba:82:0a:95:b1:cd:30:d1:43:
de:71:fc:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3SA05AzBAxFxKK651xCofoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIyMTgxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDA2NWI1OTJiOWQ1NGY4NmQwZWMzNGM3ODhiMzViOGIxMjMwYTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8ClCr4yUsNy05EPD9LXOW7vgsjs
+SBLs/KgtC9BkbbhtJZuEKB6qEAeGazdDsbtCpMARBgY6gsB5leUQEpAgvwsDCXu
y/6NacJA64VNYupJpyz7nFQSMWq2eM5RYkjcbG0ObTFyPIkeAMFUCb3+8cmcNY2h
hnzQOEdNYSJXBe6P8gdwedkSmAE5kIQBxX09Tv2VqcmfRMJsh1BhH8nxexGOO9Fv
NZLrbfM94ISEeN57s5aDJyPtVXuQZnfLfnaQ9Dsw6UGvXvoNzd5caLg93E31GBPv
37G42YGcjUPFJIZF1GR3CD6Kgm5aLb0731JZ93epWto2DOBye75CaMomQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOAGW1krnVT4bQ7DTHiLNbixIwpTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNEFaYldTdWRWUGh0RHNOTWVJczF1TEVqQ2xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJX/26UqDsZI3OMl7sjg
3AWbT/4oZRIIw1aTX2ATFISbU5vdzeSBMbBZHOFjq6V0vmiRltB/46mHqRbfiAWK
7KSHnzMS01bR1/bueGI2P/U5PVGEoFFZcAC1bzEuevXYqFHQurMepSwsU4ZafQl2
c5Irw5ltITgw8HeJRpr89enBai0bBX0iugNpPDit3VaECvHEnXNizp5GfMHx/wXi
aYRKhgGLTEJQ8kaR+XMV++Lz1Igvl3tCJRNeNUSpwLh3SHyZ8NXD48OUvku0aVlh
ye07dqsTRvHLZ1iEZeiAB1roCpP4hwbbMan8orhDUbqVy0+GO7qCCpWxzTDRQ95x
/FY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:15:28 2025 by rpki-client