Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5E5W0TNimjWI2hday_FfORBnUMs.roa
File: 5E5W0TNimjWI2hday_FfORBnUMs.roa (raw, json)
Hash identifier: VNf7mEaDoIWG028dZfONcVfcSLjLUVfVtTF5ibkogvQ=
Subject key identifier: E4:4E:56:D1:33:62:9A:35:88:DA:17:5A:CB:F1:5F:39:10:67:50:CB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0029DFE7BED692615538DEB19200845D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5E5W0TNimjWI2hday_FfORBnUMs.roa
Signing time: Sat 13 Jan 2024 00:12:40 +0000
ROA not before: Sat 13 Jan 2024 00:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:00:29:df:e7:be:d6:92:61:55:38:de:b1:92:00:84:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 13 00:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e44e56d133629a3588da175acbf15f39106750cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8b:6f:e1:b6:42:ba:d4:de:d1:1a:97:b8:21:
ec:a2:7f:87:e1:7c:8b:e0:89:dc:70:05:98:29:63:
5b:86:b0:73:02:32:0b:a5:2c:83:23:b4:a0:f4:ab:
ad:65:7d:54:37:de:02:95:93:8a:3f:77:3e:3d:b8:
0f:43:8f:d8:0e:cd:b2:d8:0a:d6:09:fd:8e:89:56:
29:43:ae:fc:0e:b8:fe:bc:14:10:d1:e5:2b:77:63:
b6:71:ca:2d:ad:a4:a6:6f:34:5e:98:6d:7d:d9:fc:
b1:bb:49:0b:f9:c5:f1:a0:02:7d:a1:0f:db:5a:cf:
cb:db:f3:4a:02:ef:eb:91:50:1f:c2:62:f9:9e:8f:
82:cb:d8:55:12:e1:f1:98:71:b9:2f:1c:50:f5:57:
b6:c5:b2:72:ee:67:6c:27:ce:31:58:4f:10:f0:db:
19:7b:9f:7e:d4:09:32:e5:d0:f7:bb:c6:37:a4:6f:
4b:1b:d7:e7:16:09:a9:39:0e:f8:ef:26:52:34:04:
fe:17:8c:70:79:dc:c4:98:55:44:78:a5:ee:7b:aa:
80:89:b3:83:7e:e8:c5:af:bf:53:dc:26:64:45:14:
73:1b:fb:32:07:8f:5e:7e:06:2d:3a:a9:00:fa:a4:
7d:dd:7a:1e:2b:f8:8b:b3:4e:93:f2:a9:8f:4b:dd:
9a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:4E:56:D1:33:62:9A:35:88:DA:17:5A:CB:F1:5F:39:10:67:50:CB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5E5W0TNimjWI2hday_FfORBnUMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:ba:e8:c8:6f:6f:0c:d9:22:06:02:2f:44:f0:14:5a:a7:0f:
ce:3e:37:87:e7:19:1d:31:44:d1:e4:35:aa:cd:60:e8:d9:79:
69:2d:5f:0c:19:5a:95:ee:85:5a:94:99:61:28:cf:bc:56:2f:
d8:b6:2e:fa:4d:31:ea:7d:53:da:49:df:e7:ef:ae:63:2f:c1:
e9:94:b8:97:69:83:55:af:87:24:1d:1c:24:73:63:dc:73:18:
a3:fe:c8:ea:0e:f8:6c:50:37:39:c2:c0:63:56:7b:3b:b6:e7:
02:75:28:dc:92:5d:cc:13:88:fc:f7:f8:06:db:09:a2:7b:0f:
2c:07:bd:54:9a:8f:93:02:32:49:f8:ca:7d:9e:01:a0:b6:ba:
58:a7:3f:e7:ca:da:4e:47:df:b1:db:1f:c8:43:e5:57:c0:b1:
c0:5d:b7:e0:04:52:1b:40:6c:7a:4f:cd:65:f4:59:aa:da:6f:
6a:4c:ea:e8:5a:4d:b2:56:e5:ae:f6:55:ed:ef:cf:6e:b2:86:
4b:5a:94:b4:f1:4a:85:fb:fa:a9:77:45:d6:d0:8b:37:e1:f1:
61:fe:fd:fd:12:83:c8:c6:04:39:07:04:3a:4f:55:f3:c9:32:
17:f1:68:6b:75:fc:47:54:c7:c2:08:9d:96:98:94:74:bf:92:
a3:18:d1:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0AKd/nvtaSYVU43rGSAIRdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEzMDAxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDRlNTZkMTMzNjI5YTM1ODhkYTE3NWFjYmYxNWYzOTEwNjc1MGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4tv4bZCutTe0RqXuCHson+H4XyL
4InccAWYKWNbhrBzAjILpSyDI7Sg9KutZX1UN94ClZOKP3c+PbgPQ4/YDs2y2ArW
Cf2OiVYpQ678Drj+vBQQ0eUrd2O2ccotraSmbzRemG192fyxu0kL+cXxoAJ9oQ/b
Ws/L2/NKAu/rkVAfwmL5no+Cy9hVEuHxmHG5LxxQ9Ve2xbJy7mdsJ84xWE8Q8NsZ
e59+1Aky5dD3u8Y3pG9LG9fnFgmpOQ747yZSNAT+F4xwedzEmFVEeKXue6qAibOD
fujFr79T3CZkRRRzG/syB49efgYtOqkA+qR93XoeK/iLs06T8qmPS92a9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOROVtEzYpo1iNoXWsvxXzkQZ1DLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNUU1VzBUTmltaldJMmhkYXlfRmZPUkJuVU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJS66MhvbwzZIgYCL0Tw
FFqnD84+N4fnGR0xRNHkNarNYOjZeWktXwwZWpXuhVqUmWEoz7xWL9i2LvpNMep9
U9pJ3+fvrmMvwemUuJdpg1WvhyQdHCRzY9xzGKP+yOoO+GxQNznCwGNWezu25wJ1
KNySXcwTiPz3+AbbCaJ7DywHvVSaj5MCMkn4yn2eAaC2ulinP+fK2k5H37HbH8hD
5VfAscBdt+AEUhtAbHpPzWX0Warab2pM6uhaTbJW5a72Ve3vz26yhktalLTxSoX7
+ql3RdbQizfh8WH+/f0Sg8jGBDkHBDpPVfPJMhfxaGt1/EdUx8IInZaYlHS/kqMY
0Uc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:19 2025 by rpki-client