Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5OJLoM3kCG0G1O1OM-34-ThnJMM.roa
File: 5OJLoM3kCG0G1O1OM-34-ThnJMM.roa (raw, json)
Hash identifier: /x4xhQeLvJfd6vbCyhqq/KicHVlqzJwIeGgdHN4mMMQ=
Subject key identifier: E4:E2:4B:A0:CD:E4:08:6D:06:D4:ED:4E:33:ED:F8:F9:38:67:24:C3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CAED7F749A6B7AD673243D16AEA28F5A0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5OJLoM3kCG0G1O1OM-34-ThnJMM.roa
Signing time: Thu 28 Dec 2023 05:13:58 +0000
ROA not before: Thu 28 Dec 2023 05:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ae:d7:f7:49:a6:b7:ad:67:32:43:d1:6a:ea:28:f5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 28 05:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4e24ba0cde4086d06d4ed4e33edf8f9386724c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:0c:45:c9:cf:5f:cf:a9:52:16:dc:98:ec:26:
6f:f6:6c:dc:9d:40:46:36:5b:16:fc:01:64:4d:03:
6f:e5:fe:2d:86:73:ac:5f:b8:29:3b:88:8c:d5:66:
d4:b4:46:5a:b8:df:94:89:2f:98:4c:05:b4:4f:f3:
e1:4e:b9:19:25:24:db:9d:12:b8:85:49:5d:38:89:
73:a1:b5:38:28:fa:26:3c:1a:0d:14:e6:bb:29:1e:
e1:77:29:7e:97:a3:0a:74:51:5a:88:19:6c:55:3d:
6b:f3:c9:76:d2:a3:b1:fe:c0:b8:0e:94:19:b5:e3:
ee:42:51:b9:07:53:34:6c:95:4e:38:5e:90:ab:96:
09:78:43:e4:0e:08:79:67:61:cf:09:6b:d7:aa:1c:
dd:90:60:57:6a:fa:07:ef:7d:70:96:36:14:91:ea:
d4:2a:66:96:f1:f2:ee:af:67:bb:7b:16:ec:37:97:
77:5b:95:32:cf:6d:aa:e8:a3:4a:d0:0b:8c:54:37:
35:ac:db:17:94:b9:a8:c7:8a:a4:08:bd:f7:f9:eb:
90:c5:31:21:6a:01:4d:69:ee:db:ea:78:10:68:80:
81:14:6f:2e:e5:39:bf:9b:4b:ad:07:2f:81:0d:f8:
00:22:40:2a:4f:46:93:df:54:36:c7:07:ab:de:0a:
87:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E2:4B:A0:CD:E4:08:6D:06:D4:ED:4E:33:ED:F8:F9:38:67:24:C3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5OJLoM3kCG0G1O1OM-34-ThnJMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
90:ca:f6:fd:51:6b:b6:1e:dd:da:2d:d4:f0:01:83:76:a9:06:
8a:4b:b8:c0:aa:8a:fa:2f:c1:1a:36:8b:c9:47:64:86:ea:df:
1a:45:4c:97:8b:10:3f:5f:f1:9e:8a:8b:fc:33:e9:32:3f:ac:
01:58:1a:13:a2:15:47:a1:e3:bf:12:dd:82:2f:b9:c8:94:96:
cb:c9:56:c2:47:4a:9b:b6:23:b5:d0:32:1c:3f:74:93:6e:f7:
e3:0a:12:22:1b:a1:45:d1:40:34:a7:e2:95:95:4c:01:b2:96:
79:90:68:8b:55:21:4a:77:b8:ab:6e:f4:57:68:4f:ec:01:78:
52:52:33:23:59:75:10:f7:7c:a2:ac:37:94:6a:8f:19:90:b0:
49:e9:f0:1a:4a:89:54:cb:31:34:94:68:1a:a0:e3:8f:6d:82:
4e:1f:6f:84:2a:76:79:38:8f:20:4b:cc:82:e8:2e:95:3e:68:
cb:55:81:a1:a1:61:c1:ae:64:fc:31:b2:89:d9:70:b8:ab:f3:
ce:f9:6c:ba:62:cb:da:a8:76:80:db:19:23:2a:c1:b2:1e:30:
c8:bb:53:55:e6:d7:37:df:d4:a3:de:34:73:4a:03:e3:49:06:
0d:27:b6:5a:eb:94:ed:58:50:7c:91:b0:85:46:6e:2a:89:9d:
d8:10:a2:28
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyu1/dJpretZzJD0WrqKPWgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI4MDUxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUyNGJhMGNkZTQwODZkMDZkNGVkNGUzM2VkZjhmOTM4NjcyNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAxFyc9fz6lSFtyY7CZv9mzcnUBG
NlsW/AFkTQNv5f4thnOsX7gpO4iM1WbUtEZauN+UiS+YTAW0T/PhTrkZJSTbnRK4
hUldOIlzobU4KPomPBoNFOa7KR7hdyl+l6MKdFFaiBlsVT1r88l20qOx/sC4DpQZ
tePuQlG5B1M0bJVOOF6Qq5YJeEPkDgh5Z2HPCWvXqhzdkGBXavoH731wljYUkerU
KmaW8fLur2e7exbsN5d3W5Uyz22q6KNK0AuMVDc1rNsXlLmox4qkCL33+euQxTEh
agFNae7b6ngQaICBFG8u5Tm/m0utBy+BDfgAIkAqT0aT31Q2xwer3gqHdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOTiS6DN5AhtBtTtTjPt+Pk4ZyTDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNU9KTG9NM2tDRzBHMU8xT00tMzQtVGhuSk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJDK9v1Ra7Ye3dot1PAB
g3apBopLuMCqivovwRo2i8lHZIbq3xpFTJeLED9f8Z6Ki/wz6TI/rAFYGhOiFUeh
478S3YIvuciUlsvJVsJHSpu2I7XQMhw/dJNu9+MKEiIboUXRQDSn4pWVTAGylnmQ
aItVIUp3uKtu9FdoT+wBeFJSMyNZdRD3fKKsN5RqjxmQsEnp8BpKiVTLMTSUaBqg
449tgk4fb4Qqdnk4jyBLzILoLpU+aMtVgaGhYcGuZPwxsonZcLir8875bLpiy9qo
doDbGSMqwbIeMMi7U1Xm1zff1KPeNHNKA+NJBg0ntlrrlO1YUHyRsIVGbiqJndgQ
oig=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:07 2025 by rpki-client