Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5XKVwe0BH19mvwcxwsrjO1nKjsc.roa
File: 5XKVwe0BH19mvwcxwsrjO1nKjsc.roa (raw, json)
Hash identifier: DLOjnnwLEfebnfIOR/SNftPBdJaEWsFEajNuBzdav0g=
Subject key identifier: E5:72:95:C1:ED:01:1F:5F:66:BF:07:31:C2:CA:E3:3B:59:CA:8E:C7
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C90576E7A5C62CFC12B373A30D0F775F6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5XKVwe0BH19mvwcxwsrjO1nKjsc.roa
Signing time: Fri 22 Dec 2023 07:04:58 +0000
ROA not before: Fri 22 Dec 2023 07:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:9056:ed04/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:90:57:6e:7a:5c:62:cf:c1:2b:37:3a:30:d0:f7:75:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 07:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e57295c1ed011f5f66bf0731c2cae33b59ca8ec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e3:cc:69:72:1c:ef:53:a6:65:20:4c:c1:84:
94:de:2e:d9:c1:b8:91:c6:45:bc:12:c4:55:32:32:
17:0b:c7:6a:a1:39:97:c2:95:ef:80:3b:a8:2c:13:
6f:f0:e9:83:a0:c4:e5:ae:5d:73:08:2f:d6:c8:07:
7f:1d:cf:9a:05:e3:a3:3b:55:0b:36:6e:93:86:73:
97:42:04:a6:b2:d6:11:41:0e:8f:7e:f1:c3:01:22:
26:21:54:c4:58:bd:58:ed:d7:98:da:1b:30:21:94:
16:35:52:46:f4:01:9d:06:71:56:a9:21:03:0c:9a:
40:96:53:f4:a7:1d:65:f7:c3:64:4d:ea:d7:61:24:
4e:1a:a3:6b:e6:77:ee:a8:6b:49:43:6e:9d:bc:58:
43:ba:b1:0e:71:ab:3c:d5:31:45:8e:26:b3:c1:5a:
0d:79:5c:3d:a3:90:71:88:c8:65:73:4b:b7:4e:da:
b6:c6:8a:aa:4c:e3:df:60:8d:49:ef:b6:90:a6:a4:
4e:b3:82:ad:5e:03:b9:6a:3b:ee:3a:18:cf:31:35:
67:d2:43:d3:27:61:5e:5e:cd:2d:98:21:86:24:ed:
23:ff:8d:8f:ae:30:fa:75:f1:3b:af:ad:a9:7c:8b:
25:5d:a2:90:e5:79:d8:cf:99:02:d4:9b:8d:c2:6b:
7d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:72:95:C1:ED:01:1F:5F:66:BF:07:31:C2:CA:E3:3B:59:CA:8E:C7
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/5XKVwe0BH19mvwcxwsrjO1nKjsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:df:9d:72:60:ce:19:3e:0e:5e:05:dd:80:cb:5c:38:e5:ef:
80:91:f1:8f:70:7c:6b:6e:e2:cf:3f:fb:d8:99:64:2c:e6:d2:
22:1d:3c:68:3d:c3:d2:e0:4f:05:a1:4e:8b:35:86:73:cf:52:
2e:38:08:dc:0c:62:ad:88:ac:07:ce:87:da:5a:49:23:86:01:
59:e0:ed:be:01:fe:a0:ad:f7:b3:4e:ac:9b:13:ac:1d:be:cd:
f0:40:a0:af:57:d7:ff:43:d6:13:63:2e:62:b0:d7:32:f3:d5:
12:2f:a9:cf:b9:2e:bc:c5:87:fd:90:5a:80:a5:be:71:6a:f1:
ff:0c:50:d7:c0:7b:4a:50:70:0e:c1:90:c6:69:7c:0b:34:3a:
92:3d:a6:61:18:24:95:f8:77:d7:7a:69:43:36:d4:4f:e6:7e:
2a:b0:9c:48:7b:d9:92:84:15:a1:a0:da:26:fc:24:22:98:1c:
31:00:54:7b:be:bf:1f:f2:ab:60:70:ac:e1:de:37:af:a5:f5:
f5:8c:ae:4f:37:8b:54:b4:51:7e:77:2a:51:c8:f6:4e:c5:cf:
fa:f2:ec:99:d7:35:83:31:3b:ab:80:91:c9:ed:39:47:b4:d6:
8c:82:ad:b2:27:a2:2f:91:dd:aa:d3:f9:c6:9f:b1:4e:da:fb:
6b:a1:d0:8c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyQV256XGLPwSs3OjDQ93X2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMDcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTcyOTVjMWVkMDExZjVmNjZiZjA3MzFjMmNhZTMzYjU5Y2E4ZWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+PMaXIc71OmZSBMwYSU3i7ZwbiR
xkW8EsRVMjIXC8dqoTmXwpXvgDuoLBNv8OmDoMTlrl1zCC/WyAd/Hc+aBeOjO1UL
Nm6ThnOXQgSmstYRQQ6PfvHDASImIVTEWL1Y7deY2hswIZQWNVJG9AGdBnFWqSED
DJpAllP0px1l98NkTerXYSROGqNr5nfuqGtJQ26dvFhDurEOcas81TFFjiazwVoN
eVw9o5BxiMhlc0u3Ttq2xoqqTOPfYI1J77aQpqROs4KtXgO5ajvuOhjPMTVn0kPT
J2FeXs0tmCGGJO0j/42PrjD6dfE7r62pfIslXaKQ5XnYz5kC1JuNwmt99wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOVylcHtAR9fZr8HMcLK4ztZyo7HMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNVhLVndlMEJIMTltdndjeHdzcmpPMW5LanNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB3fnXJgzhk+Dl4F3YDL
XDjl74CR8Y9wfGtu4s8/+9iZZCzm0iIdPGg9w9LgTwWhTos1hnPPUi44CNwMYq2I
rAfOh9paSSOGAVng7b4B/qCt97NOrJsTrB2+zfBAoK9X1/9D1hNjLmKw1zLz1RIv
qc+5LrzFh/2QWoClvnFq8f8MUNfAe0pQcA7BkMZpfAs0OpI9pmEYJJX4d9d6aUM2
1E/mfiqwnEh72ZKEFaGg2ib8JCKYHDEAVHu+vx/yq2BwrOHeN6+l9fWMrk83i1S0
UX53KlHI9k7Fz/ry7JnXNYMxO6uAkcntOUe01oyCrbInoi+R3arT+cafsU7a+2uh
0Iw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:52 2025 by rpki-client