Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/62vop2nKwelHJhr77kml3qjtMVU.roa
File: 62vop2nKwelHJhr77kml3qjtMVU.roa (raw, json)
Hash identifier: Ug0h4R4aqlR1V4Oh0VLdEOgRTcXXc5Cka//Z1OtUhok=
Subject key identifier: EB:6B:E8:A7:69:CA:C1:E9:47:26:1A:FB:EE:49:A5:DE:A8:ED:31:55
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E52F842A045142B3B57A09EC562A7E77F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/62vop2nKwelHJhr77kml3qjtMVU.roa
Signing time: Mon 18 Mar 2024 19:09:45 +0000
ROA not before: Mon 18 Mar 2024 19:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:f8:42:a0:45:14:2b:3b:57:a0:9e:c5:62:a7:e7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 18 19:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb6be8a769cac1e947261afbee49a5dea8ed3155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f6:b8:d0:07:a8:5a:79:64:db:bf:3d:9b:49:
4e:22:68:7f:7b:8e:c5:6b:a4:17:39:07:75:8b:d9:
2a:d1:cc:d5:f4:39:e9:74:c5:f1:86:40:53:e3:c0:
ed:9a:90:15:9b:4a:7b:9d:5d:b2:c4:25:c3:7e:df:
33:73:fc:ff:05:49:c9:ef:08:87:f1:9b:a6:34:98:
21:69:10:49:64:28:04:52:8b:ad:a6:ac:3b:a3:1b:
ef:44:d9:48:af:f2:4f:f0:31:4a:f2:f2:a0:7d:59:
8a:7b:db:35:32:52:36:53:db:db:34:c9:9c:24:38:
91:fc:17:65:c7:a7:39:07:2a:3b:de:b2:cc:d4:74:
c0:46:78:01:92:5a:de:bf:5b:d9:6a:3d:2a:29:f2:
6e:74:d1:63:4b:e1:65:d2:82:30:25:ef:e5:3d:dd:
55:83:cb:9e:89:69:c6:93:51:4b:22:e2:9b:a1:1c:
9f:09:6e:ba:07:5b:e1:aa:38:3a:05:1e:b3:0d:c1:
82:16:92:32:3c:cf:84:3c:b1:ae:d4:86:19:94:42:
58:20:9a:70:97:bf:d6:14:f6:83:4e:a8:a1:3c:75:
cc:2d:71:dc:76:16:db:39:0a:a1:a9:d2:5a:60:19:
4b:02:f3:10:b7:10:14:3a:ec:da:b4:39:87:8a:0b:
1f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6B:E8:A7:69:CA:C1:E9:47:26:1A:FB:EE:49:A5:DE:A8:ED:31:55
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/62vop2nKwelHJhr77kml3qjtMVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:37:85:85:3a:ce:14:3a:de:91:07:3c:7f:08:61:e0:2d:55:
22:a4:01:d8:15:10:55:15:e3:37:17:cc:b2:8e:44:17:6e:54:
90:7d:c7:5e:59:5e:91:b2:93:19:1b:be:f0:bc:cb:9e:c1:28:
6d:e1:ee:ac:94:02:e9:7a:4f:3d:48:a2:39:75:63:c0:0c:f2:
a8:cb:36:87:e8:8e:20:85:56:03:bc:2f:62:4a:d1:1a:46:4e:
37:f5:0a:55:3e:0f:da:fd:c7:28:56:43:91:5e:37:d8:7f:c1:
86:bb:fa:8e:6c:61:a2:a0:5f:38:a4:26:e7:04:94:54:41:b3:
37:38:6f:26:8f:17:a2:38:05:3c:b7:c5:4f:2d:cf:7c:59:05:
b1:b0:4c:23:06:08:cb:69:81:ca:a6:24:74:bf:86:20:9c:28:
c4:ce:21:72:66:80:64:cc:1b:e5:c2:92:cd:ca:89:57:9f:8f:
97:58:46:4a:1e:52:be:25:ed:2b:d7:cb:1d:eb:db:39:d1:ea:
91:5f:99:7f:23:d0:8e:f6:45:e9:54:f2:d5:de:0b:df:b2:23:
45:9d:c5:79:09:e4:ac:d0:2d:a3:ff:ec:b5:0e:e9:05:83:c1:
c8:f1:c8:c7:7a:11:cd:2b:3c:e5:a8:8c:43:0b:62:2e:ca:b9:
c5:c3:18:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5S+EKgRRQrO1egnsVip+d/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE4MTkwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZiZThhNzY5Y2FjMWU5NDcyNjFhZmJlZTQ5YTVkZWE4ZWQzMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfa40AeoWnlk2789m0lOImh/e47F
a6QXOQd1i9kq0czV9DnpdMXxhkBT48DtmpAVm0p7nV2yxCXDft8zc/z/BUnJ7wiH
8ZumNJghaRBJZCgEUoutpqw7oxvvRNlIr/JP8DFK8vKgfVmKe9s1MlI2U9vbNMmc
JDiR/Bdlx6c5Byo73rLM1HTARngBklrev1vZaj0qKfJudNFjS+Fl0oIwJe/lPd1V
g8ueiWnGk1FLIuKboRyfCW66B1vhqjg6BR6zDcGCFpIyPM+EPLGu1IYZlEJYIJpw
l7/WFPaDTqihPHXMLXHcdhbbOQqhqdJaYBlLAvMQtxAUOuzatDmHigsfUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOtr6KdpysHpRyYa++5Jpd6o7TFVMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNjJ2b3Aybkt3ZWxISmhyNzdrbWwzcWp0TVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEY3hYU6zhQ63pEHPH8I
YeAtVSKkAdgVEFUV4zcXzLKORBduVJB9x15ZXpGykxkbvvC8y57BKG3h7qyUAul6
Tz1Iojl1Y8AM8qjLNofojiCFVgO8L2JK0RpGTjf1ClU+D9r9xyhWQ5FeN9h/wYa7
+o5sYaKgXzikJucElFRBszc4byaPF6I4BTy3xU8tz3xZBbGwTCMGCMtpgcqmJHS/
hiCcKMTOIXJmgGTMG+XCks3KiVefj5dYRkoeUr4l7SvXyx3r2znR6pFfmX8j0I72
RelU8tXeC9+yI0WdxXkJ5KzQLaP/7LUO6QWDwcjxyMd6Ec0rPOWojEMLYi7KucXD
GEY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:09 2025 by rpki-client