Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/64ZrbTg35M1Y2q21TWPUzCEiTrY.roa
File: 64ZrbTg35M1Y2q21TWPUzCEiTrY.roa (raw, json)
Hash identifier: Wg1OR/GDfn1/QIAWwrBxCM7Qz8v1AFgEA5Ku++Asf/Y=
Subject key identifier: EB:86:6B:6D:38:37:E4:CD:58:DA:AD:B5:4D:63:D4:CC:21:22:4E:B6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C94E13CAF7156A7BD794DCA6B4DE910B1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/64ZrbTg35M1Y2q21TWPUzCEiTrY.roa
Signing time: Sat 23 Dec 2023 04:13:58 +0000
ROA not before: Sat 23 Dec 2023 04:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:94:e1:3c:af:71:56:a7:bd:79:4d:ca:6b:4d:e9:10:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 04:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb866b6d3837e4cd58daadb54d63d4cc21224eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6e:2d:94:78:f0:66:79:f6:29:c4:4f:5a:48:
bf:68:c5:fa:cf:73:69:1a:d5:32:bc:e1:55:dd:c6:
91:fe:8d:1f:98:0d:e0:e4:40:d2:5c:2c:ce:09:3a:
86:86:52:b4:18:45:de:80:80:10:14:73:24:81:3b:
90:f3:27:aa:39:d0:0e:97:6c:19:75:8f:08:b5:7d:
74:9b:b0:a2:47:f4:ba:21:f2:73:80:73:40:62:8a:
51:05:9c:e2:c1:7c:29:8b:35:d5:28:e3:33:a1:2a:
26:7d:6b:4d:8b:19:25:24:5c:9d:47:92:aa:53:04:
6a:39:ed:c8:c9:0a:aa:74:39:d0:27:69:cb:9f:f9:
7d:8c:24:bb:43:ac:7d:35:13:87:0d:23:4f:aa:1a:
7f:1e:b6:9f:dd:b1:6d:37:91:ee:3e:9f:4d:8a:e0:
ac:43:41:db:52:c1:27:58:b9:61:66:2d:17:7d:b3:
5d:d9:9c:50:00:63:93:de:a5:28:a4:c4:9c:ac:d6:
92:ba:90:ee:44:1b:96:c3:15:73:fc:6d:07:40:77:
64:b2:09:cf:ce:ff:9e:66:4b:ac:59:79:3e:30:73:
3c:8a:67:6a:80:92:1c:20:58:31:03:5e:d6:fa:ca:
52:ed:5b:f7:8f:2c:cc:12:c8:de:38:ed:39:c4:90:
c4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:86:6B:6D:38:37:E4:CD:58:DA:AD:B5:4D:63:D4:CC:21:22:4E:B6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/64ZrbTg35M1Y2q21TWPUzCEiTrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
15:46:22:b6:1c:71:a4:4b:c8:ee:d4:b7:dc:57:24:63:25:ce:
d7:44:12:30:16:c6:ef:27:11:a4:98:21:4e:91:04:48:0b:f8:
a5:bf:95:9f:a0:43:d6:b8:07:9f:b3:80:53:f0:19:47:82:23:
81:70:66:3d:75:66:59:de:c2:60:f7:dd:ee:f1:05:b7:61:58:
37:9a:21:d2:e0:97:ff:fe:1d:5c:a7:1d:1b:ac:aa:cf:1b:48:
c1:b0:b5:71:71:ff:7d:8e:f1:7e:63:04:b7:91:34:ec:63:1c:
e4:a3:59:12:aa:b6:f8:ed:0b:63:24:02:72:3b:61:25:a2:5d:
95:ef:c4:4b:2d:2c:f3:ac:51:0f:47:7f:de:b0:46:53:04:10:
43:04:c4:6d:70:55:9b:37:c5:64:ef:45:77:ed:ee:aa:93:15:
76:19:41:0e:7f:c5:2a:b4:1f:10:11:9d:c7:9c:91:96:52:04:
92:15:89:0b:76:38:27:03:c7:4b:e8:7d:3d:ac:f8:fc:f5:cc:
2a:46:1e:0f:26:1e:86:f4:53:89:f4:63:c9:0a:75:cd:8e:ac:
c1:e7:7a:ca:33:62:46:2c:ac:38:12:60:30:45:a1:2b:ee:64:
a8:30:38:b9:bc:f5:80:21:3f:b9:df:7f:61:cc:e5:10:25:47:
c4:f8:5d:62
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyU4TyvcVanvXlNymtN6RCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMDQxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjg2NmI2ZDM4MzdlNGNkNThkYWFkYjU0ZDYzZDRjYzIxMjI0ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm24tlHjwZnn2KcRPWki/aMX6z3Np
GtUyvOFV3caR/o0fmA3g5EDSXCzOCTqGhlK0GEXegIAQFHMkgTuQ8yeqOdAOl2wZ
dY8ItX10m7CiR/S6IfJzgHNAYopRBZziwXwpizXVKOMzoSomfWtNixklJFydR5Kq
UwRqOe3IyQqqdDnQJ2nLn/l9jCS7Q6x9NROHDSNPqhp/Hraf3bFtN5HuPp9NiuCs
Q0HbUsEnWLlhZi0XfbNd2ZxQAGOT3qUopMScrNaSupDuRBuWwxVz/G0HQHdksgnP
zv+eZkusWXk+MHM8imdqgJIcIFgxA17W+spS7Vv3jyzMEsjeOO05xJDEDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOuGa204N+TNWNqttU1j1MwhIk62MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNjRacmJUZzM1TTFZMnEyMVRXUFV6Q0VpVHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABVGIrYccaRLyO7Ut9xX
JGMlztdEEjAWxu8nEaSYIU6RBEgL+KW/lZ+gQ9a4B5+zgFPwGUeCI4FwZj11Zlne
wmD33e7xBbdhWDeaIdLgl//+HVynHRusqs8bSMGwtXFx/32O8X5jBLeRNOxjHOSj
WRKqtvjtC2MkAnI7YSWiXZXvxEstLPOsUQ9Hf96wRlMEEEMExG1wVZs3xWTvRXft
7qqTFXYZQQ5/xSq0HxARnceckZZSBJIViQt2OCcDx0vofT2s+Pz1zCpGHg8mHob0
U4n0Y8kKdc2OrMHnesozYkYsrDgSYDBFoSvuZKgwOLm89YAhP7nff2HM5RAlR8T4
XWI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:18 2025 by rpki-client