Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6L8xDC9aBPvVEZaGap4elZrxZwc.roa
File: 6L8xDC9aBPvVEZaGap4elZrxZwc.roa (raw, json)
Hash identifier: zuOtW4cDwUlWLHGXZ+xN3Kh4NCmJ4I+ssyEoHXo3Hgc=
Subject key identifier: E8:BF:31:0C:2F:5A:04:FB:D5:11:96:86:6A:9E:1E:95:9A:F1:67:07
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E97DB244D8F344A72FED44AB7D3B7E75C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6L8xDC9aBPvVEZaGap4elZrxZwc.roa
Signing time: Mon 01 Apr 2024 04:11:45 +0000
ROA not before: Mon 01 Apr 2024 04:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:97:db:24:4d:8f:34:4a:72:fe:d4:4a:b7:d3:b7:e7:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 04:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8bf310c2f5a04fbd51196866a9e1e959af16707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:05:72:20:39:b0:5e:8f:a9:62:ee:38:ee:fd:
6d:11:5c:32:73:03:d9:d6:73:6b:a6:47:20:94:37:
d8:ba:23:5b:c4:65:83:ba:35:22:56:36:08:c4:0a:
40:0c:12:40:ba:b7:2d:7a:e1:6e:65:2b:30:d2:d0:
36:6c:32:8a:8d:43:59:06:df:81:97:fa:c2:21:07:
17:ca:77:ad:07:62:f2:c6:0e:1e:85:a4:9d:aa:62:
bf:19:88:87:1a:ba:51:b1:7a:db:f6:1a:ca:33:98:
8d:c3:13:dd:50:a1:22:90:18:65:d2:ff:4f:6c:59:
24:9f:13:9a:96:55:f8:42:d5:9a:ae:ab:ec:15:1c:
62:40:a9:25:01:b3:53:33:a3:c5:86:99:72:1d:83:
e1:eb:72:d1:1c:4a:36:01:0a:07:31:c0:46:bd:4f:
a6:cb:8f:56:db:9f:04:e8:ae:f9:f1:65:d5:8a:36:
de:21:c5:bc:11:dd:f1:cb:5b:08:05:3f:cf:57:af:
02:44:7c:79:67:9a:98:8d:5b:c0:57:cb:52:9c:a9:
f1:7f:91:8d:71:c6:02:5b:6e:f9:28:a5:c6:fb:49:
bb:a6:43:c9:29:7f:8d:40:12:b3:98:d8:01:4c:0b:
45:56:82:39:92:b4:53:89:d1:d7:15:78:75:73:a4:
d4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:BF:31:0C:2F:5A:04:FB:D5:11:96:86:6A:9E:1E:95:9A:F1:67:07
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6L8xDC9aBPvVEZaGap4elZrxZwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:24:76:43:d9:27:34:6a:02:9e:64:72:78:a9:29:1d:63:cf:
6d:09:d4:e0:50:a2:a3:28:90:4a:0e:30:a8:4e:00:15:61:a9:
77:dc:e2:40:86:e5:ca:e4:51:59:78:c7:84:00:1d:3d:e7:f0:
98:8b:87:9f:c8:b9:c4:b2:7a:ae:48:9a:34:d8:df:28:35:ac:
b5:e7:b5:21:84:ee:14:54:90:df:0a:6b:08:eb:96:76:cb:09:
2c:54:5a:0a:1d:c4:8f:4c:a8:c0:67:54:47:df:bd:ec:93:dd:
b8:a1:3b:6e:e0:65:ad:4b:8a:ba:c9:ec:61:14:ee:d8:45:2c:
e8:77:75:e2:03:75:e8:8b:fc:35:80:8c:0b:96:8f:c5:cc:57:
66:36:a9:2e:83:ff:cb:25:19:14:9e:e3:46:95:ce:bb:11:11:
de:2e:62:66:d5:87:af:c8:ea:a0:b4:b7:2f:fb:f4:a5:b3:91:
bc:63:28:d4:4b:b4:08:21:3d:39:da:40:a2:ae:9a:e9:f6:5c:
f9:10:11:23:e8:9d:d5:1f:77:19:6c:90:ed:81:71:9d:a4:31:
d7:96:a6:d1:f2:ba:3a:49:39:e2:68:3d:54:99:b3:91:df:e3:
d3:54:58:0a:67:1c:1f:f9:bc:7f:1f:2d:d6:0f:2f:21:f0:15:
8c:a9:6e:22
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6X2yRNjzRKcv7USrfTt+dcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMDQxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGJmMzEwYzJmNWEwNGZiZDUxMTk2ODY2YTllMWU5NTlhZjE2NzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAVyIDmwXo+pYu447v1tEVwycwPZ
1nNrpkcglDfYuiNbxGWDujUiVjYIxApADBJAurcteuFuZSsw0tA2bDKKjUNZBt+B
l/rCIQcXynetB2Lyxg4ehaSdqmK/GYiHGrpRsXrb9hrKM5iNwxPdUKEikBhl0v9P
bFkknxOallX4QtWarqvsFRxiQKklAbNTM6PFhplyHYPh63LRHEo2AQoHMcBGvU+m
y49W258E6K758WXVijbeIcW8Ed3xy1sIBT/PV68CRHx5Z5qYjVvAV8tSnKnxf5GN
ccYCW275KKXG+0m7pkPJKX+NQBKzmNgBTAtFVoI5krRTidHXFXh1c6TUUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOi/MQwvWgT71RGWhmqeHpWa8WcHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNkw4eERDOWFCUHZWRVphR2FwNGVsWnJ4WndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKQkdkPZJzRqAp5kcnip
KR1jz20J1OBQoqMokEoOMKhOABVhqXfc4kCG5crkUVl4x4QAHT3n8JiLh5/IucSy
eq5ImjTY3yg1rLXntSGE7hRUkN8KawjrlnbLCSxUWgodxI9MqMBnVEffveyT3bih
O27gZa1LirrJ7GEU7thFLOh3deIDdeiL/DWAjAuWj8XMV2Y2qS6D/8slGRSe40aV
zrsREd4uYmbVh6/I6qC0ty/79KWzkbxjKNRLtAghPTnaQKKumun2XPkQESPondUf
dxlskO2BcZ2kMdeWptHyujpJOeJoPVSZs5Hf49NUWApnHB/5vH8fLdYPLyHwFYyp
biI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:26 2025 by rpki-client