Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6pCTI-yIoaVhXUayzgno5sfK5jk.roa
File: 6pCTI-yIoaVhXUayzgno5sfK5jk.roa (raw, json)
Hash identifier: +3Zp6AWAIWABQVq/e/V/xJmFUL0ZiPEYswWpbVwLfoE=
Subject key identifier: EA:90:93:23:EC:88:A1:A5:61:5D:46:B2:CE:09:E8:E6:C7:CA:E6:39
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2024FEB305C5A17850BFAFFAF7614FC3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6pCTI-yIoaVhXUayzgno5sfK5jk.roa
Signing time: Fri 19 Jan 2024 05:15:11 +0000
ROA not before: Fri 19 Jan 2024 05:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:24:fe:b3:05:c5:a1:78:50:bf:af:fa:f7:61:4f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 19 05:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea909323ec88a1a5615d46b2ce09e8e6c7cae639
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:67:2c:74:2d:84:52:a2:dc:ae:3a:2e:30:1a:
13:cd:81:34:38:f9:cb:2a:6c:f1:f7:77:ab:5b:0b:
58:e8:9d:3e:3b:9c:79:76:9e:30:40:9d:be:52:cc:
dc:ad:c9:4e:62:96:ce:8c:83:12:d9:8e:f2:0d:97:
41:e0:60:4e:85:9b:b1:94:9f:46:80:02:a0:c5:2f:
87:7b:67:9e:10:97:e7:d6:79:ab:a6:32:22:fe:b3:
1a:f7:39:72:c2:dd:56:b3:8f:74:49:9b:c3:5f:bd:
5f:ca:44:df:29:5e:9c:2f:f6:20:33:c6:cc:bd:b8:
06:8c:00:a9:3d:f8:86:e5:9d:3d:5d:f5:d2:38:0b:
71:52:1f:2e:28:a2:6a:e8:eb:10:24:f6:c1:ea:30:
10:c6:98:c0:63:11:d6:2a:2f:bf:96:cc:f4:f2:6f:
50:47:ed:e6:33:74:76:9a:1a:b7:a1:82:93:3a:ad:
9d:0b:21:2c:60:bc:cc:81:21:f7:90:e1:dd:ce:06:
f9:f0:47:c3:49:de:94:64:65:a9:85:62:16:88:62:
3a:6e:52:e8:ba:96:be:5e:b5:bc:b8:73:73:55:99:
d7:b0:19:38:87:bc:4f:c2:5a:be:dc:b3:24:ed:4b:
60:53:a5:78:f4:e3:62:2a:d9:b7:d6:16:ff:77:d7:
3b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:90:93:23:EC:88:A1:A5:61:5D:46:B2:CE:09:E8:E6:C7:CA:E6:39
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/6pCTI-yIoaVhXUayzgno5sfK5jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1e:8f:be:ea:d5:de:13:f2:d6:92:40:36:01:5b:7c:52:b9:94:
47:57:72:5a:6c:f1:fc:da:a0:03:25:7a:ea:85:75:dc:f9:9b:
fe:0a:2f:3d:ad:f3:77:91:c0:bb:ed:40:ec:99:56:5e:fb:5d:
17:1a:f0:2b:ad:94:a8:a0:03:df:6b:59:80:4f:6d:f9:5a:10:
5a:b7:29:de:fb:cd:4e:82:c3:69:2c:97:23:2f:d7:a3:0f:86:
95:d2:4b:ba:b5:cd:42:56:0b:06:e1:02:ff:66:f1:d7:0c:9f:
62:f7:79:88:dc:34:85:b7:0f:1e:8e:01:5e:4b:29:00:fb:f2:
c4:43:60:b1:95:b4:2b:91:64:8e:f9:86:74:14:dd:75:40:ac:
9b:c6:fe:b3:5b:77:3c:dc:69:df:99:d6:89:a3:40:71:fd:83:
8a:70:d2:27:2c:a4:ac:5e:2b:c6:99:23:a9:60:7a:04:44:fb:
82:91:aa:63:c6:0d:d7:f2:49:c7:e0:6a:2b:24:21:b4:5f:32:
bc:a4:b7:cb:54:63:29:19:0e:8c:20:d1:cf:f0:0c:48:ed:af:
36:d5:eb:a9:99:7a:76:c1:56:97:97:44:b7:39:db:7a:6e:be:
55:bd:33:cb:39:96:f4:b1:27:6f:32:49:c5:68:2b:c6:00:5b:
77:11:bb:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0gJP6zBcWheFC/r/r3YU/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE5MDUxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTkwOTMyM2VjODhhMWE1NjE1ZDQ2YjJjZTA5ZThlNmM3Y2FlNjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2csdC2EUqLcrjouMBoTzYE0OPnL
Kmzx93erWwtY6J0+O5x5dp4wQJ2+UszcrclOYpbOjIMS2Y7yDZdB4GBOhZuxlJ9G
gAKgxS+He2eeEJfn1nmrpjIi/rMa9zlywt1Ws490SZvDX71fykTfKV6cL/YgM8bM
vbgGjACpPfiG5Z09XfXSOAtxUh8uKKJq6OsQJPbB6jAQxpjAYxHWKi+/lsz08m9Q
R+3mM3R2mhq3oYKTOq2dCyEsYLzMgSH3kOHdzgb58EfDSd6UZGWphWIWiGI6blLo
upa+XrW8uHNzVZnXsBk4h7xPwlq+3LMk7UtgU6V49ONiKtm31hb/d9c7swIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOqQkyPsiKGlYV1Gss4J6ObHyuY5MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNnBDVEkteUlvYVZoWFVheXpnbm81c2ZLNWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB6PvurV3hPy1pJANgFb
fFK5lEdXclps8fzaoAMleuqFddz5m/4KLz2t83eRwLvtQOyZVl77XRca8CutlKig
A99rWYBPbflaEFq3Kd77zU6Cw2kslyMv16MPhpXSS7q1zUJWCwbhAv9m8dcMn2L3
eYjcNIW3Dx6OAV5LKQD78sRDYLGVtCuRZI75hnQU3XVArJvG/rNbdzzcad+Z1omj
QHH9g4pw0icspKxeK8aZI6lgegRE+4KRqmPGDdfyScfgaiskIbRfMrykt8tUYykZ
Dowg0c/wDEjtrzbV66mZenbBVpeXRLc523puvlW9M8s5lvSxJ28yScVoK8YAW3cR
u7A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:38 2025 by rpki-client