Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/72BBCVcjXSvj5Sq6fCPFB0cHcag.roa
File: 72BBCVcjXSvj5Sq6fCPFB0cHcag.roa (raw, json)
Hash identifier: Ddu+taqDdrO+frV27AIdFdFlGZcr9ZdP2EcVkwfH7Os=
Subject key identifier: EF:60:41:09:57:23:5D:2B:E3:E5:2A:BA:7C:23:C5:07:47:07:71:A8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C932AB2E7275EBA7BC3FEB6166729CD0F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/72BBCVcjXSvj5Sq6fCPFB0cHcag.roa
Signing time: Fri 22 Dec 2023 20:14:58 +0000
ROA not before: Fri 22 Dec 2023 20:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:93:2a:b2:e7:27:5e:ba:7b:c3:fe:b6:16:67:29:cd:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 20:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef60410957235d2be3e52aba7c23c507470771a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:91:6c:ce:09:db:50:9b:f5:a7:01:35:76:94:
5d:56:56:1b:5d:7a:91:e5:53:cf:94:99:ab:1c:20:
d3:c4:e5:b8:71:93:0e:45:40:46:9e:dd:9b:64:bc:
5e:8b:f4:28:c1:71:fa:76:40:75:50:34:a6:8a:2e:
b4:ac:66:63:55:73:85:06:c3:fe:fe:47:cd:8f:48:
24:c1:f1:e4:75:c2:2e:0b:39:05:f0:67:cd:fb:fe:
c3:e7:23:7e:79:ce:14:26:b0:cb:1c:51:38:8d:de:
93:8b:33:85:98:2c:17:d5:7e:87:e4:d7:53:ea:b1:
0c:a6:90:6b:7b:43:60:b4:f6:e6:68:92:6f:b2:a4:
1a:6c:bc:6a:c5:cb:54:6c:6b:e5:be:0d:42:ef:b4:
3e:30:06:d2:15:96:90:39:66:73:60:cd:48:51:df:
02:49:51:c0:b0:74:19:75:73:e0:49:01:13:b6:31:
34:76:6b:cb:69:98:45:b1:d6:97:d9:00:04:be:b7:
d9:48:cd:32:83:c7:8b:0b:6c:69:47:0b:f8:11:c2:
17:eb:ec:40:d3:26:e8:9b:fd:0d:9c:bc:41:a5:0d:
f2:4c:d0:11:f7:3c:f5:5a:b3:75:38:7a:66:c2:98:
aa:1c:bf:b3:78:fb:27:53:de:15:10:04:d1:10:76:
75:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:60:41:09:57:23:5D:2B:E3:E5:2A:BA:7C:23:C5:07:47:07:71:A8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/72BBCVcjXSvj5Sq6fCPFB0cHcag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:2d:fa:be:cc:30:2d:ba:8c:8b:4e:cf:96:09:ae:3c:a0:c2:
35:30:fb:4e:86:f9:02:c9:28:92:c0:e9:fc:58:da:44:32:cb:
cb:e5:23:ca:29:71:74:cd:cf:c3:22:a5:f6:60:1b:be:a0:e8:
37:95:24:3b:af:96:77:3f:66:f8:e0:90:4e:38:13:13:42:d9:
24:4e:fc:bb:e8:85:23:da:c0:3c:f5:85:9a:bf:26:2b:4a:1a:
af:0e:80:02:a3:a9:68:27:13:f6:cb:c7:21:bd:d0:ac:74:b8:
35:eb:03:a4:28:c4:70:e7:4a:5c:1f:0f:71:38:2e:f4:4d:63:
3f:14:af:a4:ef:c6:c9:7a:00:b3:1d:6e:39:e4:68:72:0f:79:
d0:05:3d:60:4a:48:84:a8:e4:32:7a:95:ce:25:64:72:8b:b4:
1c:89:35:e4:b3:4c:bc:9f:fc:f5:f1:69:77:0e:86:c0:18:b7:
23:c0:90:d0:dd:27:6d:3a:f2:c4:74:92:68:59:1a:38:f0:0b:
33:11:43:28:77:f7:92:16:34:62:ba:c8:36:9d:66:98:ca:3f:
8d:ad:9e:d2:f2:55:6f:b5:13:c5:5d:06:39:72:64:e7:30:52:
66:32:3a:f9:a5:d2:f7:a5:45:95:80:ca:9f:a1:3c:c6:60:0d:
b9:a5:24:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyTKrLnJ166e8P+thZnKc0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMjAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYwNDEwOTU3MjM1ZDJiZTNlNTJhYmE3YzIzYzUwNzQ3MDc3MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJFszgnbUJv1pwE1dpRdVlYbXXqR
5VPPlJmrHCDTxOW4cZMORUBGnt2bZLxei/QowXH6dkB1UDSmii60rGZjVXOFBsP+
/kfNj0gkwfHkdcIuCzkF8GfN+/7D5yN+ec4UJrDLHFE4jd6TizOFmCwX1X6H5NdT
6rEMppBre0NgtPbmaJJvsqQabLxqxctUbGvlvg1C77Q+MAbSFZaQOWZzYM1IUd8C
SVHAsHQZdXPgSQETtjE0dmvLaZhFsdaX2QAEvrfZSM0yg8eLC2xpRwv4EcIX6+xA
0ybom/0NnLxBpQ3yTNAR9zz1WrN1OHpmwpiqHL+zePsnU94VEATREHZ18wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO9gQQlXI10r4+UqunwjxQdHB3GoMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvNzJCQkNWY2pYU3ZqNVNxNmZDUEZCMGNIY2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFIt+r7MMC26jItOz5YJ
rjygwjUw+06G+QLJKJLA6fxY2kQyy8vlI8opcXTNz8MipfZgG76g6DeVJDuvlnc/
ZvjgkE44ExNC2SRO/LvohSPawDz1hZq/JitKGq8OgAKjqWgnE/bLxyG90Kx0uDXr
A6QoxHDnSlwfD3E4LvRNYz8Ur6Tvxsl6ALMdbjnkaHIPedAFPWBKSISo5DJ6lc4l
ZHKLtByJNeSzTLyf/PXxaXcOhsAYtyPAkNDdJ2068sR0kmhZGjjwCzMRQyh395IW
NGK6yDadZpjKP42tntLyVW+1E8VdBjlyZOcwUmYyOvml0velRZWAyp+hPMZgDbml
JMo=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:46 2025 by rpki-client