Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7RukEdNBllC-spwl5W2EdUbDFiQ.roa
File: 7RukEdNBllC-spwl5W2EdUbDFiQ.roa (raw, json)
Hash identifier: Bsx17P0HlqH8mRgFSfVlvBXMYc0GWLJM+tjynV4OGs0=
Subject key identifier: ED:1B:A4:11:D3:41:96:50:BE:B2:9C:25:E5:6D:84:75:46:C3:16:24
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E6C8209C6214441E090CD9CC956828698
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7RukEdNBllC-spwl5W2EdUbDFiQ.roa
Signing time: Sat 23 Mar 2024 18:10:45 +0000
ROA not before: Sat 23 Mar 2024 18:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6c:82:09:c6:21:44:41:e0:90:cd:9c:c9:56:82:86:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 23 18:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed1ba411d3419650beb29c25e56d847546c31624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a7:ef:9e:cb:85:35:55:1e:a4:3e:36:ec:72:
99:98:b8:cb:9a:77:b7:a6:d9:ec:29:fc:bd:7c:05:
67:77:fe:48:28:6e:9c:6c:9a:46:08:ad:bb:cd:0c:
fd:d7:6b:35:e9:58:2e:c5:fc:05:5f:c1:e9:28:a1:
c8:bd:de:fb:83:51:19:83:f9:2a:4c:ec:7c:00:26:
96:77:ba:78:67:a5:17:f5:4f:f0:df:20:94:c6:20:
d6:05:90:3f:a4:82:da:61:96:23:dd:f5:0d:29:8a:
87:6c:1a:f0:d0:1c:88:b6:bc:34:dc:a8:64:d3:9a:
21:17:d8:94:5f:38:48:0e:10:37:47:57:03:86:5a:
89:5e:aa:1c:f9:a7:a3:d8:df:9d:6a:a2:08:0d:bc:
3c:ca:db:e2:7b:55:5a:ed:8e:27:ba:ab:6d:63:17:
c3:b4:4a:c5:34:cd:fc:20:6d:8b:14:07:bf:1e:74:
5a:e2:13:a0:c2:7a:8d:5e:10:8f:c8:48:a5:00:a1:
23:3b:c8:1f:5b:82:f2:23:42:ff:f1:bf:a2:d1:3d:
87:78:d7:5a:c4:d5:4c:57:b6:2c:e1:80:c8:9a:6c:
d3:88:a1:1b:16:41:82:5f:a6:6a:9c:24:f3:29:dd:
6e:6c:c1:6d:c3:7e:d6:6b:63:f5:d8:7f:72:44:db:
85:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:1B:A4:11:D3:41:96:50:BE:B2:9C:25:E5:6D:84:75:46:C3:16:24
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7RukEdNBllC-spwl5W2EdUbDFiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:79:66:63:63:ec:db:94:85:fc:03:93:b2:6a:58:ff:09:5e:
3c:5d:0f:93:b9:d8:d6:2e:ed:a2:59:3e:f1:b0:d7:3f:11:ee:
72:7d:dd:6e:c2:78:f2:b2:4b:31:28:cd:54:ae:1d:3e:b6:cc:
49:0a:6a:84:cd:79:8a:74:b5:99:12:67:80:db:91:60:a4:c2:
d5:03:9f:6e:90:16:35:5c:2e:f3:a0:9a:52:19:85:db:e4:43:
5f:8d:80:77:bc:a3:38:57:94:be:e5:75:1b:48:4e:f9:4c:55:
99:1b:0e:72:f1:b6:9f:f1:3a:32:40:92:5a:07:20:33:65:98:
0a:77:6f:4e:76:62:1e:1a:86:e1:6a:07:ca:5d:0a:0b:23:ce:
20:74:86:d1:cc:bc:50:ad:10:3d:55:e5:b9:69:db:c3:95:de:
de:32:a0:7e:f2:25:22:d7:02:40:5f:b0:8d:7b:7b:2a:04:a5:
25:d5:5f:44:99:8c:eb:a7:7d:a9:c0:36:ba:75:6f:39:c9:a4:
47:23:cb:94:1a:72:bd:be:43:99:ef:f4:e9:ec:31:da:1f:7d:
a0:11:ec:5b:e7:e5:ae:8c:61:f6:e3:89:60:cb:29:fc:01:89:
67:64:05:61:37:fb:d5:4b:75:3a:a5:e0:46:fa:6e:63:2e:44:
af:aa:b6:6a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5sggnGIURB4JDNnMlWgoaYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIzMTgxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDFiYTQxMWQzNDE5NjUwYmViMjljMjVlNTZkODQ3NTQ2YzMxNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqfvnsuFNVUepD427HKZmLjLmne3
ptnsKfy9fAVnd/5IKG6cbJpGCK27zQz912s16VguxfwFX8HpKKHIvd77g1EZg/kq
TOx8ACaWd7p4Z6UX9U/w3yCUxiDWBZA/pILaYZYj3fUNKYqHbBrw0ByItrw03Khk
05ohF9iUXzhIDhA3R1cDhlqJXqoc+aej2N+daqIIDbw8ytvie1Va7Y4nuqttYxfD
tErFNM38IG2LFAe/HnRa4hOgwnqNXhCPyEilAKEjO8gfW4LyI0L/8b+i0T2HeNda
xNVMV7Ys4YDImmzTiKEbFkGCX6ZqnCTzKd1ubMFtw37Wa2P12H9yRNuFGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO0bpBHTQZZQvrKcJeVthHVGwxYkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvN1J1a0VkTkJsbEMtc3B3bDVXMkVkVWJERmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGN5ZmNj7NuUhfwDk7Jq
WP8JXjxdD5O52NYu7aJZPvGw1z8R7nJ93W7CePKySzEozVSuHT62zEkKaoTNeYp0
tZkSZ4DbkWCkwtUDn26QFjVcLvOgmlIZhdvkQ1+NgHe8ozhXlL7ldRtITvlMVZkb
DnLxtp/xOjJAkloHIDNlmAp3b052Yh4ahuFqB8pdCgsjziB0htHMvFCtED1V5blp
28OV3t4yoH7yJSLXAkBfsI17eyoEpSXVX0SZjOunfanANrp1bznJpEcjy5Qacr2+
Q5nv9OnsMdoffaAR7Fvn5a6MYfbjiWDLKfwBiWdkBWE3+9VLdTql4Eb6bmMuRK+q
tmo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:37 2025 by rpki-client