Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7SEF8I1BpUtU-V4Erj7Eh9opmMQ.roa
File: 7SEF8I1BpUtU-V4Erj7Eh9opmMQ.roa (raw, json)
Hash identifier: gq8X7XHNfinrI2p/I5n1UPgJ455uXyOsLoPBGSeDqbE=
Subject key identifier: ED:21:05:F0:8D:41:A5:4B:54:F9:5E:04:AE:3E:C4:87:DA:29:98:C4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E22ED7160E10498A804707A386D408017
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7SEF8I1BpUtU-V4Erj7Eh9opmMQ.roa
Signing time: Sat 09 Mar 2024 11:16:10 +0000
ROA not before: Sat 09 Mar 2024 11:16:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:22:ed:71:60:e1:04:98:a8:04:70:7a:38:6d:40:80:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 9 11:16:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed2105f08d41a54b54f95e04ae3ec487da2998c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:29:49:ff:65:e4:86:32:c2:12:c9:90:4d:92:
b7:09:48:df:41:3d:e2:e6:85:8a:39:98:05:b4:74:
2e:e4:e6:da:e5:5c:aa:b7:5a:d3:fa:ff:90:85:5e:
9d:06:a3:ea:2f:fe:73:9d:e8:b8:7c:d2:21:f5:9e:
76:5d:46:ce:c7:f3:c2:15:33:d7:65:a2:27:a1:d6:
d9:29:24:98:5e:b5:70:65:9a:33:3c:29:12:23:49:
25:8b:ec:41:31:02:d3:20:dc:7e:38:47:07:6d:c0:
6f:31:7f:78:d4:06:f4:8f:2e:1c:5b:3d:db:80:2f:
ee:8d:93:96:2d:db:ce:67:b4:e6:92:c6:cc:d1:e1:
7a:ed:ac:26:16:9f:9d:1a:ea:f7:04:93:a1:ec:17:
3a:be:5b:38:19:32:66:cb:47:e7:ba:1e:87:ba:78:
a0:f0:5e:79:94:c3:74:28:95:de:bf:9d:e8:be:8c:
56:34:00:49:ba:a8:c8:64:8b:bf:a4:9b:6c:b3:6b:
18:be:02:15:a8:5f:ed:78:00:02:dc:ee:7b:6e:72:
42:2f:f5:02:ac:d2:2b:b6:e9:ad:f9:3f:c9:49:3f:
7d:c7:b3:3e:05:80:41:93:39:a9:fa:94:d3:7a:29:
fe:c0:f9:f1:53:d7:ec:e3:b5:4a:9c:4d:20:2d:f5:
e6:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:21:05:F0:8D:41:A5:4B:54:F9:5E:04:AE:3E:C4:87:DA:29:98:C4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7SEF8I1BpUtU-V4Erj7Eh9opmMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:6a:60:9e:13:7d:a0:f2:2c:b6:a3:64:4b:68:89:4e:de:69:
ef:7d:fb:ff:ee:65:37:97:3a:6e:72:fb:58:94:69:33:1c:51:
9a:ac:c3:bf:84:2f:ab:23:19:4a:4d:77:a7:0a:ed:8f:15:9b:
ec:72:68:fb:8e:0b:8e:11:ed:e7:08:e6:93:a8:80:a8:51:3a:
06:38:cc:93:8a:f9:98:63:eb:aa:5a:0c:46:15:22:58:b5:1a:
d6:16:1b:47:ac:69:14:30:37:54:96:9b:f1:7a:70:b8:bb:8a:
2b:88:b3:25:95:43:a7:21:2c:fe:25:50:8f:3c:dd:1c:2f:30:
4b:2f:04:b8:b3:bf:61:59:0e:23:07:1f:90:f9:b6:01:da:dc:
ff:c1:b0:72:72:f5:0f:9a:46:2b:14:54:80:a7:24:47:06:48:
d3:8c:4b:ba:9f:4b:91:e2:03:d4:38:d8:71:8a:ce:44:b7:72:
e7:ea:bd:8e:e7:fb:ab:ef:d0:a5:07:08:f4:d3:12:c6:18:0f:
81:c9:e1:49:48:f3:51:eb:2d:b4:da:be:22:74:1f:e0:a7:45:
0e:00:6c:81:97:dc:73:4b:93:21:f5:b6:6b:6f:b4:64:ac:9e:
19:f6:79:63:2b:67:3a:e1:03:3b:45:1a:f6:38:66:24:40:65:
0e:34:18:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4i7XFg4QSYqARwejhtQIAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA5MTExNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDIxMDVmMDhkNDFhNTRiNTRmOTVlMDRhZTNlYzQ4N2RhMjk5OGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApylJ/2XkhjLCEsmQTZK3CUjfQT3i
5oWKOZgFtHQu5Oba5Vyqt1rT+v+QhV6dBqPqL/5znei4fNIh9Z52XUbOx/PCFTPX
ZaInodbZKSSYXrVwZZozPCkSI0kli+xBMQLTINx+OEcHbcBvMX941Ab0jy4cWz3b
gC/ujZOWLdvOZ7TmksbM0eF67awmFp+dGur3BJOh7Bc6vls4GTJmy0fnuh6Hunig
8F55lMN0KJXev53ovoxWNABJuqjIZIu/pJtss2sYvgIVqF/teAAC3O57bnJCL/UC
rNIrtumt+T/JST99x7M+BYBBkzmp+pTTein+wPnxU9fs47VKnE0gLfXm4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO0hBfCNQaVLVPleBK4+xIfaKZjEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvN1NFRjhJMUJwVXRVLVY0RXJqN0VoOW9wbU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAElqYJ4TfaDyLLajZEto
iU7eae99+//uZTeXOm5y+1iUaTMcUZqsw7+EL6sjGUpNd6cK7Y8Vm+xyaPuOC44R
7ecI5pOogKhROgY4zJOK+Zhj66paDEYVIli1GtYWG0esaRQwN1SWm/F6cLi7iiuI
syWVQ6chLP4lUI883RwvMEsvBLizv2FZDiMHH5D5tgHa3P/BsHJy9Q+aRisUVICn
JEcGSNOMS7qfS5HiA9Q42HGKzkS3cufqvY7n+6vv0KUHCPTTEsYYD4HJ4UlI81Hr
LbTaviJ0H+CnRQ4AbIGX3HNLkyH1tmtvtGSsnhn2eWMrZzrhAztFGvY4ZiRAZQ40
GKs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:44:51 2025 by rpki-client