Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7TaZfYUZxgFoZjCpTDjXJaQFSyc.roa
File: 7TaZfYUZxgFoZjCpTDjXJaQFSyc.roa (raw, json)
Hash identifier: JXcxuCioiCb4c/RXQ0tR8BCAy+2KxRL4ZPdZj+VgwaQ=
Subject key identifier: ED:36:99:7D:85:19:C6:01:68:66:30:A9:4C:38:D7:25:A4:05:4B:27
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D4B0DEA94657FD1777300E5555AB43090
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7TaZfYUZxgFoZjCpTDjXJaQFSyc.roa
Signing time: Sat 27 Jan 2024 13:13:39 +0000
ROA not before: Sat 27 Jan 2024 13:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4b:0d:ea:94:65:7f:d1:77:73:00:e5:55:5a:b4:30:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 27 13:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed36997d8519c601686630a94c38d725a4054b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0b:bd:4f:1b:39:c1:9f:b3:67:9d:a8:68:5e:
d4:f2:92:5a:4e:23:d0:c8:4b:0a:a0:ff:17:f1:8a:
9d:f4:ad:96:a2:68:aa:fa:a2:59:60:8b:93:ee:f6:
e1:1f:9c:5d:c4:83:51:04:79:c1:5f:00:e7:1d:96:
5f:d1:af:ea:e8:ab:fc:8b:55:9f:23:86:f8:cd:8c:
e5:ad:68:98:72:4b:db:25:1a:40:ed:e2:0a:49:35:
71:e5:51:1b:a6:54:66:4d:75:c9:c5:64:04:b9:84:
70:e2:c7:af:c5:64:88:c0:27:e6:52:35:9a:22:c5:
c4:02:d6:70:f9:23:73:1e:12:49:46:ed:e6:19:c8:
bf:ce:be:83:80:7a:2e:94:65:7d:93:5d:99:6e:bb:
d9:10:0e:f3:5e:eb:6d:b0:ab:41:39:77:f0:1d:ec:
e5:ed:a4:98:91:7b:ff:d2:74:8a:71:e2:3e:8e:46:
c6:fd:52:63:31:a9:3c:55:21:34:f5:48:1e:e8:7b:
41:0f:3a:d4:b1:4e:f6:18:6e:c7:a9:70:10:7c:d8:
7e:b3:68:ca:26:24:15:aa:1f:f7:2a:bc:bc:4e:c2:
75:13:8e:e2:64:a7:40:d3:f0:25:c9:0c:c7:b7:be:
99:50:d3:c0:3c:78:41:95:b3:5c:16:d6:23:01:98:
c9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:36:99:7D:85:19:C6:01:68:66:30:A9:4C:38:D7:25:A4:05:4B:27
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7TaZfYUZxgFoZjCpTDjXJaQFSyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:71:2c:b2:c5:c0:3c:dc:7d:90:f2:8b:e9:9f:d0:67:ee:5f:
a6:7a:2a:87:f2:50:83:3b:f2:1a:1f:6e:6f:53:4d:90:ab:c8:
8a:7d:70:97:fa:56:1d:5a:b5:3e:89:9c:bb:d1:ac:09:24:70:
77:17:83:10:32:7e:a1:ec:d6:8a:6e:90:a8:10:61:60:ce:eb:
fc:30:95:65:51:46:f6:cc:f5:6e:9f:44:44:f8:f9:74:6c:a0:
77:3b:27:ff:c1:09:8f:ee:af:3b:6c:03:22:91:07:e7:75:8f:
9b:23:84:4a:45:13:a8:14:8a:f3:08:64:d9:c8:a6:a0:f7:c8:
dc:c4:74:f4:08:0c:f6:6e:2e:a1:b9:f4:bb:ea:54:63:9e:9f:
52:16:30:5f:9d:b4:75:75:13:4c:52:07:1c:b5:7a:70:cc:5b:
7b:7a:49:ef:ee:4e:10:6e:1b:29:91:16:5c:b3:86:c0:a2:bb:
43:d2:14:01:f3:c0:6e:05:6f:19:d5:5f:9b:88:ad:9c:ba:44:
26:2e:a9:57:52:4e:c5:ae:4c:14:fb:02:4a:3f:d0:73:94:92:
81:90:c5:02:93:97:5d:98:b3:0a:d3:17:81:7f:22:57:a5:49:
0a:d0:c2:c3:98:9b:07:0d:9f:24:47:80:6f:04:05:cb:53:3b:
82:24:78:b3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1LDeqUZX/Rd3MA5VVatDCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI3MTMxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDM2OTk3ZDg1MTljNjAxNjg2NjMwYTk0YzM4ZDcyNWE0MDU0YjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gu9Txs5wZ+zZ52oaF7U8pJaTiPQ
yEsKoP8X8Yqd9K2Womiq+qJZYIuT7vbhH5xdxINRBHnBXwDnHZZf0a/q6Kv8i1Wf
I4b4zYzlrWiYckvbJRpA7eIKSTVx5VEbplRmTXXJxWQEuYRw4sevxWSIwCfmUjWa
IsXEAtZw+SNzHhJJRu3mGci/zr6DgHoulGV9k12ZbrvZEA7zXuttsKtBOXfwHezl
7aSYkXv/0nSKceI+jkbG/VJjMak8VSE09Uge6HtBDzrUsU72GG7HqXAQfNh+s2jK
JiQVqh/3Kry8TsJ1E47iZKdA0/AlyQzHt76ZUNPAPHhBlbNcFtYjAZjJFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO02mX2FGcYBaGYwqUw41yWkBUsnMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvN1RhWmZZVVp4Z0ZvWmpDcFREalhKYVFGU3ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI5xLLLFwDzcfZDyi+mf
0GfuX6Z6KofyUIM78hofbm9TTZCryIp9cJf6Vh1atT6JnLvRrAkkcHcXgxAyfqHs
1opukKgQYWDO6/wwlWVRRvbM9W6fRET4+XRsoHc7J//BCY/urztsAyKRB+d1j5sj
hEpFE6gUivMIZNnIpqD3yNzEdPQIDPZuLqG59LvqVGOen1IWMF+dtHV1E0xSBxy1
enDMW3t6Se/uThBuGymRFlyzhsCiu0PSFAHzwG4FbxnVX5uIrZy6RCYuqVdSTsWu
TBT7Ako/0HOUkoGQxQKTl12YswrTF4F/IlelSQrQwsOYmwcNnyRHgG8EBctTO4Ik
eLM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:33 2025 by rpki-client