Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7ZsfvEuS1KjlLItnCYW8OjQnYiQ.roa
File: 7ZsfvEuS1KjlLItnCYW8OjQnYiQ.roa (raw, json)
Hash identifier: A0fkPrB36MoJAt5q2HcftkcwxeMhXLg0fRSCjsSVUI4=
Subject key identifier: ED:9B:1F:BC:4B:92:D4:A8:E5:2C:8B:67:09:85:BC:3A:34:27:62:24
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DE05F566752873D9563E4A1485F7F3BFE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7ZsfvEuS1KjlLItnCYW8OjQnYiQ.roa
Signing time: Sun 25 Feb 2024 13:06:00 +0000
ROA not before: Sun 25 Feb 2024 13:06:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e0:5f:56:67:52:87:3d:95:63:e4:a1:48:5f:7f:3b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 13:06:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed9b1fbc4b92d4a8e52c8b670985bc3a34276224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d7:15:39:da:85:6e:89:bb:f0:67:40:d3:84:
cc:37:27:ff:e8:d5:8d:d1:2b:96:a1:48:47:bd:79:
77:48:0f:23:8c:e8:2a:0b:99:c0:cf:e0:a5:a9:aa:
ea:e3:c2:26:1e:c1:52:c3:40:76:06:ff:a1:8d:93:
83:bf:95:a7:d1:18:24:21:93:1b:2c:c5:56:a2:1c:
46:b1:a7:2d:fe:e0:0d:34:fc:20:27:3d:a0:07:fa:
87:a7:e8:94:41:47:5c:93:16:1f:0c:cf:f9:1a:9c:
e2:7f:f4:b3:8b:fc:09:ab:c2:89:1d:d8:c5:af:91:
c5:fd:5c:99:76:f2:44:13:14:a3:76:4c:c0:84:79:
f0:20:9e:98:88:68:e5:1a:54:3a:e8:f8:be:c5:ea:
54:a9:dc:60:4d:da:22:ab:c9:8f:a3:a8:45:ab:1d:
46:ce:8d:e5:ae:02:ed:4a:24:7e:f8:e7:19:7b:4e:
00:b3:43:5c:f7:c3:bf:8d:31:fb:8a:b9:e6:30:eb:
b6:74:61:a3:12:bb:53:f9:0e:cb:85:fb:64:76:a8:
a7:14:c4:14:ff:87:c9:59:9b:36:ba:33:60:2e:e6:
1a:97:de:3f:dd:13:30:d0:6c:48:de:56:2d:21:05:
b1:c2:7d:a3:c0:a5:fd:41:d4:26:ac:d1:81:c7:35:
69:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:9B:1F:BC:4B:92:D4:A8:E5:2C:8B:67:09:85:BC:3A:34:27:62:24
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7ZsfvEuS1KjlLItnCYW8OjQnYiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
98:4e:f7:31:7b:7a:be:55:ce:02:d3:fd:3b:93:24:e9:5a:00:
6c:c4:e6:2b:a5:98:eb:c9:74:be:d5:1e:11:50:30:6e:17:d8:
a5:0a:38:e8:40:bc:c0:e0:c0:47:f2:06:66:13:a1:54:10:41:
59:a2:db:98:2a:62:e5:ef:9c:ae:38:82:f3:7b:6b:87:ce:a7:
1d:c5:f6:a1:ff:3a:94:5d:c2:d1:0d:52:13:b1:f2:09:f8:0b:
f7:b0:2c:f9:de:33:5f:85:b2:7c:d9:aa:0d:08:f6:f5:ae:89:
60:fb:ef:b0:1b:7a:04:ee:ba:33:8e:61:33:a0:15:8f:3f:c2:
6c:ff:94:6a:fe:99:74:6e:7d:70:19:a3:82:32:7d:c2:ff:54:
2a:74:f5:f7:9d:cf:63:7e:e2:e0:c4:50:1b:c3:b2:3c:93:3f:
9e:09:9f:42:17:61:b0:e6:37:c3:2c:9b:b9:11:d6:7c:46:e6:
6c:65:2d:86:41:06:28:0a:f5:32:61:d6:6b:f7:2c:eb:eb:5c:
8c:48:e5:97:11:08:06:18:0e:73:b3:17:e3:87:f4:94:2b:5f:
3f:fd:08:c2:2b:64:a2:d8:c6:d4:bc:b5:88:57:1e:0d:aa:08:
6d:0d:be:03:d0:49:e1:7a:39:ee:95:f1:4b:cc:92:4f:09:2b:
c1:71:17:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3gX1ZnUoc9lWPkoUhffzv+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MTMwNjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDliMWZiYzRiOTJkNGE4ZTUyYzhiNjcwOTg1YmMzYTM0Mjc2MjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNcVOdqFbom78GdA04TMNyf/6NWN
0SuWoUhHvXl3SA8jjOgqC5nAz+Clqarq48ImHsFSw0B2Bv+hjZODv5Wn0RgkIZMb
LMVWohxGsact/uANNPwgJz2gB/qHp+iUQUdckxYfDM/5Gpzif/Szi/wJq8KJHdjF
r5HF/VyZdvJEExSjdkzAhHnwIJ6YiGjlGlQ66Pi+xepUqdxgTdoiq8mPo6hFqx1G
zo3lrgLtSiR++OcZe04As0Nc98O/jTH7irnmMOu2dGGjErtT+Q7LhftkdqinFMQU
/4fJWZs2ujNgLuYal94/3RMw0GxI3lYtIQWxwn2jwKX9QdQmrNGBxzVp7wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO2bH7xLktSo5SyLZwmFvDo0J2IkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvN1pzZnZFdVMxS2psTEl0bkNZVzhPalFuWWlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJhO9zF7er5VzgLT/TuT
JOlaAGzE5iulmOvJdL7VHhFQMG4X2KUKOOhAvMDgwEfyBmYToVQQQVmi25gqYuXv
nK44gvN7a4fOpx3F9qH/OpRdwtENUhOx8gn4C/ewLPneM1+FsnzZqg0I9vWuiWD7
77AbegTuujOOYTOgFY8/wmz/lGr+mXRufXAZo4IyfcL/VCp09fedz2N+4uDEUBvD
sjyTP54Jn0IXYbDmN8Msm7kR1nxG5mxlLYZBBigK9TJh1mv3LOvrXIxI5ZcRCAYY
DnOzF+OH9JQrXz/9CMIrZKLYxtS8tYhXHg2qCG0NvgPQSeF6Oe6V8UvMkk8JK8Fx
F8c=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:07:25 2025 by rpki-client