Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7kLosZKi2FMLjvIac6W54txyKjA.roa
File: 7kLosZKi2FMLjvIac6W54txyKjA.roa (raw, json)
Hash identifier: 9UvO5dIS4Tv3+fN9Yzw4WNxdfgbc2GdnugrhkLiQNyA=
Subject key identifier: EE:42:E8:B1:92:A2:D8:53:0B:8E:F2:1A:73:A5:B9:E2:DC:72:2A:30
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D913AF0AEBB2B7876B4E0C8DC513F1EF8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7kLosZKi2FMLjvIac6W54txyKjA.roa
Signing time: Sat 10 Feb 2024 04:16:15 +0000
ROA not before: Sat 10 Feb 2024 04:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:91:3a:f0:ae:bb:2b:78:76:b4:e0:c8:dc:51:3f:1e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 10 04:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee42e8b192a2d8530b8ef21a73a5b9e2dc722a30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:03:0a:3a:e9:6b:70:1f:f5:f7:d2:a6:31:4f:
20:ba:ed:df:49:6e:f7:cd:51:7b:d3:a3:31:1a:ea:
28:53:04:ad:62:e6:16:f3:78:8c:e9:ec:1e:c7:09:
c4:c7:1c:e1:4f:82:47:7c:91:cd:21:3c:d8:7d:0a:
54:1b:b8:d4:6b:6b:7f:ac:d1:f9:a1:45:b3:35:ad:
85:6b:c8:0e:4c:db:b4:d7:ee:05:de:13:e5:95:42:
84:b7:f6:24:0b:68:8c:17:b6:bb:14:80:68:ba:6c:
31:f1:ce:8a:e8:13:b9:ac:b8:6b:e8:52:38:7a:c3:
f3:0c:dc:64:b1:4b:60:bf:06:63:2d:fa:84:28:5f:
d5:3f:ec:78:10:e9:20:05:0f:23:75:02:63:fc:28:
5e:9a:42:81:2a:0a:83:ce:a5:ae:f8:80:9c:52:a1:
33:13:0c:d2:bb:96:4d:8f:2c:0b:21:70:5c:c0:7e:
4e:aa:20:c1:e8:51:7c:4d:81:11:32:2a:0b:85:59:
4f:c7:4d:31:f1:f1:64:c5:6c:1c:70:e7:7a:99:91:
86:c6:16:47:8a:58:ab:6d:4a:7a:95:f9:12:13:01:
5c:d2:c2:a3:09:fe:a2:8d:f2:6c:61:8b:76:5b:f6:
9b:75:2a:ed:8f:66:90:7e:bb:7a:45:cd:a8:07:62:
1f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:42:E8:B1:92:A2:D8:53:0B:8E:F2:1A:73:A5:B9:E2:DC:72:2A:30
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7kLosZKi2FMLjvIac6W54txyKjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7d:fc:11:22:52:4c:da:cc:b3:9a:b9:90:66:6e:f6:c5:88:59:
3f:ff:4e:d4:77:7f:c5:ae:5b:2d:10:74:4b:e8:ee:05:d7:34:
4b:c6:22:39:44:db:b0:d0:04:77:d4:7e:91:7d:a1:6f:51:e4:
60:b8:ec:27:59:cd:c9:ba:43:ff:26:45:3b:8f:35:4b:33:3b:
dd:f7:20:74:c1:dd:86:e3:9d:e1:17:9b:94:bf:1f:b9:24:23:
70:47:1b:13:4f:e0:a0:f4:41:9e:e3:23:f9:5b:15:d2:ca:7e:
85:20:e8:d6:85:5c:00:e5:d0:7d:0c:ae:9d:7c:be:ef:67:bb:
f8:78:89:c6:fb:a6:80:04:c1:b1:cb:39:a2:94:a3:25:c2:e5:
33:c1:30:1b:43:b0:f2:c4:e3:92:f8:54:60:aa:7a:0f:9b:45:
5c:13:88:9e:78:5a:14:66:8f:31:f2:ba:73:f0:03:ca:67:01:
aa:15:69:b2:51:e9:d4:17:7e:e5:5a:2b:d2:7e:31:5d:59:bf:
81:85:f1:cf:c2:f5:a1:72:8b:7b:8c:a7:8e:7d:41:7b:73:e5:
b6:12:47:57:d1:01:f2:2e:20:8f:4a:72:92:db:eb:72:71:86:
fe:85:b6:3f:a4:56:37:37:6e:c8:fb:c4:c5:dc:33:e3:25:dc:
27:7d:2a:02
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2ROvCuuyt4drTgyNxRPx74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEwMDQxNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTQyZThiMTkyYTJkODUzMGI4ZWYyMWE3M2E1YjllMmRjNzIyYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwMKOulrcB/199KmMU8guu3fSW73
zVF706MxGuooUwStYuYW83iM6ewexwnExxzhT4JHfJHNITzYfQpUG7jUa2t/rNH5
oUWzNa2Fa8gOTNu01+4F3hPllUKEt/YkC2iMF7a7FIBoumwx8c6K6BO5rLhr6FI4
esPzDNxksUtgvwZjLfqEKF/VP+x4EOkgBQ8jdQJj/ChemkKBKgqDzqWu+ICcUqEz
EwzSu5ZNjywLIXBcwH5OqiDB6FF8TYERMioLhVlPx00x8fFkxWwccOd6mZGGxhZH
ilirbUp6lfkSEwFc0sKjCf6ijfJsYYt2W/abdSrtj2aQfrt6Rc2oB2IfYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO5C6LGSothTC47yGnOlueLcciowMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvN2tMb3NaS2kyRk1ManZJYWM2VzU0dHh5S2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH38ESJSTNrMs5q5kGZu
9sWIWT//TtR3f8WuWy0QdEvo7gXXNEvGIjlE27DQBHfUfpF9oW9R5GC47CdZzcm6
Q/8mRTuPNUszO933IHTB3YbjneEXm5S/H7kkI3BHGxNP4KD0QZ7jI/lbFdLKfoUg
6NaFXADl0H0Mrp18vu9nu/h4icb7poAEwbHLOaKUoyXC5TPBMBtDsPLE45L4VGCq
eg+bRVwTiJ54WhRmjzHyunPwA8pnAaoVabJR6dQXfuVaK9J+MV1Zv4GF8c/C9aFy
i3uMp459QXtz5bYSR1fRAfIuII9KcpLb63Jxhv6Ftj+kVjc3bsj7xMXcM+Ml3Cd9
KgI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:37 2025 by rpki-client