Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7l_-Z4VXFlcKrQ4Zv21Ak-Dku5w.roa
File: 7l_-Z4VXFlcKrQ4Zv21Ak-Dku5w.roa (raw, json)
Hash identifier: E1H0p256SyIKyZd39KKOLe6lR7couTlyX1gJQ/H9ju4=
Subject key identifier: EE:5F:FE:67:85:57:16:57:0A:AD:0E:19:BF:6D:40:93:E0:E4:BB:9C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF9B9026B2C460513C9223D163ADAE9A5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7l_-Z4VXFlcKrQ4Zv21Ak-Dku5w.roa
Signing time: Thu 11 Jan 2024 18:11:40 +0000
ROA not before: Thu 11 Jan 2024 18:11:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f9:b9:02:6b:2c:46:05:13:c9:22:3d:16:3a:da:e9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 18:11:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee5ffe67855716570aad0e19bf6d4093e0e4bb9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:4b:73:a6:bb:0c:f2:8e:8f:e4:9d:3a:ca:45:
11:4c:a6:a0:cd:90:43:2e:27:fe:c0:b9:64:02:31:
d4:b5:38:e1:8b:eb:4b:38:64:37:fc:30:81:fd:e7:
43:3b:16:c9:52:5f:70:69:3d:a2:fe:20:85:89:0d:
74:b3:72:4e:73:8a:1f:17:fc:ea:74:1a:36:d0:00:
ec:a0:88:12:6b:76:ac:03:47:eb:d4:eb:05:11:ac:
cb:10:d0:21:43:12:24:7c:53:2d:36:e2:5e:e9:00:
ac:ee:b5:e9:05:d1:30:43:26:f0:21:cb:fa:f8:b2:
93:cc:d2:d0:4a:d9:10:4c:5b:92:bc:0c:ef:81:ad:
6f:c6:2c:f3:80:62:7b:88:d9:30:9b:c3:6f:06:9b:
4c:ad:7a:d5:2a:92:ad:7d:04:38:63:50:6e:8f:70:
38:79:ef:21:37:4b:70:c4:80:7c:09:b5:b2:7a:bd:
92:7e:34:b5:ae:5c:dd:b8:36:f0:ee:9d:98:18:ed:
84:5c:60:12:ad:a9:d5:e1:d5:2f:b9:de:4d:1a:86:
b6:13:b8:db:1c:23:4e:e5:e1:8b:26:47:2a:3d:f5:
bf:10:40:22:74:d5:b4:df:35:a5:79:e9:8b:02:92:
68:32:88:1c:50:ff:44:58:ca:c8:9f:87:42:6b:68:
50:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:5F:FE:67:85:57:16:57:0A:AD:0E:19:BF:6D:40:93:E0:E4:BB:9C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7l_-Z4VXFlcKrQ4Zv21Ak-Dku5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6b:1d:0a:a9:b3:e7:7f:e3:4c:07:ff:74:90:0b:cc:60:93:60:
50:54:2e:b3:96:2f:49:2a:22:94:90:49:74:7d:9c:b5:da:e4:
c8:24:20:1e:cc:64:d6:da:63:db:38:12:d6:03:97:31:e8:89:
0d:d5:63:52:4b:7e:e5:11:7d:8f:4d:b3:0b:dc:05:37:54:f6:
dd:b0:9e:d7:7e:05:d9:75:b8:ff:e2:0d:57:3e:93:a6:7b:ca:
c0:fe:3d:13:5c:c0:ef:1b:12:94:01:f9:4b:48:a2:2f:c3:60:
bc:96:0d:55:1c:c8:6f:44:2c:2e:d1:4b:60:c1:90:c3:19:97:
b7:6e:3d:ef:bf:3b:73:b7:ff:ec:ea:80:1f:86:da:d2:e0:6c:
53:08:80:7d:8b:02:08:cd:5a:18:e5:46:a7:c0:db:86:42:e0:
92:ba:6b:ec:33:fd:9a:e6:f9:a0:05:7b:68:74:bf:88:84:75:
6f:ba:63:34:5c:52:b4:5d:ea:d4:b2:c7:a4:0e:90:ff:4e:54:
1f:f6:e9:a4:ed:77:f0:86:c7:31:ef:87:0b:fb:7c:a1:94:56:
d9:ba:4b:b9:bf:17:04:d6:61:f6:c9:10:62:90:36:3d:a8:cb:
2c:fa:72:d9:66:ea:18:47:e2:ca:be:6b:9e:2c:d8:31:e4:1c:
12:e9:e7:44
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz5uQJrLEYFE8kiPRY62umlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMTgxMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTVmZmU2Nzg1NTcxNjU3MGFhZDBlMTliZjZkNDA5M2UwZTRiYjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEtzprsM8o6P5J06ykURTKagzZBD
Lif+wLlkAjHUtTjhi+tLOGQ3/DCB/edDOxbJUl9waT2i/iCFiQ10s3JOc4ofF/zq
dBo20ADsoIgSa3asA0fr1OsFEazLENAhQxIkfFMtNuJe6QCs7rXpBdEwQybwIcv6
+LKTzNLQStkQTFuSvAzvga1vxizzgGJ7iNkwm8NvBptMrXrVKpKtfQQ4Y1Buj3A4
ee8hN0twxIB8CbWyer2SfjS1rlzduDbw7p2YGO2EXGASranV4dUvud5NGoa2E7jb
HCNO5eGLJkcqPfW/EEAidNW03zWleemLApJoMogcUP9EWMrIn4dCa2hQoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO5f/meFVxZXCq0OGb9tQJPg5LucMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvN2xfLVo0VlhGbGNLclE0WnYyMUFrLURrdTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGsdCqmz53/jTAf/dJAL
zGCTYFBULrOWL0kqIpSQSXR9nLXa5MgkIB7MZNbaY9s4EtYDlzHoiQ3VY1JLfuUR
fY9NswvcBTdU9t2wntd+Bdl1uP/iDVc+k6Z7ysD+PRNcwO8bEpQB+UtIoi/DYLyW
DVUcyG9ELC7RS2DBkMMZl7duPe+/O3O3/+zqgB+G2tLgbFMIgH2LAgjNWhjlRqfA
24ZC4JK6a+wz/Zrm+aAFe2h0v4iEdW+6YzRcUrRd6tSyx6QOkP9OVB/26aTtd/CG
xzHvhwv7fKGUVtm6S7m/FwTWYfbJEGKQNj2oyyz6ctlm6hhH4sq+a54s2DHkHBLp
50Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:00 2025 by rpki-client