Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7y19T6N5J-IVyFYEzyRtCwUMnC4.roa
File: 7y19T6N5J-IVyFYEzyRtCwUMnC4.roa (raw, json)
Hash identifier: yNeJj1gOOHfnEs1g6FmGBUJNcwqPE3oVTrD7xRolTeM=
Subject key identifier: EF:2D:7D:4F:A3:79:27:E2:15:C8:56:04:CF:24:6D:0B:05:0C:9C:2E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ECC36CBE349FEB1CB108EE52E17C8CD89
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7y19T6N5J-IVyFYEzyRtCwUMnC4.roa
Signing time: Thu 11 Apr 2024 08:12:06 +0000
ROA not before: Thu 11 Apr 2024 08:12:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:36:cb:e3:49:fe:b1:cb:10:8e:e5:2e:17:c8:cd:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 11 08:12:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef2d7d4fa37927e215c85604cf246d0b050c9c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0e:a4:6d:5f:cb:de:53:18:ca:a7:f8:11:10:
96:ca:b1:e1:2b:80:04:d4:ca:51:dc:0c:26:e4:2e:
35:fc:ab:23:db:24:7c:92:2b:9e:f9:0f:c7:9a:e1:
86:3a:40:df:d9:51:5e:99:67:4b:9c:00:36:a0:cb:
44:aa:d6:42:3f:24:f9:ac:fe:a7:e9:74:98:2c:73:
26:38:f2:c3:58:e1:f8:a1:75:4a:2c:d0:69:b4:28:
1f:8f:53:fd:9b:ae:a9:07:06:8c:e8:43:04:21:65:
3b:2c:e7:11:f8:ed:0f:7c:bc:49:ac:b6:54:f1:72:
c3:2e:69:fa:3c:49:ea:c6:14:83:17:c0:2d:60:17:
8a:29:07:65:53:9e:d8:57:3f:e1:5d:c3:cc:2a:db:
43:e1:ae:80:cc:f5:5e:f2:46:02:22:b5:1c:12:24:
b1:30:72:46:66:8a:3c:fd:49:f9:5e:34:2e:fe:61:
54:fc:8c:03:9b:6c:7a:17:95:59:ff:04:e7:c0:c0:
e9:d1:dd:82:81:9d:a2:9b:ee:db:6e:3c:59:c0:67:
fc:88:a3:94:32:7f:2e:82:3f:2a:1f:d2:33:93:02:
a4:8b:2f:d4:c5:61:e0:d0:fd:b6:cb:c5:d8:31:c1:
64:13:c5:c2:7e:05:38:d3:41:cd:3b:7f:1c:4b:48:
35:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2D:7D:4F:A3:79:27:E2:15:C8:56:04:CF:24:6D:0B:05:0C:9C:2E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/7y19T6N5J-IVyFYEzyRtCwUMnC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:c4:96:0c:b3:ec:1e:c0:a3:d3:09:4f:aa:51:1e:c9:bf:2f:
da:2d:e7:a1:10:14:16:81:47:d6:50:9f:7f:e5:50:fc:a7:91:
de:5c:33:53:eb:a8:6f:e1:84:b4:59:15:52:d1:92:c5:91:61:
22:4b:ff:a9:02:f1:fa:49:8e:8a:01:59:59:18:17:42:19:c1:
78:4b:1f:e2:ca:00:00:da:13:5b:a4:8b:f5:df:85:53:9d:09:
4f:98:60:48:e9:47:90:84:f6:a7:6b:cb:ad:e8:05:2e:61:56:
f7:a1:23:9c:5b:ca:a9:2a:48:46:81:22:b8:8c:5a:3a:c7:37:
7a:a4:4e:7a:fa:cb:c5:79:a0:05:06:02:53:66:2b:fb:22:07:
0b:84:f4:83:d0:a8:41:6f:b4:ac:09:61:56:de:80:08:aa:fa:
4b:f2:62:60:44:75:2c:e8:9b:37:77:cf:17:2c:5c:bf:fe:08:
80:6a:4b:e8:ac:ab:ea:22:52:5f:d0:c5:0b:36:f0:b8:b7:85:
49:e3:31:39:4e:82:5f:c5:08:6d:5d:63:27:db:7f:f5:7f:58:
8f:38:9d:a8:fd:d1:a2:b0:8a:40:9b:be:05:79:de:a7:10:02:
3c:ed:0b:07:01:f9:09:8f:9d:03:c8:6b:de:52:ec:c6:96:17:
f5:8e:77:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7MNsvjSf6xyxCO5S4XyM2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDExMDgxMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjJkN2Q0ZmEzNzkyN2UyMTVjODU2MDRjZjI0NmQwYjA1MGM5YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQ6kbV/L3lMYyqf4ERCWyrHhK4AE
1MpR3Awm5C41/Ksj2yR8kiue+Q/HmuGGOkDf2VFemWdLnAA2oMtEqtZCPyT5rP6n
6XSYLHMmOPLDWOH4oXVKLNBptCgfj1P9m66pBwaM6EMEIWU7LOcR+O0PfLxJrLZU
8XLDLmn6PEnqxhSDF8AtYBeKKQdlU57YVz/hXcPMKttD4a6AzPVe8kYCIrUcEiSx
MHJGZoo8/Un5XjQu/mFU/IwDm2x6F5VZ/wTnwMDp0d2CgZ2im+7bbjxZwGf8iKOU
Mn8ugj8qH9IzkwKkiy/UxWHg0P22y8XYMcFkE8XCfgU400HNO38cS0g1GwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO8tfU+jeSfiFchWBM8kbQsFDJwuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvN3kxOVQ2TjVKLUlWeUZZRXp5UnRDd1VNbkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGPElgyz7B7Ao9MJT6pR
Hsm/L9ot56EQFBaBR9ZQn3/lUPynkd5cM1PrqG/hhLRZFVLRksWRYSJL/6kC8fpJ
jooBWVkYF0IZwXhLH+LKAADaE1uki/XfhVOdCU+YYEjpR5CE9qdry63oBS5hVveh
I5xbyqkqSEaBIriMWjrHN3qkTnr6y8V5oAUGAlNmK/siBwuE9IPQqEFvtKwJYVbe
gAiq+kvyYmBEdSzomzd3zxcsXL/+CIBqS+isq+oiUl/QxQs28Li3hUnjMTlOgl/F
CG1dYyfbf/V/WI84naj90aKwikCbvgV53qcQAjztCwcB+QmPnQPIa95S7MaWF/WO
d6o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:27 2025 by rpki-client