Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/81h6QpS6ARbbEE9ngfWtcJxOrjY.roa
File: 81h6QpS6ARbbEE9ngfWtcJxOrjY.roa (raw, json)
Hash identifier: aR19h1XHZwW5Hki1O7Z5mHgGzQa7u9kc8RM+yrMFEd0=
Subject key identifier: F3:58:7A:42:94:BA:01:16:DB:10:4F:67:81:F5:AD:70:9C:4E:AE:36
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9D3C76E3F9A302FBAA3F290F76717326
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/81h6QpS6ARbbEE9ngfWtcJxOrjY.roa
Signing time: Mon 12 Feb 2024 12:13:21 +0000
ROA not before: Mon 12 Feb 2024 12:13:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9d:3c:76:e3:f9:a3:02:fb:aa:3f:29:0f:76:71:73:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 12 12:13:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3587a4294ba0116db104f6781f5ad709c4eae36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c1:e0:33:b0:73:1a:04:96:ef:89:27:24:e6:
18:ae:87:29:3a:f2:11:9c:1f:19:b1:6b:59:24:1f:
a6:b8:8c:01:e8:9c:5f:3e:52:89:dd:59:dc:b8:8c:
f9:d8:01:f3:d0:96:ca:ef:e9:2a:72:5c:b9:f0:23:
ce:d3:80:4c:c7:28:9b:78:2e:d2:f0:b6:88:08:1a:
bf:e4:d1:29:84:2b:3d:ed:4f:b8:b5:aa:e0:5b:83:
7d:3f:bc:e2:7a:68:4d:94:2b:4f:fa:4a:3d:d3:72:
11:9c:20:5a:07:6c:d9:74:67:20:0e:0c:f5:ad:67:
9c:81:00:69:9a:70:20:57:80:95:8a:05:93:70:5f:
99:f8:54:7e:d8:58:b4:68:63:40:d1:d9:f2:6c:d5:
74:dc:f4:f8:17:62:f0:68:ca:81:5d:eb:cb:a0:1e:
1c:66:21:4f:4f:0e:20:7e:cb:60:29:0a:c3:30:13:
30:90:11:2f:4a:61:1d:a5:c2:6c:94:4d:32:56:f3:
05:bb:5a:e6:70:12:da:fe:3f:ac:49:30:d2:cd:f3:
44:e5:d0:6c:94:0d:b1:08:49:dc:2c:4b:8a:a7:2f:
48:02:cf:3b:38:aa:59:ec:3c:2b:98:f4:e0:32:59:
5c:fe:d2:2d:09:33:b0:55:70:da:f1:59:cd:f1:fb:
1f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:58:7A:42:94:BA:01:16:DB:10:4F:67:81:F5:AD:70:9C:4E:AE:36
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/81h6QpS6ARbbEE9ngfWtcJxOrjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0a:27:b4:22:e6:1e:b1:dc:5a:3b:33:49:6f:89:64:2a:cd:ed:
8e:5e:84:25:f8:1d:93:c4:d7:fd:66:09:82:87:c2:3f:e2:6c:
9c:15:d1:12:48:d0:ca:a8:55:b1:eb:d8:89:3c:b0:00:96:d4:
67:b4:fc:04:1d:9b:9a:38:fb:bc:b2:86:16:86:62:2d:b8:cb:
49:a8:4f:d3:23:1a:fc:19:6a:85:83:cf:81:67:91:01:91:61:
36:af:6e:d8:26:19:3f:82:6d:70:81:c7:a3:5c:e8:94:25:3c:
03:53:8c:cd:86:32:bc:be:4e:2c:35:70:79:e7:ed:87:f0:4c:
40:b2:e6:ac:60:1e:0d:22:38:94:51:69:89:2f:7a:50:c4:cc:
5e:92:1f:f8:d2:47:11:5b:70:e4:58:a7:bd:ff:db:49:da:9a:
e9:86:0e:85:43:d7:02:78:de:71:8d:8a:d7:40:cb:b8:39:d0:
91:93:c7:83:be:2d:bc:56:fd:bb:14:3e:00:82:d9:4f:9a:05:
5b:eb:48:23:19:7f:6d:b0:9c:37:03:a7:a8:a4:ae:d8:1a:8d:
e0:74:64:73:cc:d0:2d:89:5c:bb:5a:79:80:c5:d3:00:5b:ac:
33:bb:2c:06:f9:7e:57:39:23:e3:7c:9a:ed:41:df:fd:60:b3:
d9:bd:ad:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2dPHbj+aMC+6o/KQ92cXMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEyMTIxMzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzU4N2E0Mjk0YmEwMTE2ZGIxMDRmNjc4MWY1YWQ3MDljNGVhZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sHgM7BzGgSW74knJOYYrocpOvIR
nB8ZsWtZJB+muIwB6JxfPlKJ3VncuIz52AHz0JbK7+kqcly58CPO04BMxyibeC7S
8LaICBq/5NEphCs97U+4targW4N9P7ziemhNlCtP+ko903IRnCBaB2zZdGcgDgz1
rWecgQBpmnAgV4CVigWTcF+Z+FR+2Fi0aGNA0dnybNV03PT4F2LwaMqBXevLoB4c
ZiFPTw4gfstgKQrDMBMwkBEvSmEdpcJslE0yVvMFu1rmcBLa/j+sSTDSzfNE5dBs
lA2xCEncLEuKpy9IAs87OKpZ7DwrmPTgMllc/tItCTOwVXDa8VnN8fsfZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPNYekKUugEW2xBPZ4H1rXCcTq42MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvODFoNlFwUzZBUmJiRUU5bmdmV3RjSnhPcmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAontCLmHrHcWjszSW+J
ZCrN7Y5ehCX4HZPE1/1mCYKHwj/ibJwV0RJI0MqoVbHr2Ik8sACW1Ge0/AQdm5o4
+7yyhhaGYi24y0moT9MjGvwZaoWDz4FnkQGRYTavbtgmGT+CbXCBx6Nc6JQlPANT
jM2GMry+Tiw1cHnn7YfwTECy5qxgHg0iOJRRaYkvelDEzF6SH/jSRxFbcORYp73/
20namumGDoVD1wJ43nGNitdAy7g50JGTx4O+LbxW/bsUPgCC2U+aBVvrSCMZf22w
nDcDp6ikrtgajeB0ZHPM0C2JXLtaeYDF0wBbrDO7LAb5flc5I+N8mu1B3/1gs9m9
rfE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:37 2025 by rpki-client