Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/865bIpl2BE1wXs5uVZQE6YJbmhY.roa
File: 865bIpl2BE1wXs5uVZQE6YJbmhY.roa (raw, json)
Hash identifier: XAlnVt5fw1SXZyjOuLZ5lrO8JLSLsuTmObdwAtkRaow=
Subject key identifier: F3:AE:5B:22:99:76:04:4D:70:5E:CE:6E:55:94:04:E9:82:5B:9A:16
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1A58014D3878AC21446F78E93AFF753B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/865bIpl2BE1wXs5uVZQE6YJbmhY.roa
Signing time: Thu 18 Jan 2024 02:13:11 +0000
ROA not before: Thu 18 Jan 2024 02:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1a:58:01:4d:38:78:ac:21:44:6f:78:e9:3a:ff:75:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 18 02:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3ae5b229976044d705ece6e559404e9825b9a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:53:69:f4:59:be:bc:67:5f:a3:dc:7e:0d:f4:
34:f5:6a:59:ea:e8:8d:08:b9:fd:1f:11:d5:ee:81:
fe:4d:fa:ee:9d:cc:ba:44:f3:af:b9:08:da:16:5a:
3f:e4:4c:7d:b1:98:b2:3d:1e:c9:f4:e1:0f:46:a9:
19:d9:f5:0b:8c:54:0f:39:05:31:43:7a:73:d9:81:
e9:8f:f9:0b:c8:1e:20:22:77:2a:f1:32:03:74:7c:
d8:f6:eb:ec:16:0c:9d:03:54:e5:17:fd:1a:41:53:
d1:76:03:4a:ad:09:56:6e:76:73:a7:14:a7:9b:82:
c5:d5:21:33:7c:c4:00:ab:68:ee:17:42:3b:86:2d:
4e:b0:5b:88:f2:ea:87:c9:af:f6:69:99:00:dd:10:
61:16:31:7a:56:41:28:c5:a9:8b:31:a0:70:7a:87:
9e:66:07:e2:da:98:e4:5e:1d:12:9c:4b:77:77:6a:
c0:e8:97:67:da:94:a2:03:44:1e:bd:b8:c6:ed:a1:
a8:16:43:56:14:ef:8d:f4:c7:63:65:4a:5e:96:df:
b1:ca:d3:d8:d7:be:96:2d:10:23:99:22:95:05:ef:
fc:db:cb:95:d5:1b:33:bd:e6:b2:60:b9:77:33:64:
9e:b7:bd:e3:18:29:2a:c6:4a:35:5c:84:bd:47:70:
de:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:AE:5B:22:99:76:04:4D:70:5E:CE:6E:55:94:04:E9:82:5B:9A:16
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/865bIpl2BE1wXs5uVZQE6YJbmhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4b:ad:05:ae:11:37:a1:d4:8a:27:d6:35:fc:61:7a:e4:53:8f:
22:25:7b:44:26:9a:28:ad:ee:24:b5:a6:ce:9f:a1:ad:4e:5f:
89:54:3e:b6:09:21:e7:4a:67:09:4f:c3:11:10:70:3e:63:2a:
33:e9:82:24:54:23:dc:22:5f:ed:6e:8b:23:30:bb:31:ab:94:
e7:e7:90:81:76:13:fa:28:f5:77:fc:4c:c7:2d:88:78:b8:f4:
61:25:9a:fe:f5:3a:54:06:9b:0e:63:d2:10:66:78:3e:9e:2f:
b4:a2:f6:56:e9:e8:58:fc:2b:74:af:5e:3e:44:af:0f:b2:86:
0f:24:9e:0f:5d:b7:63:13:ef:2a:17:f4:ac:27:d0:14:d4:1b:
f5:f2:c8:7c:03:c4:ae:e4:39:37:9b:72:2f:72:04:e5:54:e7:
60:69:b9:a1:b0:f2:f5:1f:5c:86:cc:96:66:bc:20:3d:47:a3:
f5:87:f8:b7:eb:5c:5e:4b:09:93:5f:2f:54:80:55:1f:6e:af:
45:e0:c1:3f:be:c5:7c:a3:ac:62:b6:f1:3a:0c:90:a5:54:02:
40:01:1e:df:d1:c6:9a:f9:6a:79:5c:66:56:e7:df:88:43:39:
4b:99:c9:93:5a:b0:17:6a:6a:a9:81:98:6e:70:01:f3:0b:6a:
bc:3b:8f:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0aWAFNOHisIURveOk6/3U7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE4MDIxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2FlNWIyMjk5NzYwNDRkNzA1ZWNlNmU1NTk0MDRlOTgyNWI5YTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVNp9Fm+vGdfo9x+DfQ09WpZ6uiN
CLn9HxHV7oH+Tfruncy6RPOvuQjaFlo/5Ex9sZiyPR7J9OEPRqkZ2fULjFQPOQUx
Q3pz2YHpj/kLyB4gIncq8TIDdHzY9uvsFgydA1TlF/0aQVPRdgNKrQlWbnZzpxSn
m4LF1SEzfMQAq2juF0I7hi1OsFuI8uqHya/2aZkA3RBhFjF6VkEoxamLMaBweoee
Zgfi2pjkXh0SnEt3d2rA6Jdn2pSiA0QevbjG7aGoFkNWFO+N9MdjZUpelt+xytPY
176WLRAjmSKVBe/828uV1RszveayYLl3M2Set73jGCkqxko1XIS9R3DeHQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPOuWyKZdgRNcF7OblWUBOmCW5oWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvODY1YklwbDJCRTF3WHM1dVZaUUU2WUpibWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEutBa4RN6HUiifWNfxh
euRTjyIle0Qmmiit7iS1ps6foa1OX4lUPrYJIedKZwlPwxEQcD5jKjPpgiRUI9wi
X+1uiyMwuzGrlOfnkIF2E/oo9Xf8TMctiHi49GElmv71OlQGmw5j0hBmeD6eL7Si
9lbp6Fj8K3SvXj5Erw+yhg8kng9dt2MT7yoX9Kwn0BTUG/XyyHwDxK7kOTebci9y
BOVU52BpuaGw8vUfXIbMlma8ID1Ho/WH+LfrXF5LCZNfL1SAVR9ur0XgwT++xXyj
rGK28ToMkKVUAkABHt/Rxpr5anlcZlbn34hDOUuZyZNasBdqaqmBmG5wAfMLarw7
j3w=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:43 2025 by rpki-client