Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/89GTt4oXjvSsZHMd40ftykjVRVs.roa
File: 89GTt4oXjvSsZHMd40ftykjVRVs.roa (raw, json)
Hash identifier: K5L7QHDded2RwH8BAk/qQU5dm0FgSNUbuYjvjeEtDp4=
Subject key identifier: F3:D1:93:B7:8A:17:8E:F4:AC:64:73:1D:E3:47:ED:CA:48:D5:45:5B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA7BB2B1B2AC657261D4CA8D67A523B26
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/89GTt4oXjvSsZHMd40ftykjVRVs.roa
Signing time: Thu 04 Apr 2024 06:10:45 +0000
ROA not before: Thu 04 Apr 2024 06:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:bb:2b:1b:2a:c6:57:26:1d:4c:a8:d6:7a:52:3b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 4 06:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3d193b78a178ef4ac64731de347edca48d5455b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:da:fd:45:d1:4d:f5:9a:f4:2e:80:ea:99:f5:
12:fa:3d:c1:e7:96:11:56:9c:c1:fa:99:96:8e:b4:
55:13:7d:74:c6:dc:d1:93:f7:44:24:41:9f:49:30:
6c:50:f5:cb:02:d6:2a:41:e5:3c:76:1d:99:bc:c0:
8b:10:ee:ef:3d:79:72:93:fd:cc:cd:f7:e1:f9:bc:
63:85:35:89:db:5c:fb:ce:00:5f:7f:9d:d5:c5:97:
29:16:10:41:c5:3e:d6:b3:9c:bc:59:15:51:4d:f1:
38:fd:cb:43:be:e6:bb:b5:f1:3e:4c:01:07:ce:eb:
bb:6c:06:e5:af:84:be:dd:f5:71:44:8c:c0:d1:38:
b8:6f:c1:ea:99:68:98:0d:8b:70:2d:b1:66:1e:0c:
93:ca:41:74:b2:df:d0:05:02:57:f6:91:7e:be:d3:
cf:b0:af:4c:03:e6:97:df:3a:a8:ec:bb:ad:85:f5:
2a:03:b1:a6:49:2f:f7:82:60:54:4c:1f:6d:c3:07:
ee:1a:90:61:58:36:bc:6a:41:d3:f7:a7:82:4e:8b:
8b:b1:42:12:6e:32:08:61:9f:13:88:e5:2c:1b:57:
87:de:03:50:c8:77:4e:58:e6:52:d8:aa:3d:54:4e:
e3:f7:31:61:29:ba:e2:8b:aa:82:b5:ed:2d:27:70:
ef:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D1:93:B7:8A:17:8E:F4:AC:64:73:1D:E3:47:ED:CA:48:D5:45:5B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/89GTt4oXjvSsZHMd40ftykjVRVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2f:9e:bf:f6:b8:ae:aa:88:ac:64:72:10:36:40:f2:54:19:f5:
7a:d8:e3:9b:e1:fa:25:ca:11:90:9a:3f:d6:58:1e:aa:d5:f2:
ae:51:c5:de:f9:52:7a:62:2a:a7:c4:3f:e0:c4:e0:d4:b2:78:
91:f1:c1:c7:7f:20:d0:0d:b8:c4:56:cd:ee:16:cd:03:bf:0c:
30:c2:95:25:4f:bd:90:54:f3:a2:db:3c:df:f8:fa:5c:f8:5e:
52:89:6b:c7:77:b3:ad:9d:a2:cc:02:5e:3e:3b:19:35:61:99:
a0:54:b8:cd:74:30:30:55:9e:db:16:9c:ca:db:13:55:4a:de:
96:f7:1b:23:87:fa:ba:55:c4:36:6e:2f:25:b0:63:5b:6f:32:
a5:14:46:07:8f:dc:11:0a:c0:2b:43:5e:66:af:26:75:bb:49:
4a:43:82:e7:f1:06:10:65:d8:0d:4b:d0:47:53:e8:ce:95:77:
09:31:45:d3:18:a3:57:db:7b:cb:f8:a2:e6:8f:a1:f9:8a:84:
32:e8:68:f2:22:e7:b1:76:a4:bc:13:55:f7:b7:2c:22:c6:e0:
0f:15:16:d1:71:5e:f2:32:72:07:e1:8d:6a:13:e9:dd:ad:d1:
ec:0e:a9:9a:cc:72:fb:c4:93:bd:c7:62:40:0c:c9:7b:63:dc:
fa:74:a6:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6nuysbKsZXJh1MqNZ6UjsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA0MDYxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2QxOTNiNzhhMTc4ZWY0YWM2NDczMWRlMzQ3ZWRjYTQ4ZDU0NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9r9RdFN9Zr0LoDqmfUS+j3B55YR
VpzB+pmWjrRVE310xtzRk/dEJEGfSTBsUPXLAtYqQeU8dh2ZvMCLEO7vPXlyk/3M
zffh+bxjhTWJ21z7zgBff53VxZcpFhBBxT7Ws5y8WRVRTfE4/ctDvua7tfE+TAEH
zuu7bAblr4S+3fVxRIzA0Ti4b8HqmWiYDYtwLbFmHgyTykF0st/QBQJX9pF+vtPP
sK9MA+aX3zqo7LuthfUqA7GmSS/3gmBUTB9twwfuGpBhWDa8akHT96eCTouLsUIS
bjIIYZ8TiOUsG1eH3gNQyHdOWOZS2Ko9VE7j9zFhKbrii6qCte0tJ3DvUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPPRk7eKF470rGRzHeNH7cpI1UVbMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvODlHVHQ0b1hqdlNzWkhNZDQwZnR5a2pWUlZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAC+ev/a4rqqIrGRyEDZA
8lQZ9XrY45vh+iXKEZCaP9ZYHqrV8q5Rxd75UnpiKqfEP+DE4NSyeJHxwcd/INAN
uMRWze4WzQO/DDDClSVPvZBU86LbPN/4+lz4XlKJa8d3s62doswCXj47GTVhmaBU
uM10MDBVntsWnMrbE1VK3pb3GyOH+rpVxDZuLyWwY1tvMqUURgeP3BEKwCtDXmav
JnW7SUpDgufxBhBl2A1L0EdT6M6VdwkxRdMYo1fbe8v4ouaPofmKhDLoaPIi57F2
pLwTVfe3LCLG4A8VFtFxXvIycgfhjWoT6d2t0ewOqZrMcvvEk73HYkAMyXtj3Pp0
piU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:38 2025 by rpki-client