Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8Gfqxbbdp4OTgYu91OeG27G0kbA.roa
File: 8Gfqxbbdp4OTgYu91OeG27G0kbA.roa (raw, json)
Hash identifier: g9V/ritRdy9l/XzE7SniGoDDKvSRHBRGwd/jFvLONPU=
Subject key identifier: F0:67:EA:C5:B6:DD:A7:83:93:81:8B:BD:D4:E7:86:DB:B1:B4:91:B0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8EA1154142E3226C06615B335541B529
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8Gfqxbbdp4OTgYu91OeG27G0kbA.roa
Signing time: Sat 30 Mar 2024 09:11:45 +0000
ROA not before: Sat 30 Mar 2024 09:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8e:a1:15:41:42:e3:22:6c:06:61:5b:33:55:41:b5:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 09:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f067eac5b6dda78393818bbdd4e786dbb1b491b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:69:d6:9b:98:ab:f9:54:b2:7e:ae:b2:b6:0c:
00:04:bb:1d:69:de:c9:cc:0e:87:5f:9d:ec:c9:02:
98:08:82:1a:a1:ff:d0:10:4f:6e:44:44:95:72:9b:
5a:81:be:90:26:3d:2b:a2:4b:85:82:2b:94:63:2a:
41:05:5b:64:61:31:c3:c9:34:06:d0:6a:85:2f:c2:
0c:38:f8:d0:06:fa:f5:70:d7:18:47:03:be:88:2f:
39:21:6d:09:bc:d6:03:01:8c:e6:6b:8c:70:3d:5b:
57:84:a0:86:dc:f3:da:6e:05:b1:63:14:59:1c:46:
f5:cc:0c:55:e5:73:ae:39:31:8a:2e:4c:57:16:55:
9b:a9:7d:5c:62:80:8a:da:ec:ec:9a:db:9d:89:da:
f3:92:02:5d:d9:ce:e6:31:db:3c:dc:0d:1f:2f:d8:
64:b9:23:e3:a6:d2:59:83:fd:71:e9:02:d1:2f:47:
f8:bd:b7:d9:34:a2:b8:f2:20:db:b5:00:b0:5f:11:
56:30:65:48:6a:09:b8:1d:a9:75:53:60:f4:65:08:
d9:ed:05:3e:a0:42:9f:06:a4:29:8d:1b:20:d0:d8:
a6:5a:0c:13:75:9b:a0:83:b8:97:3a:5e:38:33:0a:
61:fa:36:dc:90:b6:ef:28:ec:db:ff:3e:f0:ea:aa:
49:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:67:EA:C5:B6:DD:A7:83:93:81:8B:BD:D4:E7:86:DB:B1:B4:91:B0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8Gfqxbbdp4OTgYu91OeG27G0kbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:68:eb:dd:7d:26:1b:3c:a3:b0:26:02:77:01:9f:5f:de:6a:
be:df:38:d4:8b:b8:59:26:1b:e9:6f:f2:58:79:36:4a:38:d3:
6e:13:fc:3a:91:b5:33:70:64:cb:6e:ac:de:8f:1d:cb:2e:c4:
6f:a9:6f:57:9f:60:bc:66:c2:a0:5a:71:9a:96:78:35:25:8e:
29:c3:ef:54:07:73:20:e0:ab:1d:b2:d2:26:8a:7d:30:d3:3a:
30:84:35:31:d2:b8:cd:3a:2d:1b:e0:b3:35:08:f8:90:07:68:
5b:76:4d:20:ef:23:9f:b2:d1:62:17:15:a7:d7:1e:35:72:45:
51:0e:d7:fa:8b:cb:ea:75:b2:1f:63:8f:ec:fd:4a:e8:76:4b:
75:b9:61:a8:3b:eb:2c:b2:1c:6d:71:c7:c4:53:9d:9d:bd:f3:
ed:06:4b:84:df:b6:61:6d:6b:b8:f1:eb:e6:6f:9e:b0:29:0e:
bd:bc:3f:98:f8:72:4f:4f:7c:dd:8b:77:7d:12:0d:9c:38:04:
0c:50:20:db:45:ab:09:a4:15:df:8e:17:b0:ef:5d:f0:7f:08:
43:0e:61:36:b4:bc:5c:1b:fe:79:e5:fe:47:6e:a5:0d:b8:9b:
34:24:7e:ba:68:2f:15:b7:ed:81:24:fa:1a:8f:96:bb:98:10:
8d:6a:97:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6OoRVBQuMibAZhWzNVQbUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMDkxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDY3ZWFjNWI2ZGRhNzgzOTM4MThiYmRkNGU3ODZkYmIxYjQ5MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmnWm5ir+VSyfq6ytgwABLsdad7J
zA6HX53syQKYCIIaof/QEE9uRESVcptagb6QJj0rokuFgiuUYypBBVtkYTHDyTQG
0GqFL8IMOPjQBvr1cNcYRwO+iC85IW0JvNYDAYzma4xwPVtXhKCG3PPabgWxYxRZ
HEb1zAxV5XOuOTGKLkxXFlWbqX1cYoCK2uzsmtudidrzkgJd2c7mMds83A0fL9hk
uSPjptJZg/1x6QLRL0f4vbfZNKK48iDbtQCwXxFWMGVIagm4Hal1U2D0ZQjZ7QU+
oEKfBqQpjRsg0NimWgwTdZugg7iXOl44Mwph+jbckLbvKOzb/z7w6qpJRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPBn6sW23aeDk4GLvdTnhtuxtJGwMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOEdmcXhiYmRwNE9UZ1l1OTFPZUcyN0cwa2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACJo6919Jhs8o7AmAncB
n1/ear7fONSLuFkmG+lv8lh5Nko4024T/DqRtTNwZMturN6PHcsuxG+pb1efYLxm
wqBacZqWeDUljinD71QHcyDgqx2y0iaKfTDTOjCENTHSuM06LRvgszUI+JAHaFt2
TSDvI5+y0WIXFafXHjVyRVEO1/qLy+p1sh9jj+z9Suh2S3W5Yag76yyyHG1xx8RT
nZ298+0GS4TftmFta7jx6+ZvnrApDr28P5j4ck9PfN2Ld30SDZw4BAxQINtFqwmk
Fd+OF7DvXfB/CEMOYTa0vFwb/nnl/kdupQ24mzQkfrpoLxW37YEk+hqPlruYEI1q
l0I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:23 2025 by rpki-client