Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8dG2R0bLdE4ftTO4Uaz-hprvSes.roa
File: 8dG2R0bLdE4ftTO4Uaz-hprvSes.roa (raw, json)
Hash identifier: iIRdR4IRGRcz/4S+BvV97JOHvSGmrO/Kxhhbsk6/Qy4=
Subject key identifier: F1:D1:B6:47:46:CB:74:4E:1F:B5:33:B8:51:AC:FE:86:9A:EF:49:EB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC2FD21676B039873336686F3365DA3A7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8dG2R0bLdE4ftTO4Uaz-hprvSes.roa
Signing time: Mon 01 Jan 2024 03:06:58 +0000
ROA not before: Mon 01 Jan 2024 03:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:c2fc:44ed/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:fd:21:67:6b:03:98:73:33:66:86:f3:36:5d:a3:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 1 03:06:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1d1b64746cb744e1fb533b851acfe869aef49eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:27:10:f4:3c:ae:76:ff:ff:81:c2:f8:99:fe:
92:9a:e6:df:70:96:26:48:6c:cf:90:da:37:90:9e:
54:81:1f:43:61:3b:0e:4f:bf:75:d3:c8:55:92:3a:
51:80:c2:72:86:6a:5d:40:5e:18:e4:42:a5:25:e4:
ef:19:23:3f:67:0e:96:1b:fc:e2:a7:47:a2:38:ea:
f3:95:b3:fd:59:2c:f8:a2:43:02:45:db:c1:3e:27:
66:25:b3:ac:32:5e:c8:77:67:1d:1b:cc:29:12:83:
f3:fd:5d:03:85:5e:54:33:c0:9c:52:6c:62:a0:53:
18:96:70:c0:33:fb:79:f2:b9:cb:78:0c:9e:75:22:
4a:d1:6b:bd:5e:d7:42:d1:91:a3:ca:bc:41:e8:ed:
cc:94:de:6c:fa:92:0b:1b:22:56:70:c0:61:8d:28:
ab:ab:0d:7c:74:8c:a0:d3:0d:d5:25:95:5b:e9:3a:
66:d9:3b:f6:7a:67:cc:91:f4:95:0d:a1:c2:44:73:
ff:ee:db:38:64:31:3c:d7:8a:e7:34:f3:67:4b:a0:
f9:12:4d:9f:50:95:7b:fb:4a:0d:b0:72:63:58:0e:
5f:e6:76:9c:fc:19:d6:68:b0:f5:3b:df:41:70:e0:
93:c9:a7:20:e8:00:e4:16:e0:d3:4e:8d:77:85:0f:
33:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D1:B6:47:46:CB:74:4E:1F:B5:33:B8:51:AC:FE:86:9A:EF:49:EB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8dG2R0bLdE4ftTO4Uaz-hprvSes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:5e:88:9c:4b:fb:08:84:f7:d1:c6:99:63:a8:1c:5d:4c:40:
63:2a:df:be:cf:61:05:41:82:d2:55:c9:30:f0:4c:94:dc:00:
ba:9b:7b:15:2f:39:82:a6:fa:71:6d:d0:6e:0e:ee:db:df:21:
3a:1a:d8:72:14:62:a4:d5:bb:e2:32:42:ab:51:24:81:0d:31:
4f:36:ee:56:c9:8a:a8:08:d8:a5:23:a8:a3:a8:49:5d:54:14:
1a:d1:75:19:99:07:3e:72:98:9d:0b:25:64:f1:0f:d7:25:5f:
de:57:7a:b8:32:19:a3:8f:94:fc:03:df:50:81:39:51:6c:b2:
17:a0:71:cd:8a:41:c7:d3:81:dd:cb:b6:d4:34:3c:63:ee:7a:
fa:79:ff:2f:de:aa:ca:4e:32:5d:a2:f2:32:ae:d6:37:f7:3a:
be:27:3b:37:b1:8a:39:44:7c:89:3b:c1:59:d6:1c:0f:c3:e4:
fb:99:04:31:d0:28:c6:37:41:26:46:49:ad:f4:fe:6f:28:40:
f4:b0:de:b7:17:ef:c0:1d:57:e7:03:76:33:22:61:e3:df:8a:
74:4d:38:cc:8e:3e:e3:49:ab:30:b3:b4:a9:ce:18:39:5b:26:
86:9e:5f:49:2f:fc:ea:7f:74:d9:60:40:42:84:8d:eb:95:b6:
a4:b3:86:4c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzC/SFnawOYczNmhvM2XaOnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAxMDMwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQxYjY0NzQ2Y2I3NDRlMWZiNTMzYjg1MWFjZmU4NjlhZWY0OWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAricQ9Dyudv//gcL4mf6SmubfcJYm
SGzPkNo3kJ5UgR9DYTsOT79108hVkjpRgMJyhmpdQF4Y5EKlJeTvGSM/Zw6WG/zi
p0eiOOrzlbP9WSz4okMCRdvBPidmJbOsMl7Id2cdG8wpEoPz/V0DhV5UM8CcUmxi
oFMYlnDAM/t58rnLeAyedSJK0Wu9XtdC0ZGjyrxB6O3MlN5s+pILGyJWcMBhjSir
qw18dIyg0w3VJZVb6Tpm2Tv2emfMkfSVDaHCRHP/7ts4ZDE814rnNPNnS6D5Ek2f
UJV7+0oNsHJjWA5f5nac/BnWaLD1O99BcOCTyacg6ADkFuDTTo13hQ8z8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPHRtkdGy3ROH7UzuFGs/oaa70nrMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOGRHMlIwYkxkRTRmdFRPNFVhei1ocHJ2U2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKheiJxL+wiE99HGmWOo
HF1MQGMq377PYQVBgtJVyTDwTJTcALqbexUvOYKm+nFt0G4O7tvfIToa2HIUYqTV
u+IyQqtRJIENMU827lbJiqgI2KUjqKOoSV1UFBrRdRmZBz5ymJ0LJWTxD9clX95X
ergyGaOPlPwD31CBOVFsshegcc2KQcfTgd3LttQ0PGPuevp5/y/eqspOMl2i8jKu
1jf3Or4nOzexijlEfIk7wVnWHA/D5PuZBDHQKMY3QSZGSa30/m8oQPSw3rcX78Ad
V+cDdjMiYePfinRNOMyOPuNJqzCztKnOGDlbJoaeX0kv/Op/dNlgQEKEjeuVtqSz
hkw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:31 2025 by rpki-client