Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8w6uWsHitXxU0XXsqBY2lucH510.roa
File: 8w6uWsHitXxU0XXsqBY2lucH510.roa (raw, json)
Hash identifier: X8tFocuPonUQoLL7BDr5kBdGPHSNt4fnbo5BfYFPMFc=
Subject key identifier: F3:0E:AE:5A:C1:E2:B5:7C:54:D1:75:EC:A8:16:36:96:E7:07:E7:5D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF07FDDD22CEEC7CAF322CF2438C2226D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8w6uWsHitXxU0XXsqBY2lucH510.roa
Signing time: Tue 09 Jan 2024 23:12:40 +0000
ROA not before: Tue 09 Jan 2024 23:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f0:7f:dd:d2:2c:ee:c7:ca:f3:22:cf:24:38:c2:22:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 9 23:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f30eae5ac1e2b57c54d175eca8163696e707e75d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:06:da:48:5b:b2:93:43:4b:1f:5c:ac:69:02:
b2:3c:78:7f:e9:9b:72:81:e8:73:b7:44:28:d3:59:
71:5a:07:2b:c2:11:f6:ca:3b:15:f9:96:9e:44:b6:
eb:c6:01:51:91:56:b8:bf:5f:3d:85:15:80:2d:aa:
61:68:f1:b8:4c:12:6c:d4:f8:35:d1:2c:cb:bf:67:
07:0e:ab:cc:79:db:26:68:68:e7:e5:9c:e7:74:5a:
8c:6d:00:98:e4:39:a2:3c:29:11:44:44:e3:ab:2c:
70:92:33:27:d0:c4:87:36:f6:d7:8a:30:81:86:30:
d9:3b:05:08:ae:0f:62:ac:2f:67:19:5b:60:11:77:
2a:db:d3:10:08:cd:b2:a4:41:78:12:e3:20:67:31:
c3:96:95:ee:ef:d3:37:95:56:f5:41:a7:b2:b8:41:
d0:34:3f:54:f6:72:fe:98:f9:82:34:18:1e:bf:f3:
c7:31:70:66:dd:7b:c5:52:79:cf:a3:d9:e0:a1:b7:
49:12:bb:1b:9c:77:15:6d:0d:ea:16:a5:4b:7e:2c:
09:b8:7d:48:61:3a:0b:14:38:96:61:ea:d1:57:c2:
7b:3c:6a:95:b5:fe:7c:ab:7c:a9:11:17:61:6d:78:
f0:49:3e:c1:72:5d:88:b2:5a:8e:3a:05:c9:4f:ca:
39:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0E:AE:5A:C1:E2:B5:7C:54:D1:75:EC:A8:16:36:96:E7:07:E7:5D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8w6uWsHitXxU0XXsqBY2lucH510.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:ce:41:31:62:7c:f5:41:02:82:06:d3:47:8e:39:6e:a2:94:
59:16:d3:dc:e6:bd:fd:d5:13:cb:10:e4:cf:74:14:f1:1e:e1:
f5:64:a3:7e:43:84:ec:55:5f:1a:06:ff:d8:d9:f1:5f:41:37:
31:a6:55:3d:f3:c4:93:05:83:a3:45:88:46:00:c1:1b:26:d9:
2f:5e:98:15:d5:47:2b:23:91:ca:e1:5d:86:9d:4f:c8:7e:51:
1b:bc:72:8e:0c:58:14:18:a4:d2:42:ad:86:f3:d1:6e:97:a7:
c9:a1:0e:ab:2d:08:c2:10:ed:37:2e:90:06:bc:7f:b5:c5:3a:
6d:72:85:80:36:fe:9e:d3:f7:f5:a8:09:38:da:5c:0e:a1:6b:
34:50:7d:e6:98:5a:9a:db:8d:b9:62:d4:fe:db:d0:cd:39:3d:
ed:91:3d:48:c1:b2:70:28:fa:0a:d1:70:f8:01:5c:cc:45:cd:
0e:5f:69:a7:64:e3:b3:8f:80:5d:de:52:bd:eb:c8:9d:c6:16:
ae:3d:7b:d4:98:fc:48:15:ba:91:1f:b9:06:0d:91:22:91:22:
10:09:ed:12:1a:a7:af:fa:e8:7f:ed:3b:91:76:8c:fb:ce:09:
7a:f2:71:67:f0:13:b2:75:1b:18:e9:24:fb:0e:5e:95:5c:a1:
f0:8b:47:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzwf93SLO7HyvMizyQ4wiJtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA5MjMxMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzBlYWU1YWMxZTJiNTdjNTRkMTc1ZWNhODE2MzY5NmU3MDdlNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAbaSFuyk0NLH1ysaQKyPHh/6Zty
gehzt0Qo01lxWgcrwhH2yjsV+ZaeRLbrxgFRkVa4v189hRWALaphaPG4TBJs1Pg1
0SzLv2cHDqvMedsmaGjn5ZzndFqMbQCY5DmiPCkRRETjqyxwkjMn0MSHNvbXijCB
hjDZOwUIrg9irC9nGVtgEXcq29MQCM2ypEF4EuMgZzHDlpXu79M3lVb1QaeyuEHQ
ND9U9nL+mPmCNBgev/PHMXBm3XvFUnnPo9ngobdJErsbnHcVbQ3qFqVLfiwJuH1I
YToLFDiWYerRV8J7PGqVtf58q3ypERdhbXjwST7Bcl2IslqOOgXJT8o5AQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPMOrlrB4rV8VNF17KgWNpbnB+ddMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOHc2dVdzSGl0WHhVMFhYc3FCWTJsdWNINTEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJTOQTFifPVBAoIG00eO
OW6ilFkW09zmvf3VE8sQ5M90FPEe4fVko35DhOxVXxoG/9jZ8V9BNzGmVT3zxJMF
g6NFiEYAwRsm2S9emBXVRysjkcrhXYadT8h+URu8co4MWBQYpNJCrYbz0W6Xp8mh
DqstCMIQ7TcukAa8f7XFOm1yhYA2/p7T9/WoCTjaXA6hazRQfeaYWprbjbli1P7b
0M05Pe2RPUjBsnAo+grRcPgBXMxFzQ5faadk47OPgF3eUr3ryJ3GFq49e9SY/EgV
upEfuQYNkSKRIhAJ7RIap6/66H/tO5F2jPvOCXrycWfwE7J1GxjpJPsOXpVcofCL
R60=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:55 2025 by rpki-client