Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8yQIFzQLYNCytqyn27I2qb1JTco.roa
File: 8yQIFzQLYNCytqyn27I2qb1JTco.roa (raw, json)
Hash identifier: KwbRaPO8CM+gnQz8V/D57UPO2IQRGWHz3rLrc4ejuSs=
Subject key identifier: F3:24:08:17:34:0B:60:D0:B2:B6:AC:A7:DB:B2:36:A9:BD:49:4D:CA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE710D10C79E492C45E72FAA0040E60D7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8yQIFzQLYNCytqyn27I2qb1JTco.roa
Signing time: Mon 08 Jan 2024 03:14:48 +0000
ROA not before: Mon 08 Jan 2024 03:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e7:10:d1:0c:79:e4:92:c4:5e:72:fa:a0:04:0e:60:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 8 03:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3240817340b60d0b2b6aca7dbb236a9bd494dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ec:77:69:5a:42:e2:12:2b:c0:11:e6:6c:df:
56:00:0b:2d:ed:20:3d:67:4a:6b:a4:8b:f8:0e:7c:
39:f7:f2:76:dc:e1:c2:1e:2a:31:cb:03:22:31:39:
d3:3b:1b:15:a2:99:df:01:2f:9e:59:2a:8e:80:14:
05:da:6a:d8:d3:84:cd:9a:28:07:f8:1e:d4:de:a9:
4f:57:d4:55:e9:24:0a:4d:26:e7:33:24:cf:3a:73:
a5:42:89:e7:c6:00:ba:a9:cb:e5:9a:0c:07:9a:3b:
65:f6:f8:14:1d:b6:8f:25:83:bf:f6:e7:8a:02:25:
2d:96:52:34:e1:01:13:f6:d8:8f:47:19:7a:fc:93:
18:6a:be:85:69:c5:1c:ea:98:14:d8:1c:c2:38:18:
e0:4b:9c:21:53:56:60:a8:7c:67:82:29:1b:e6:8b:
cd:b9:01:8f:78:8b:bd:33:5e:c6:0b:74:75:7b:18:
dd:77:e9:de:5c:86:ae:db:d7:ae:41:5c:c9:05:ee:
fa:c2:0c:35:17:52:05:53:eb:bf:b8:46:73:1f:34:
e7:8d:51:94:7b:34:13:57:14:d5:29:e7:26:c6:6d:
49:b9:31:de:bc:3a:db:cf:65:af:f9:56:19:05:90:
fb:38:70:a3:c7:6a:58:6a:bd:6a:a1:92:54:0e:5c:
f0:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:24:08:17:34:0B:60:D0:B2:B6:AC:A7:DB:B2:36:A9:BD:49:4D:CA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/8yQIFzQLYNCytqyn27I2qb1JTco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:1e:a0:e0:bc:d3:5f:71:a3:7a:45:e4:12:a3:84:47:c5:4f:
f6:e3:bc:cf:f6:2a:ec:e0:6a:61:ba:ef:7d:1d:b2:a4:1c:e6:
60:9d:d3:72:16:7e:c4:61:de:6d:23:7d:89:9b:62:60:c9:23:
ca:6b:21:8f:bd:f2:b1:04:28:62:7f:bf:ec:07:dc:8d:49:78:
71:e1:69:25:26:7e:06:17:37:8f:88:d2:61:76:d5:c0:63:91:
a9:05:e9:29:cf:5b:d5:af:60:4f:66:02:6e:97:1a:71:95:87:
ea:94:16:8d:dc:d5:3f:2f:07:e6:a9:b6:d5:b7:9a:fa:74:e5:
81:bb:31:60:f2:f9:ce:d3:76:27:60:14:e4:67:1d:d4:d2:84:
f9:80:53:d8:b3:e5:34:73:d7:03:fa:4f:70:58:c6:3e:36:15:
c8:a8:10:25:50:c5:57:7d:ad:52:ed:41:87:af:c6:35:c5:1c:
fc:fa:0f:38:a2:c9:59:2c:f7:6c:08:54:1a:b3:b1:a9:3c:05:
6f:f3:6c:80:97:b1:13:89:63:9f:2b:6c:7d:f6:7c:e0:92:3f:
4c:1c:12:2c:08:a0:93:d2:ee:51:89:c5:af:00:60:4a:33:f0:
b2:32:fb:bc:19:c7:cd:64:a3:7e:53:d1:f5:3a:82:7f:11:e6:
8e:b3:6c:f1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYznENEMeeSSxF5y+qAEDmDXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA4MDMxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzI0MDgxNzM0MGI2MGQwYjJiNmFjYTdkYmIyMzZhOWJkNDk0ZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzux3aVpC4hIrwBHmbN9WAAst7SA9
Z0prpIv4Dnw59/J23OHCHioxywMiMTnTOxsVopnfAS+eWSqOgBQF2mrY04TNmigH
+B7U3qlPV9RV6SQKTSbnMyTPOnOlQonnxgC6qcvlmgwHmjtl9vgUHbaPJYO/9ueK
AiUtllI04QET9tiPRxl6/JMYar6FacUc6pgU2BzCOBjgS5whU1ZgqHxngikb5ovN
uQGPeIu9M17GC3R1exjdd+neXIau29euQVzJBe76wgw1F1IFU+u/uEZzHzTnjVGU
ezQTVxTVKecmxm1JuTHevDrbz2Wv+VYZBZD7OHCjx2pYar1qoZJUDlzw6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPMkCBc0C2DQsrasp9uyNqm9SU3KMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOHlRSUZ6UUxZTkN5dHF5bjI3STJxYjFKVGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAweoOC8019xo3pF5BKj
hEfFT/bjvM/2KuzgamG6730dsqQc5mCd03IWfsRh3m0jfYmbYmDJI8prIY+98rEE
KGJ/v+wH3I1JeHHhaSUmfgYXN4+I0mF21cBjkakF6SnPW9WvYE9mAm6XGnGVh+qU
Fo3c1T8vB+apttW3mvp05YG7MWDy+c7TdidgFORnHdTShPmAU9iz5TRz1wP6T3BY
xj42FcioECVQxVd9rVLtQYevxjXFHPz6DziiyVks92wIVBqzsak8BW/zbICXsROJ
Y58rbH32fOCSP0wcEiwIoJPS7lGJxa8AYEoz8LIy+7wZx81ko35T0fU6gn8R5o6z
bPE=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:57 2025 by rpki-client