Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/902KM3jTSowsw9PsJ7NZ16sBuOE.roa
File: 902KM3jTSowsw9PsJ7NZ16sBuOE.roa (raw, json)
Hash identifier: 8wdkam8lqxPjxJR/gcYULYnhOp04L/6MZfEIBvANAT8=
Subject key identifier: F7:4D:8A:33:78:D3:4A:8C:2C:C3:D3:EC:27:B3:59:D7:AB:01:B8:E1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD618D5B1867E48D84CD07361DB65A587
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/902KM3jTSowsw9PsJ7NZ16sBuOE.roa
Signing time: Fri 23 Feb 2024 13:12:48 +0000
ROA not before: Fri 23 Feb 2024 13:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d6:18:d5:b1:86:7e:48:d8:4c:d0:73:61:db:65:a5:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 23 13:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f74d8a3378d34a8c2cc3d3ec27b359d7ab01b8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d8:91:20:e2:6c:b8:fe:04:c6:d8:e2:9c:57:
94:4f:f4:5e:7a:3a:5b:ab:c0:22:20:09:31:bd:3e:
77:ac:c2:b8:1e:05:a1:b0:c4:37:22:f1:23:55:e2:
36:e2:f5:d8:93:37:63:6d:7d:9e:0b:b7:8a:cc:41:
10:66:b8:76:8e:7e:8d:0c:af:d1:96:4e:46:f4:f0:
95:4c:e6:c2:82:b7:b2:63:ae:39:ce:82:74:75:c7:
54:6e:08:75:67:79:f7:02:89:df:8f:e8:e3:27:a1:
c4:d7:37:72:b8:0f:0f:b0:79:e8:92:cf:3f:3c:37:
e6:de:a7:fc:8b:cf:1a:ca:07:e7:a7:c3:bf:a5:d1:
01:c8:09:d3:0e:fd:30:d4:6c:ba:f2:3c:2c:b7:39:
e5:73:ed:62:43:07:81:dd:3b:4e:c4:14:3d:b2:df:
07:8e:e3:a5:a7:be:8f:25:ca:21:38:57:55:87:78:
c8:f8:b7:0e:12:0c:40:51:50:99:2c:8d:b1:7e:be:
4c:31:b9:ec:64:6e:76:f4:88:2a:16:9b:d0:c0:51:
a0:dc:d3:0f:06:05:69:7a:9b:bd:c7:16:79:9e:09:
29:2d:b7:12:3d:03:4e:a7:dc:89:a7:b4:d4:b3:1e:
a2:08:b3:08:08:75:d6:bd:64:df:47:e8:52:81:31:
50:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4D:8A:33:78:D3:4A:8C:2C:C3:D3:EC:27:B3:59:D7:AB:01:B8:E1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/902KM3jTSowsw9PsJ7NZ16sBuOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7b:bd:6e:d7:67:17:03:e2:6c:8d:21:ea:97:8d:41:9d:05:6a:
44:f2:de:60:b0:24:01:59:b1:e0:a3:c7:73:e3:bb:d0:6a:e0:
02:27:f9:08:81:79:2a:e4:16:9e:78:5d:41:9b:f7:f7:c3:d9:
b4:ba:fb:21:86:cf:91:dd:42:9c:16:5a:d4:b8:e1:b8:15:79:
cf:28:44:5d:8d:6e:bf:eb:d7:7f:57:f6:b0:71:31:6c:5b:05:
44:82:4e:2b:6f:a9:c9:6c:01:81:6d:a2:ed:0a:ab:c8:eb:ba:
16:66:1f:c4:d1:33:53:c3:64:b4:1d:da:00:d5:ab:66:16:70:
96:ac:5c:e5:89:74:4c:d4:ac:c4:a1:fa:9e:0b:92:42:7c:41:
ac:ac:8f:5e:24:77:06:f7:71:9a:db:8b:3f:cb:6b:25:e6:96:
0e:b1:0d:1a:60:5b:93:b7:75:c4:6c:37:bb:7e:8b:b4:08:71:
ae:cb:ff:e8:5b:a0:a0:65:13:10:04:aa:0c:bc:88:84:6a:fd:
08:06:97:2b:a2:f2:c2:06:90:0b:ac:be:e0:d1:f3:b9:d4:eb:
15:b2:f7:00:72:93:3f:2c:ab:55:e2:03:32:16:bb:fc:87:d2:
e8:b1:5a:85:27:39:d7:32:ee:a7:e9:6d:99:f7:33:18:fc:8e:
49:b4:3b:86
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3WGNWxhn5I2EzQc2HbZaWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIzMTMxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzRkOGEzMzc4ZDM0YThjMmNjM2QzZWMyN2IzNTlkN2FiMDFiOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNiRIOJsuP4ExtjinFeUT/Reejpb
q8AiIAkxvT53rMK4HgWhsMQ3IvEjVeI24vXYkzdjbX2eC7eKzEEQZrh2jn6NDK/R
lk5G9PCVTObCgreyY645zoJ0dcdUbgh1Z3n3Aonfj+jjJ6HE1zdyuA8PsHnoks8/
PDfm3qf8i88aygfnp8O/pdEByAnTDv0w1Gy68jwstznlc+1iQweB3TtOxBQ9st8H
juOlp76PJcohOFdVh3jI+LcOEgxAUVCZLI2xfr5MMbnsZG529IgqFpvQwFGg3NMP
BgVpepu9xxZ5ngkpLbcSPQNOp9yJp7TUsx6iCLMICHXWvWTfR+hSgTFQXQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPdNijN400qMLMPT7CezWderAbjhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOTAyS00zalRTb3dzdzlQc0o3TloxNnNCdU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHu9btdnFwPibI0h6peN
QZ0FakTy3mCwJAFZseCjx3Pju9Bq4AIn+QiBeSrkFp54XUGb9/fD2bS6+yGGz5Hd
QpwWWtS44bgVec8oRF2Nbr/r139X9rBxMWxbBUSCTitvqclsAYFtou0Kq8jruhZm
H8TRM1PDZLQd2gDVq2YWcJasXOWJdEzUrMSh+p4LkkJ8Qaysj14kdwb3cZrbiz/L
ayXmlg6xDRpgW5O3dcRsN7t+i7QIca7L/+hboKBlExAEqgy8iIRq/QgGlyui8sIG
kAusvuDR87nU6xWy9wBykz8sq1XiAzIWu/yH0uixWoUnOdcy7qfpbZn3Mxj8jkm0
O4Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:02 2025 by rpki-client