Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9CPue2WWbwr6-NoLab5pvZ1HBps.roa
File: 9CPue2WWbwr6-NoLab5pvZ1HBps.roa (raw, json)
Hash identifier: jAcjl0bjhVPSXqC+NEJaFD8IdWw4Sv/etZrkWfc6A+I=
Subject key identifier: F4:23:EE:7B:65:96:6F:0A:FA:F8:DA:0B:69:BE:69:BD:9D:47:06:9B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D97DC5512CA80A373BA3AEA0A1F316D39
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9CPue2WWbwr6-NoLab5pvZ1HBps.roa
Signing time: Sun 11 Feb 2024 11:10:15 +0000
ROA not before: Sun 11 Feb 2024 11:10:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:97:dc:55:12:ca:80:a3:73:ba:3a:ea:0a:1f:31:6d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 11:10:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f423ee7b65966f0afaf8da0b69be69bd9d47069b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7f:64:49:29:d2:95:b3:89:80:6a:0d:fa:2b:
c7:59:53:c5:0a:cc:cb:93:e8:17:f8:4a:80:07:c2:
54:87:d5:5c:8e:35:5f:89:05:20:3e:d8:f1:fd:b1:
8f:5a:5f:fb:f6:b0:09:10:a6:a7:ed:ad:e0:1d:e9:
76:c4:41:a7:5b:06:44:24:c1:b2:a7:21:87:a4:d6:
0d:5e:be:65:0f:73:2c:0b:19:90:d1:2d:4d:11:6e:
b4:f2:05:30:0d:b1:b2:25:95:a3:89:13:98:75:86:
6d:43:c4:77:2c:91:79:7e:dd:cd:d9:77:2d:75:58:
ca:dc:1b:be:72:2b:4d:c3:3d:41:7a:35:58:be:8f:
5c:12:f5:a5:b6:0b:2e:64:16:1c:b1:7b:e9:04:82:
1a:e2:bd:8e:62:10:91:14:87:2f:1e:fa:ff:16:5c:
b4:07:75:c9:e5:bb:c0:ba:5c:b7:a3:79:a8:16:60:
37:6c:ba:fc:4f:55:1c:45:c1:b8:5d:47:ba:e2:7e:
a1:9f:7f:e4:cd:dc:0d:36:bf:30:49:43:a4:b4:ea:
2f:35:11:b1:98:5a:6c:7e:f6:6c:7e:b5:8c:3c:49:
71:81:cd:7c:06:ec:9a:59:d2:39:3c:d4:3b:06:24:
1f:bb:c0:ea:d2:22:09:c3:46:3e:49:ad:89:6d:2b:
13:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:23:EE:7B:65:96:6F:0A:FA:F8:DA:0B:69:BE:69:BD:9D:47:06:9B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9CPue2WWbwr6-NoLab5pvZ1HBps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:6b:da:f6:15:2d:10:86:4f:e5:0c:a9:03:6a:60:f2:f8:05:
86:df:4b:c2:30:90:a4:79:4a:a2:ee:3e:d5:dd:78:e8:fd:35:
a1:f6:c3:fa:8a:bc:fa:51:6a:b9:ac:81:41:99:5e:bc:13:50:
d2:81:40:7b:fa:b0:86:70:96:ed:81:df:17:a1:68:2e:a6:52:
2f:f6:c6:34:ed:1b:f2:6c:49:bb:5b:5a:a2:c4:53:75:8d:87:
b8:3a:5a:a2:ee:d2:ad:ac:dc:af:91:ad:6c:8c:c5:b3:7e:f6:
90:96:e0:d5:bb:3b:b0:29:ad:d7:a8:0f:e6:fa:05:ef:49:66:
92:0b:1d:27:74:f4:0b:bd:7b:99:1f:50:26:16:7f:d2:d7:96:
af:f5:19:7d:43:d9:35:f6:7f:25:69:98:a2:98:8d:30:c8:29:
0c:32:2e:4e:cf:f7:23:c0:b9:72:c4:10:6d:c2:6a:0c:08:b3:
62:4b:8b:1f:a3:f8:01:22:ae:3c:75:1e:9d:a1:34:4b:20:33:
14:e4:5a:b9:a4:d3:57:0c:ac:87:80:10:84:24:9a:45:17:0b:
07:00:71:1e:32:0f:d1:81:22:4d:64:ca:29:e8:24:c0:a9:db:
da:7e:5c:c6:7d:a3:58:f1:b5:44:92:52:61:e1:01:50:a7:1e:
94:41:2e:c3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2X3FUSyoCjc7o66gofMW05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMTExMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDIzZWU3YjY1OTY2ZjBhZmFmOGRhMGI2OWJlNjliZDlkNDcwNjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn9kSSnSlbOJgGoN+ivHWVPFCszL
k+gX+EqAB8JUh9VcjjVfiQUgPtjx/bGPWl/79rAJEKan7a3gHel2xEGnWwZEJMGy
pyGHpNYNXr5lD3MsCxmQ0S1NEW608gUwDbGyJZWjiROYdYZtQ8R3LJF5ft3N2Xct
dVjK3Bu+citNwz1BejVYvo9cEvWltgsuZBYcsXvpBIIa4r2OYhCRFIcvHvr/Fly0
B3XJ5bvAuly3o3moFmA3bLr8T1UcRcG4XUe64n6hn3/kzdwNNr8wSUOktOovNRGx
mFpsfvZsfrWMPElxgc18BuyaWdI5PNQ7BiQfu8Dq0iIJw0Y+Sa2JbSsTDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPQj7ntllm8K+vjaC2m+ab2dRwabMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOUNQdWUyV1did3I2LU5vTGFiNXB2WjFIQnBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD9r2vYVLRCGT+UMqQNq
YPL4BYbfS8IwkKR5SqLuPtXdeOj9NaH2w/qKvPpRarmsgUGZXrwTUNKBQHv6sIZw
lu2B3xehaC6mUi/2xjTtG/JsSbtbWqLEU3WNh7g6WqLu0q2s3K+RrWyMxbN+9pCW
4NW7O7AprdeoD+b6Be9JZpILHSd09Au9e5kfUCYWf9LXlq/1GX1D2TX2fyVpmKKY
jTDIKQwyLk7P9yPAuXLEEG3CagwIs2JLix+j+AEirjx1Hp2hNEsgMxTkWrmk01cM
rIeAEIQkmkUXCwcAcR4yD9GBIk1kyinoJMCp29p+XMZ9o1jxtUSSUmHhAVCnHpRB
LsM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:18 2025 by rpki-client