Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9Fy3LosE1qI_XjjR_Bl39opMMFw.roa
File: 9Fy3LosE1qI_XjjR_Bl39opMMFw.roa (raw, json)
Hash identifier: InlAlmj/HcnKHsxKdGxoQWMIXgo9s9WDaAyZPUIXigs=
Subject key identifier: F4:5C:B7:2E:8B:04:D6:A2:3F:5E:38:D1:FC:19:77:F6:8A:4C:30:5C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB1A1294E8848CBE10069D85867EE7587
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9Fy3LosE1qI_XjjR_Bl39opMMFw.roa
Signing time: Thu 28 Dec 2023 18:12:58 +0000
ROA not before: Thu 28 Dec 2023 18:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b1:a1:29:4e:88:48:cb:e1:00:69:d8:58:67:ee:75:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 28 18:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f45cb72e8b04d6a23f5e38d1fc1977f68a4c305c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:84:c2:62:80:2b:86:1f:32:ee:16:fb:a9:8f:
04:93:dd:ff:34:e2:80:ee:61:7e:20:bf:d7:1e:17:
ae:ed:26:27:20:84:87:e4:f8:09:50:cd:a5:a8:cb:
fa:26:69:91:53:6e:95:61:52:4e:96:01:aa:33:41:
5a:98:13:8c:c4:f3:db:b3:c2:8f:0c:f6:a5:a0:9e:
d8:ce:9c:60:21:92:ff:76:50:00:0b:8c:49:f8:10:
f1:32:07:d5:a6:20:10:d6:2d:1f:a9:db:d7:b2:bd:
21:1b:48:78:5f:52:4c:f0:2a:94:ce:5d:f1:9e:01:
0f:04:07:7b:9e:1f:58:46:a3:e6:2b:ff:35:93:bd:
a5:63:ae:5a:d3:84:9e:62:1e:ab:bb:1e:3c:a9:9c:
af:b4:7a:a1:2b:73:0a:91:d4:06:26:8b:01:e9:8d:
e5:41:89:5c:1f:83:74:ee:25:90:07:cd:c6:79:f7:
2d:7f:0f:01:c7:1e:45:c7:e6:5f:99:6a:3c:c9:9b:
61:3b:17:04:ac:03:4f:1d:4c:a1:70:50:62:8c:47:
6c:1e:2c:d9:4f:c4:d5:b8:3a:d7:f4:e8:d5:d6:fb:
86:ae:d5:d5:35:fe:5b:a6:b1:fb:59:38:35:92:f8:
0d:4f:55:e7:fa:2c:08:70:8e:a2:d4:da:fb:6a:76:
a4:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:5C:B7:2E:8B:04:D6:A2:3F:5E:38:D1:FC:19:77:F6:8A:4C:30:5C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9Fy3LosE1qI_XjjR_Bl39opMMFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:81:bb:fa:6e:0e:f7:04:93:b5:b0:7e:db:da:4c:2c:0b:39:
6f:d2:7e:81:8f:09:07:9e:44:42:66:b4:15:98:a5:a0:85:44:
98:c1:3f:e3:28:c7:5d:22:d9:18:db:33:cc:62:93:86:db:fe:
ac:c8:0c:07:79:7b:c2:68:d2:82:f7:2c:49:b3:78:a2:91:95:
83:37:f9:12:07:53:ec:d4:f4:cc:84:dd:89:cc:79:d4:b7:b5:
cb:9d:05:ef:d6:e2:5d:35:2e:f6:76:36:c4:37:d3:c1:f7:ae:
10:57:66:c5:3c:ab:d6:f6:2e:d8:6a:b5:6f:e6:da:44:8a:70:
a8:be:0c:81:3a:ce:47:4b:b3:31:12:f6:9a:e7:5f:04:2a:f6:
a7:8f:64:b3:df:1d:e4:f9:17:44:fe:c6:ce:a2:b5:ab:59:1a:
fc:9c:0b:43:07:8a:82:a0:a3:be:94:d1:6f:ae:13:96:aa:3a:
37:40:24:04:2e:a6:c2:bb:5e:20:5a:4b:f1:57:45:b1:d1:dd:
51:32:07:d0:68:71:ae:b1:d6:31:d2:79:12:a0:3c:f0:73:a6:
6d:1d:be:d0:8c:cd:2d:76:f3:67:93:f7:f0:79:08:36:ff:f8:
a2:1f:7e:ff:70:e9:f5:fa:e7:30:c6:05:cf:b4:21:2c:17:41:
10:3a:42:f8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyxoSlOiEjL4QBp2Fhn7nWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI4MTgxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDVjYjcyZThiMDRkNmEyM2Y1ZTM4ZDFmYzE5NzdmNjhhNGMzMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYTCYoArhh8y7hb7qY8Ek93/NOKA
7mF+IL/XHheu7SYnIISH5PgJUM2lqMv6JmmRU26VYVJOlgGqM0FamBOMxPPbs8KP
DPaloJ7YzpxgIZL/dlAAC4xJ+BDxMgfVpiAQ1i0fqdvXsr0hG0h4X1JM8CqUzl3x
ngEPBAd7nh9YRqPmK/81k72lY65a04SeYh6rux48qZyvtHqhK3MKkdQGJosB6Y3l
QYlcH4N07iWQB83Gefctfw8Bxx5Fx+ZfmWo8yZthOxcErANPHUyhcFBijEdsHizZ
T8TVuDrX9OjV1vuGrtXVNf5bprH7WTg1kvgNT1Xn+iwIcI6i1Nr7anakHwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPRcty6LBNaiP1440fwZd/aKTDBcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOUZ5M0xvc0UxcUlfWGpqUl9CbDM5b3BNTUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFmBu/puDvcEk7Wwftva
TCwLOW/SfoGPCQeeREJmtBWYpaCFRJjBP+Mox10i2RjbM8xik4bb/qzIDAd5e8Jo
0oL3LEmzeKKRlYM3+RIHU+zU9MyE3YnMedS3tcudBe/W4l01LvZ2NsQ308H3rhBX
ZsU8q9b2LthqtW/m2kSKcKi+DIE6zkdLszES9prnXwQq9qePZLPfHeT5F0T+xs6i
tatZGvycC0MHioKgo76U0W+uE5aqOjdAJAQupsK7XiBaS/FXRbHR3VEyB9Boca6x
1jHSeRKgPPBzpm0dvtCMzS1282eT9/B5CDb/+KIffv9w6fX65zDGBc+0ISwXQRA6
Qvg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:40 2025 by rpki-client