Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9K-nIsjXDw6ulxKq0fcUv_lwM0M.roa
File: 9K-nIsjXDw6ulxKq0fcUv_lwM0M.roa (raw, json)
Hash identifier: vBD3QVnXFGDgA2sIxWb1pQs1QaDXCb6sUxZ5qJSBEL4=
Subject key identifier: F4:AF:A7:22:C8:D7:0F:0E:AE:97:12:AA:D1:F7:14:BF:F9:70:33:43
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4C1B5C919C3A2CE79BFB31F2DA3E2CCE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9K-nIsjXDw6ulxKq0fcUv_lwM0M.roa
Signing time: Sun 17 Mar 2024 11:10:45 +0000
ROA not before: Sun 17 Mar 2024 11:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4c:1b:5c:91:9c:3a:2c:e7:9b:fb:31:f2:da:3e:2c:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 11:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4afa722c8d70f0eae9712aad1f714bff9703343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:98:ae:de:44:4f:00:c3:90:d9:2a:a2:52:7e:
be:e6:9d:6e:a9:b8:fc:64:84:39:42:97:c9:59:bb:
26:18:b0:44:87:90:1c:bc:a8:99:4b:5a:27:65:5d:
85:79:44:03:da:23:f2:60:6a:a2:35:19:2c:6b:be:
29:a5:6d:73:9a:ff:f6:e0:dc:c4:f9:66:ab:c0:44:
3e:dd:77:f4:6a:da:4b:28:2b:f0:bd:7b:1b:89:2e:
ab:4a:38:5e:6d:12:bd:62:74:a0:4f:e8:de:6f:51:
e4:04:76:0e:ca:39:05:0a:5f:d2:29:40:20:3f:e2:
36:1f:6c:5a:5c:b4:cc:e4:eb:08:e0:0e:4b:87:c5:
38:9c:fc:76:cd:fc:5f:88:ec:6d:37:7d:87:9c:e8:
58:ad:89:70:e6:16:a7:b6:eb:9d:70:4e:ab:de:5c:
57:bc:99:d7:a3:e1:10:a2:d8:e5:a6:ec:b1:cd:da:
f7:59:0d:45:ec:fa:09:63:50:da:25:0c:d5:b2:59:
fa:e7:c2:e8:40:9a:a8:98:8d:ca:e9:49:89:0f:77:
f0:6d:68:3b:1f:5c:23:f4:cc:8d:a3:7c:67:07:fe:
82:53:56:29:15:21:8a:24:98:61:a3:1b:cd:b7:b6:
6d:5e:81:39:60:59:88:b9:bf:cc:d3:25:01:34:f0:
de:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AF:A7:22:C8:D7:0F:0E:AE:97:12:AA:D1:F7:14:BF:F9:70:33:43
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9K-nIsjXDw6ulxKq0fcUv_lwM0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:55:56:c4:41:6a:c7:ba:9f:49:74:f4:63:e2:8d:a1:7e:c3:
c7:05:da:61:08:57:0e:7c:8b:69:e5:3a:af:ab:42:4e:6d:a0:
ba:57:ef:52:47:77:46:71:ff:1c:db:10:26:9c:9b:c6:5a:21:
d6:a3:35:06:e1:1e:3c:f2:b1:8f:20:61:62:34:3a:7c:59:62:
ba:8a:18:42:da:db:e8:50:ac:a4:6e:f8:80:b3:bc:c9:9a:26:
49:8e:30:36:77:96:d3:0e:95:45:ff:b4:20:4e:36:e9:a8:f4:
b1:78:69:22:eb:cc:0e:b0:2a:c4:e9:94:5c:51:cd:42:bb:55:
5d:b9:44:86:66:57:58:8b:f5:08:b8:b4:17:8b:e4:ca:3d:de:
28:33:6a:f1:29:11:d7:a4:6d:3b:31:60:2f:c5:0a:fe:34:45:
6a:48:87:9e:56:7a:26:c3:81:96:36:e2:50:63:ac:71:c5:a0:
bf:29:7b:3b:cd:8e:95:e4:89:25:d4:d4:e8:a2:c5:56:bd:79:
4e:bb:03:bb:11:f6:1a:a6:d4:1f:1c:7b:c6:26:84:48:55:f4:
29:e9:2c:d2:cb:1b:ad:54:b5:cd:82:28:56:5f:43:00:9d:b6:
fb:7a:08:6a:09:07:2b:e8:20:d1:e1:12:b5:32:fa:14:f6:d7:
d3:cb:38:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5MG1yRnDos55v7MfLaPizOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MTExMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFmYTcyMmM4ZDcwZjBlYWU5NzEyYWFkMWY3MTRiZmY5NzAzMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipiu3kRPAMOQ2SqiUn6+5p1uqbj8
ZIQ5QpfJWbsmGLBEh5AcvKiZS1onZV2FeUQD2iPyYGqiNRksa74ppW1zmv/24NzE
+WarwEQ+3Xf0atpLKCvwvXsbiS6rSjhebRK9YnSgT+jeb1HkBHYOyjkFCl/SKUAg
P+I2H2xaXLTM5OsI4A5Lh8U4nPx2zfxfiOxtN32HnOhYrYlw5hantuudcE6r3lxX
vJnXo+EQotjlpuyxzdr3WQ1F7PoJY1DaJQzVsln658LoQJqomI3K6UmJD3fwbWg7
H1wj9MyNo3xnB/6CU1YpFSGKJJhhoxvNt7ZtXoE5YFmIub/M0yUBNPDeZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSvpyLI1w8OrpcSqtH3FL/5cDNDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOUstbklzalhEdzZ1bHhLcTBmY1V2X2x3TTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHVVVsRBase6n0l09GPi
jaF+w8cF2mEIVw58i2nlOq+rQk5toLpX71JHd0Zx/xzbECacm8ZaIdajNQbhHjzy
sY8gYWI0OnxZYrqKGELa2+hQrKRu+ICzvMmaJkmOMDZ3ltMOlUX/tCBONumo9LF4
aSLrzA6wKsTplFxRzUK7VV25RIZmV1iL9Qi4tBeL5Mo93igzavEpEdekbTsxYC/F
Cv40RWpIh55WeibDgZY24lBjrHHFoL8pezvNjpXkiSXU1OiixVa9eU67A7sR9hqm
1B8ce8YmhEhV9CnpLNLLG61Utc2CKFZfQwCdtvt6CGoJByvoINHhErUy+hT219PL
OAg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:52:07 2025 by rpki-client