Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9LDRLKZ7d6SWXLVOKSbxmoQHmZs.roa
File: 9LDRLKZ7d6SWXLVOKSbxmoQHmZs.roa (raw, json)
Hash identifier: 1Ivh8l9UKFmQisPeupZ16HI8NRLggyQFB/scU/F+H4Y=
Subject key identifier: F4:B0:D1:2C:A6:7B:77:A4:96:5C:B5:4E:29:26:F1:9A:84:07:99:9B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF64DC4771FC1B4C0932FC209A22128D5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9LDRLKZ7d6SWXLVOKSbxmoQHmZs.roa
Signing time: Thu 11 Jan 2024 02:15:40 +0000
ROA not before: Thu 11 Jan 2024 02:15:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f6:4d:c4:77:1f:c1:b4:c0:93:2f:c2:09:a2:21:28:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 11 02:15:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4b0d12ca67b77a4965cb54e2926f19a8407999b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:11:58:89:44:5e:7b:59:e1:5d:50:5a:4b:c0:
2c:a0:89:d9:ca:4a:f2:5c:24:8f:0f:f5:56:0e:d5:
c1:1f:e1:3d:09:b5:f8:d1:84:12:61:84:03:63:bb:
91:5a:51:7b:09:9a:4a:f4:bb:2a:fc:c0:26:64:19:
c7:26:33:ab:fc:79:73:db:c6:a8:c2:77:88:e6:4a:
00:83:02:21:4a:3f:f5:09:a6:0d:e2:dc:ef:1a:9d:
53:16:12:45:46:d5:aa:9e:01:9a:a4:57:fc:eb:db:
64:60:07:d6:d4:24:82:2b:d5:dc:ea:53:5e:40:1d:
f3:66:8d:b5:2d:91:d9:91:37:3e:b1:63:09:41:e3:
23:ec:e2:3e:5f:ca:b5:1e:f6:19:69:c7:dc:77:ea:
be:bf:10:31:14:28:d0:1e:02:52:78:7f:9c:a7:c9:
85:5d:1c:76:e1:c3:15:ce:93:e0:d1:27:aa:38:1f:
41:39:b5:c8:57:82:6e:ac:98:b5:0d:92:2c:b8:61:
1f:be:30:69:71:38:a0:d0:36:86:c5:1a:73:45:25:
c2:9f:17:ca:68:a7:8d:64:59:b9:28:2c:b2:46:8b:
9b:de:37:be:33:e3:19:77:fd:9d:1c:07:62:70:b8:
9a:36:13:21:59:58:0d:2b:52:6e:88:63:41:26:78:
5d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B0:D1:2C:A6:7B:77:A4:96:5C:B5:4E:29:26:F1:9A:84:07:99:9B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9LDRLKZ7d6SWXLVOKSbxmoQHmZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:0d:04:2a:8a:99:2c:a7:d4:93:09:98:98:50:39:73:49:17:
df:3e:6c:27:a7:72:fc:b5:59:5d:63:3c:4b:4b:cd:6a:1c:05:
e6:56:89:f6:19:da:8c:30:59:02:61:42:98:87:17:98:38:89:
36:8e:3f:23:3d:43:7d:c5:01:2e:8c:cf:aa:00:87:8e:59:f3:
78:c5:69:41:e0:f2:ac:aa:e1:32:17:18:da:43:42:ab:cd:f4:
0d:d7:af:67:68:36:ac:3f:12:2c:05:ab:18:29:2c:81:f8:87:
18:ff:c8:a3:1e:b7:45:a3:58:c1:b8:7d:6a:d0:80:a8:c7:ca:
ee:ed:e7:1e:a1:05:38:f4:e7:de:33:23:25:83:9b:28:f6:f8:
a6:3d:ac:3f:00:d2:be:38:40:48:28:0b:ec:78:ef:59:f1:c9:
46:17:97:35:93:1d:74:f0:36:77:2b:dc:ff:bb:d6:f6:54:ab:
2f:b9:b1:ba:df:92:79:b4:c5:cf:ba:2e:9b:27:be:f8:0b:c6:
44:9c:69:71:79:30:2a:89:f9:f7:39:d9:3a:0d:6b:42:64:fb:
d5:b7:3f:de:77:64:3a:50:d8:27:8d:2c:4f:f3:ae:f9:2f:9a:
39:a7:29:55:be:bd:85:0e:45:b4:24:01:cb:77:13:c1:39:25:
28:52:6b:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYz2TcR3H8G0wJMvwgmiISjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTExMDIxNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGIwZDEyY2E2N2I3N2E0OTY1Y2I1NGUyOTI2ZjE5YTg0MDc5OTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghFYiURee1nhXVBaS8AsoInZykry
XCSPD/VWDtXBH+E9CbX40YQSYYQDY7uRWlF7CZpK9Lsq/MAmZBnHJjOr/Hlz28ao
wneI5koAgwIhSj/1CaYN4tzvGp1TFhJFRtWqngGapFf869tkYAfW1CSCK9Xc6lNe
QB3zZo21LZHZkTc+sWMJQeMj7OI+X8q1HvYZacfcd+q+vxAxFCjQHgJSeH+cp8mF
XRx24cMVzpPg0SeqOB9BObXIV4JurJi1DZIsuGEfvjBpcTig0DaGxRpzRSXCnxfK
aKeNZFm5KCyyRoub3je+M+MZd/2dHAdicLiaNhMhWVgNK1JuiGNBJnhd6QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSw0Syme3eklly1Tikm8ZqEB5mbMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOUxEUkxLWjdkNlNXWExWT0tTYnhtb1FIbVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGMNBCqKmSyn1JMJmJhQ
OXNJF98+bCencvy1WV1jPEtLzWocBeZWifYZ2owwWQJhQpiHF5g4iTaOPyM9Q33F
AS6Mz6oAh45Z83jFaUHg8qyq4TIXGNpDQqvN9A3Xr2doNqw/EiwFqxgpLIH4hxj/
yKMet0WjWMG4fWrQgKjHyu7t5x6hBTj0594zIyWDmyj2+KY9rD8A0r44QEgoC+x4
71nxyUYXlzWTHXTwNncr3P+71vZUqy+5sbrfknm0xc+6LpsnvvgLxkScaXF5MCqJ
+fc52ToNa0Jk+9W3P953ZDpQ2CeNLE/zrvkvmjmnKVW+vYUORbQkAct3E8E5JShS
a0s=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:53 2025 by rpki-client