Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9LNJASxdcgbJqoJrcERD7rIBS-Y.roa
File: 9LNJASxdcgbJqoJrcERD7rIBS-Y.roa (raw, json)
Hash identifier: K2lwxtnQ09ytmItC9gd0bYndhsWjAG/sKn/EhPC4aSs=
Subject key identifier: F4:B3:49:01:2C:5D:72:06:C9:AA:82:6B:70:44:43:EE:B2:01:4B:E6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C999AA62DE6637E466634539692366F7A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9LNJASxdcgbJqoJrcERD7rIBS-Y.roa
Signing time: Sun 24 Dec 2023 02:14:58 +0000
ROA not before: Sun 24 Dec 2023 02:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:99:9a:a6:2d:e6:63:7e:46:66:34:53:96:92:36:6f:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 02:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4b349012c5d7206c9aa826b704443eeb2014be6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f3:02:b0:1f:ed:e3:52:bd:76:dd:f8:64:63:
42:44:a1:e4:2d:96:53:ea:7f:8e:2b:1d:52:6a:09:
8c:fc:29:44:f6:84:09:4b:83:b4:16:d7:b9:06:37:
91:e9:49:d0:fe:a1:27:d9:31:00:bd:b6:fc:cc:cb:
78:2c:6f:b9:62:06:24:8b:09:f0:53:5c:68:ca:07:
45:05:9e:8a:4a:bb:f0:49:19:5e:55:0e:51:51:57:
dc:ba:93:bd:c3:ea:f9:f9:34:ba:d2:62:24:cd:db:
93:96:77:b7:af:82:64:af:ee:e0:e1:2b:ec:72:d4:
e0:3a:7d:c8:d4:88:f2:d2:3b:aa:92:14:ad:8b:60:
b4:d3:ce:e6:10:55:5f:35:14:93:19:48:b3:93:b6:
0a:66:ab:64:c8:eb:1a:8d:e9:fe:18:12:d3:1f:e9:
c7:83:7d:35:f2:94:e6:d4:4f:59:47:47:16:b6:ef:
c2:6a:7d:6b:16:a1:82:b1:a7:73:fd:16:79:d4:72:
09:c5:ea:4e:72:46:dd:9c:26:8b:b8:13:d3:b4:70:
ef:84:4e:0d:95:d6:33:09:17:16:2f:a8:d3:5a:11:
51:55:05:ce:30:3a:ea:41:c6:c6:ed:3e:36:1c:aa:
9c:38:72:e1:c0:7c:8f:9b:93:5f:1c:05:8a:75:ca:
db:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:B3:49:01:2C:5D:72:06:C9:AA:82:6B:70:44:43:EE:B2:01:4B:E6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9LNJASxdcgbJqoJrcERD7rIBS-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
18:6b:e4:b9:43:e9:af:39:a0:3d:18:be:9c:ce:47:81:4e:9c:
ed:02:e9:88:b4:2f:52:ec:4f:00:54:3c:1c:f9:e6:b4:2f:91:
88:db:65:5e:dd:e3:e2:29:27:3e:61:c9:f5:c5:42:d7:09:46:
b1:64:53:b1:0b:7f:e5:c3:03:e2:ee:48:cc:4a:5a:1a:d6:13:
88:81:c1:c4:80:19:21:c4:63:e0:73:1b:cf:e6:27:17:14:df:
d4:96:eb:31:d4:f3:4d:02:05:8f:77:ea:a1:8c:bc:c2:9c:c7:
96:cd:5b:9a:e8:05:3b:aa:ee:4b:1d:61:0e:4a:e9:21:42:48:
1f:0c:85:c6:12:55:eb:0f:fb:e3:33:05:55:9a:00:82:17:4d:
14:61:e5:52:66:22:27:aa:e9:65:b6:a9:8d:3e:8d:8d:34:0d:
5c:0e:a8:fc:34:b3:a8:2b:25:56:ee:e1:65:50:c1:ad:a3:ca:
55:5e:d9:30:6f:a8:63:ad:c6:04:e1:a0:f2:18:b5:b4:fa:bb:
74:b9:4f:b0:89:25:fa:4c:80:a9:18:b8:1d:ca:18:4b:51:e7:
21:47:83:0a:24:a4:cb:95:ca:23:18:be:34:36:dc:92:c6:37:
9e:98:cd:a8:fd:86:c0:24:b6:d7:14:1b:ba:aa:e0:55:d1:a1:
23:5b:8d:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyZmqYt5mN+RmY0U5aSNm96MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MDIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGIzNDkwMTJjNWQ3MjA2YzlhYTgyNmI3MDQ0NDNlZWIyMDE0YmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/MCsB/t41K9dt34ZGNCRKHkLZZT
6n+OKx1SagmM/ClE9oQJS4O0Fte5BjeR6UnQ/qEn2TEAvbb8zMt4LG+5YgYkiwnw
U1xoygdFBZ6KSrvwSRleVQ5RUVfcupO9w+r5+TS60mIkzduTlne3r4Jkr+7g4Svs
ctTgOn3I1Ijy0juqkhSti2C0087mEFVfNRSTGUizk7YKZqtkyOsajen+GBLTH+nH
g3018pTm1E9ZR0cWtu/Can1rFqGCsadz/RZ51HIJxepOckbdnCaLuBPTtHDvhE4N
ldYzCRcWL6jTWhFRVQXOMDrqQcbG7T42HKqcOHLhwHyPm5NfHAWKdcrbvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPSzSQEsXXIGyaqCa3BEQ+6yAUvmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOUxOSkFTeGRjZ2JKcW9KcmNFUkQ3cklCUy1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABhr5LlD6a85oD0YvpzO
R4FOnO0C6Yi0L1LsTwBUPBz55rQvkYjbZV7d4+IpJz5hyfXFQtcJRrFkU7ELf+XD
A+LuSMxKWhrWE4iBwcSAGSHEY+BzG8/mJxcU39SW6zHU800CBY936qGMvMKcx5bN
W5roBTuq7ksdYQ5K6SFCSB8MhcYSVesP++MzBVWaAIIXTRRh5VJmIieq6WW2qY0+
jY00DVwOqPw0s6grJVbu4WVQwa2jylVe2TBvqGOtxgThoPIYtbT6u3S5T7CJJfpM
gKkYuB3KGEtR5yFHgwokpMuVyiMYvjQ23JLGN56Yzaj9hsAkttcUG7qq4FXRoSNb
jQs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:29 2025 by rpki-client