Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9SqGXReDtdip54Ud4TfR0cw6T98.roa
File: 9SqGXReDtdip54Ud4TfR0cw6T98.roa (raw, json)
Hash identifier: 66dHjTQSdLnR58R0ChZtN9Akh3tAMz7p8fA+C5eEi68=
Subject key identifier: F5:2A:86:5D:17:83:B5:D8:A9:E7:85:1D:E1:37:D1:D1:CC:3A:4F:DF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFB35446D615FF8D48A62A68C859DA68B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9SqGXReDtdip54Ud4TfR0cw6T98.roa
Signing time: Fri 01 Mar 2024 18:09:48 +0000
ROA not before: Fri 01 Mar 2024 18:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fb:35:44:6d:61:5f:f8:d4:8a:62:a6:8c:85:9d:a6:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 1 18:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f52a865d1783b5d8a9e7851de137d1d1cc3a4fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8f:37:5a:f3:35:c3:a6:b8:2c:74:e6:81:b0:
35:de:49:02:44:30:c9:c5:25:85:63:ba:6b:f9:f9:
57:37:2b:bd:e9:43:a6:f3:9e:cd:c4:be:72:0a:c7:
8c:2f:0e:6b:ae:93:41:ea:ab:dd:15:7a:e3:00:4c:
da:9e:26:70:c7:42:e5:1c:4a:76:2f:26:cf:f4:07:
ea:ed:00:cc:a8:dd:cd:88:e7:3d:e4:7e:a7:b5:2a:
b3:74:f7:90:56:d9:48:ce:13:60:e6:d3:58:0d:b0:
07:4d:2f:16:95:81:f9:f5:89:1f:61:cd:ec:88:78:
e9:51:db:a7:a1:3e:ee:af:99:e1:e2:70:28:8e:47:
ba:4a:74:08:15:01:8f:a5:32:d0:ba:47:17:a1:7f:
2f:97:a3:c3:80:9f:a7:79:32:e0:d0:bb:a2:6e:ae:
da:13:23:e5:be:94:d1:42:f4:27:ae:30:51:8d:0e:
6d:19:9a:12:90:3c:ad:12:01:b4:e9:7d:c7:4a:19:
1e:cb:e7:f6:e8:6b:3a:76:b8:b1:d3:f1:15:35:71:
89:0a:24:a5:6d:8d:3e:9a:fd:0a:74:b1:c7:7d:be:
a1:fa:31:93:ee:3f:17:41:46:5e:60:f8:80:e8:81:
ff:20:fa:e0:c4:2a:42:9a:55:b8:4d:66:aa:50:ab:
b0:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:2A:86:5D:17:83:B5:D8:A9:E7:85:1D:E1:37:D1:D1:CC:3A:4F:DF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9SqGXReDtdip54Ud4TfR0cw6T98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:36:a0:25:91:3d:4f:ed:fd:67:47:98:f6:98:30:63:4c:ff:
09:e5:c5:c3:19:d0:30:3e:4a:fc:30:ac:ff:dd:39:c2:24:22:
e2:31:ba:6c:13:75:7f:f5:f6:c1:eb:e5:7c:42:37:47:98:e7:
cd:dd:2f:0e:a7:93:22:cd:da:09:43:42:a3:e2:66:3a:8d:a2:
c5:f8:44:d9:ef:56:de:a3:71:8d:ff:85:5a:31:3d:da:a1:a0:
95:8d:c2:be:ef:4f:37:37:52:5e:92:e7:b0:04:ab:c9:6a:71:
8d:8c:18:7c:b7:90:b3:22:f2:70:52:89:bb:9e:29:1c:d3:8f:
37:7f:ac:35:58:3b:66:c6:14:83:37:61:bb:2b:81:a6:f7:9e:
65:8c:b9:d8:f7:47:66:25:4e:da:89:d9:50:3f:af:0f:ae:66:
2a:f1:dc:a8:5b:95:bd:16:7e:a5:0b:2f:27:74:b5:ba:d5:62:
e7:38:35:2a:82:75:33:3e:b5:6f:a2:d4:43:58:e4:dc:c5:9a:
a1:61:71:5b:fb:32:30:dc:34:e2:3f:65:b3:dd:dd:c2:75:a6:
31:21:f2:de:f2:8b:a1:13:06:af:dc:3d:29:64:02:8f:bc:72:
5a:66:51:c9:15:cb:d2:58:34:d6:54:c9:55:32:fc:bb:17:d9:
eb:4c:01:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY37NURtYV/41IpipoyFnaaLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAxMTgwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTJhODY1ZDE3ODNiNWQ4YTllNzg1MWRlMTM3ZDFkMWNjM2E0ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI83WvM1w6a4LHTmgbA13kkCRDDJ
xSWFY7pr+flXNyu96UOm857NxL5yCseMLw5rrpNB6qvdFXrjAEzaniZwx0LlHEp2
LybP9Afq7QDMqN3NiOc95H6ntSqzdPeQVtlIzhNg5tNYDbAHTS8WlYH59YkfYc3s
iHjpUdunoT7ur5nh4nAojke6SnQIFQGPpTLQukcXoX8vl6PDgJ+neTLg0Luibq7a
EyPlvpTRQvQnrjBRjQ5tGZoSkDytEgG06X3HShkey+f26Gs6drix0/EVNXGJCiSl
bY0+mv0KdLHHfb6h+jGT7j8XQUZeYPiA6IH/IPrgxCpCmlW4TWaqUKuwtwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPUqhl0Xg7XYqeeFHeE30dHMOk/fMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOVNxR1hSZUR0ZGlwNTRVZDRUZlIwY3c2VDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACQ2oCWRPU/t/WdHmPaY
MGNM/wnlxcMZ0DA+SvwwrP/dOcIkIuIxumwTdX/19sHr5XxCN0eY583dLw6nkyLN
2glDQqPiZjqNosX4RNnvVt6jcY3/hVoxPdqhoJWNwr7vTzc3Ul6S57AEq8lqcY2M
GHy3kLMi8nBSibueKRzTjzd/rDVYO2bGFIM3Ybsrgab3nmWMudj3R2YlTtqJ2VA/
rw+uZirx3Khblb0WfqULLyd0tbrVYuc4NSqCdTM+tW+i1ENY5NzFmqFhcVv7MjDc
NOI/ZbPd3cJ1pjEh8t7yi6ETBq/cPSlkAo+8clpmUckVy9JYNNZUyVUy/LsX2etM
AWc=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:13 2025 by rpki-client