Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9U2CtCY4TG7ooeMyE4Zas2-oHgs.roa
File: 9U2CtCY4TG7ooeMyE4Zas2-oHgs.roa (raw, json)
Hash identifier: HWnrOaLA4g/6PoAWXdDLnvo8Y0hbS4ty8jmpYC0V9Xg=
Subject key identifier: F5:4D:82:B4:26:38:4C:6E:E8:A1:E3:32:13:86:5A:B3:6F:A8:1E:0B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD4FEDA563C771A8C7DD8FA350E61F222
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9U2CtCY4TG7ooeMyE4Zas2-oHgs.roa
Signing time: Fri 23 Feb 2024 08:04:48 +0000
ROA not before: Fri 23 Feb 2024 08:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:d4fe:408d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d4:fe:da:56:3c:77:1a:8c:7d:d8:fa:35:0e:61:f2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 23 08:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f54d82b426384c6ee8a1e33213865ab36fa81e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:28:9a:45:cb:f3:64:1c:a7:25:56:fe:59:3e:
a1:50:9f:68:4f:66:4a:e5:09:1d:36:59:20:44:d6:
18:fd:43:2e:30:5f:63:27:48:43:f7:e5:78:1c:98:
4c:43:b6:66:24:c7:eb:13:ab:2a:13:d0:c6:22:4c:
2e:68:47:85:53:a3:08:56:76:81:2e:0f:97:bb:d3:
18:95:a0:a3:a4:11:2e:3d:5f:a6:47:8b:db:2b:8e:
19:54:a6:0f:a8:f6:98:5b:d7:0c:c7:1f:7a:02:27:
70:be:47:f5:f0:f9:f6:52:63:98:1d:5b:07:56:99:
62:a4:dc:48:1b:28:1f:b1:06:42:6b:55:d7:b8:92:
89:08:0f:ae:a6:cd:29:1a:c7:ce:e9:2a:bd:b9:ae:
d6:2a:c0:ed:16:0b:d9:e0:ba:26:5d:04:70:8a:0d:
6b:5b:eb:0c:c4:51:88:3f:98:c7:18:85:c6:51:15:
c1:3b:4c:72:8b:7a:ba:70:e8:8a:88:f6:75:9c:f8:
72:23:1a:3d:0e:d9:a5:96:0b:8d:e9:45:14:b7:d9:
6d:b9:d4:f6:ed:34:e9:62:6d:6a:41:46:2b:86:5f:
a2:7c:3c:97:6f:99:1d:23:f5:75:80:08:03:76:13:
08:dc:f0:ed:82:95:36:76:1a:b8:b8:27:4e:eb:db:
7e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:4D:82:B4:26:38:4C:6E:E8:A1:E3:32:13:86:5A:B3:6F:A8:1E:0B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9U2CtCY4TG7ooeMyE4Zas2-oHgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:cc:02:0e:0f:7b:72:04:90:85:8e:2b:3a:74:5a:b2:4f:64:
8a:e5:4f:97:79:3a:c0:cf:eb:6a:36:2d:a6:1e:3d:06:4c:a2:
ff:b6:5a:31:f3:40:bf:83:01:04:24:89:13:d1:b6:1b:67:ad:
84:5c:33:3b:e4:bc:87:98:6c:99:be:00:45:bd:63:43:5d:e5:
55:c1:b9:9c:9d:67:ba:28:a2:b3:80:d6:32:bd:7e:95:66:5b:
55:87:81:69:24:d4:57:81:c5:16:9d:ce:de:43:df:15:b6:bb:
25:bf:a1:a8:bf:7f:f0:30:17:f7:94:11:31:e2:78:e3:16:67:
07:f5:6a:94:2f:32:fd:a7:74:0f:89:7c:d5:0a:81:44:84:fc:
0d:fc:35:56:8c:f4:a6:ff:4d:54:49:d4:5a:9e:e2:1a:d1:99:
0b:c4:b0:64:5f:75:cd:df:62:2f:79:de:e2:3f:2a:97:dc:6d:
5b:ee:32:b5:cb:35:b4:10:ef:20:98:7a:d1:11:4f:ec:4e:fc:
34:3c:9f:db:77:55:8c:35:bd:f2:66:64:0f:4a:19:8b:ec:a8:
46:9d:24:a1:ac:a3:9f:c1:8c:eb:13:b6:bb:12:b4:2e:36:b9:
62:f5:74:5f:5d:f4:13:91:66:dc:f0:c6:fc:9b:72:71:b1:21:
a0:13:39:ae
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3U/tpWPHcajH3Y+jUOYfIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIzMDgwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTRkODJiNDI2Mzg0YzZlZThhMWUzMzIxMzg2NWFiMzZmYTgxZTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyiaRcvzZBynJVb+WT6hUJ9oT2ZK
5QkdNlkgRNYY/UMuMF9jJ0hD9+V4HJhMQ7ZmJMfrE6sqE9DGIkwuaEeFU6MIVnaB
Lg+Xu9MYlaCjpBEuPV+mR4vbK44ZVKYPqPaYW9cMxx96Aidwvkf18Pn2UmOYHVsH
VplipNxIGygfsQZCa1XXuJKJCA+ups0pGsfO6Sq9ua7WKsDtFgvZ4LomXQRwig1r
W+sMxFGIP5jHGIXGURXBO0xyi3q6cOiKiPZ1nPhyIxo9DtmllguN6UUUt9ltudT2
7TTpYm1qQUYrhl+ifDyXb5kdI/V1gAgDdhMI3PDtgpU2dhq4uCdO69t+NQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPVNgrQmOExu6KHjMhOGWrNvqB4LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOVUyQ3RDWTRURzdvb2VNeUU0WmFzMi1vSGdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH/MAg4Pe3IEkIWOKzp0
WrJPZIrlT5d5OsDP62o2LaYePQZMov+2WjHzQL+DAQQkiRPRthtnrYRcMzvkvIeY
bJm+AEW9Y0Nd5VXBuZydZ7ooorOA1jK9fpVmW1WHgWkk1FeBxRadzt5D3xW2uyW/
oai/f/AwF/eUETHieOMWZwf1apQvMv2ndA+JfNUKgUSE/A38NVaM9Kb/TVRJ1Fqe
4hrRmQvEsGRfdc3fYi953uI/KpfcbVvuMrXLNbQQ7yCYetERT+xO/DQ8n9t3VYw1
vfJmZA9KGYvsqEadJKGso5/BjOsTtrsStC42uWL1dF9d9BORZtzwxvybcnGxIaAT
Oa4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:42 2025 by rpki-client