Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9c9KFjZFqJJri6_BW5S8YEaiaaA.roa
File: 9c9KFjZFqJJri6_BW5S8YEaiaaA.roa (raw, json)
Hash identifier: lve7ccj/TdhSB7MlWy4lLQlPp8A1qE3dnZXweqIZkRc=
Subject key identifier: F5:CF:4A:16:36:45:A8:92:6B:8B:AF:C1:5B:94:BC:60:46:A2:69:A0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D20C9C9F20BB786A94BFDC781CEE9CB9A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9c9KFjZFqJJri6_BW5S8YEaiaaA.roa
Signing time: Fri 19 Jan 2024 08:15:11 +0000
ROA not before: Fri 19 Jan 2024 08:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:c9:c9:f2:0b:b7:86:a9:4b:fd:c7:81:ce:e9:cb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 19 08:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f5cf4a163645a8926b8bafc15b94bc6046a269a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f0:cf:c5:da:42:6d:c5:62:6d:ed:16:7a:d0:
5b:ea:3e:f5:26:1a:24:a2:13:d4:b3:30:d6:60:cf:
92:15:90:a1:be:1a:20:93:db:e4:9e:72:de:2a:33:
c6:57:1c:bf:a7:fe:cb:11:2d:9e:65:bf:78:76:ae:
4e:d1:83:19:78:78:96:7f:f7:97:22:6d:44:59:6e:
d1:a6:a9:dd:11:f7:1f:8f:96:10:89:75:91:d7:7a:
bb:7c:22:99:92:c8:a3:96:98:93:f5:02:b3:9c:bb:
f8:e6:f7:19:c9:0c:f0:53:50:e6:f4:67:d1:62:ae:
aa:07:74:22:07:51:cb:5e:78:c1:ae:6c:96:fd:c8:
ae:c4:05:82:a1:b8:8d:e0:7a:3b:60:38:f1:6a:97:
4d:c8:cd:28:5a:6b:76:59:37:1e:ee:74:64:0a:d5:
f8:8f:f1:49:67:9d:80:a1:4a:8b:42:f1:cd:80:61:
28:95:86:d9:d4:07:bf:6f:65:f4:b0:87:64:47:3a:
4f:a1:51:38:a3:84:35:c0:da:b4:a4:b8:42:79:02:
14:e7:0f:d0:d0:f0:b4:9e:44:df:60:70:e6:d1:4a:
0c:33:67:fb:ac:2e:f0:35:2a:5d:26:13:4a:97:ab:
c7:30:59:87:5e:3b:f2:f6:53:ae:e3:c3:d2:62:78:
04:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CF:4A:16:36:45:A8:92:6B:8B:AF:C1:5B:94:BC:60:46:A2:69:A0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9c9KFjZFqJJri6_BW5S8YEaiaaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
23:5f:b1:ed:f6:71:83:6f:8f:da:c2:d6:7c:c6:8f:2c:ac:bf:
9e:a9:5e:34:aa:87:ca:89:be:10:81:8f:3b:29:db:f2:d5:30:
a8:bb:52:e0:d9:09:1b:8b:f5:5c:7d:cc:49:74:68:c6:11:6d:
54:da:ea:c5:bd:35:c4:88:a0:11:d9:81:0f:c6:36:d9:53:a9:
ef:f6:93:e4:b2:28:a2:68:96:8d:ca:4c:57:2c:f4:55:69:4d:
0f:b9:28:d3:01:d4:e8:c4:9a:bf:f1:ba:62:a0:2b:f6:b4:10:
68:3e:53:e4:1c:e9:33:8a:fd:24:b6:a5:ca:03:da:65:14:10:
d0:90:e6:fd:30:96:5e:c8:e3:fc:64:2e:b5:07:9f:83:06:9a:
04:0a:a7:55:8c:6a:38:0a:d6:98:dd:fe:4c:4b:3d:c4:d8:31:
41:3a:ed:f7:52:c4:bb:ba:30:d0:d6:64:1e:33:e3:f4:83:6d:
04:8d:e4:83:d0:64:66:47:bb:47:c2:5e:4f:0e:14:5b:b7:a2:
2f:2d:af:8b:f5:ee:17:f8:63:a8:4e:3a:05:c1:d3:f9:bc:f6:
04:36:56:d7:f4:41:60:52:a4:27:cb:54:c2:ea:cf:f2:55:3c:
4f:b9:2a:9f:43:c7:57:a3:21:1b:fb:9d:cc:a1:2b:7a:0f:3f:
05:39:c9:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0gycnyC7eGqUv9x4HO6cuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE5MDgxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNmNGExNjM2NDVhODkyNmI4YmFmYzE1Yjk0YmM2MDQ2YTI2OWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/DPxdpCbcVibe0WetBb6j71Jhok
ohPUszDWYM+SFZChvhogk9vknnLeKjPGVxy/p/7LES2eZb94dq5O0YMZeHiWf/eX
Im1EWW7RpqndEfcfj5YQiXWR13q7fCKZksijlpiT9QKznLv45vcZyQzwU1Dm9GfR
Yq6qB3QiB1HLXnjBrmyW/ciuxAWCobiN4Ho7YDjxapdNyM0oWmt2WTce7nRkCtX4
j/FJZ52AoUqLQvHNgGEolYbZ1Ae/b2X0sIdkRzpPoVE4o4Q1wNq0pLhCeQIU5w/Q
0PC0nkTfYHDm0UoMM2f7rC7wNSpdJhNKl6vHMFmHXjvy9lOu48PSYngE9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPXPShY2RaiSa4uvwVuUvGBGommgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOWM5S0ZqWkZxSkpyaTZfQlc1UzhZRWFpYWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACNfse32cYNvj9rC1nzG
jyysv56pXjSqh8qJvhCBjzsp2/LVMKi7UuDZCRuL9Vx9zEl0aMYRbVTa6sW9NcSI
oBHZgQ/GNtlTqe/2k+SyKKJolo3KTFcs9FVpTQ+5KNMB1OjEmr/xumKgK/a0EGg+
U+Qc6TOK/SS2pcoD2mUUENCQ5v0wll7I4/xkLrUHn4MGmgQKp1WMajgK1pjd/kxL
PcTYMUE67fdSxLu6MNDWZB4z4/SDbQSN5IPQZGZHu0fCXk8OFFu3oi8tr4v17hf4
Y6hOOgXB0/m89gQ2Vtf0QWBSpCfLVMLqz/JVPE+5Kp9Dx1ejIRv7ncyhK3oPPwU5
ySc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:14:17 2025 by rpki-client