Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9pKrVho0u1V9gucvOZcgxDivWRA.roa
File: 9pKrVho0u1V9gucvOZcgxDivWRA.roa (raw, json)
Hash identifier: so+mRmx3qIirY+DiO82HeYg3RXYeFPLORHZbFSUtE+g=
Subject key identifier: F6:92:AB:56:1A:34:BB:55:7D:82:E7:2F:39:97:20:C4:38:AF:59:10
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DAC46421839D170C42A237B59E5ADB581
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9pKrVho0u1V9gucvOZcgxDivWRA.roa
Signing time: Thu 15 Feb 2024 10:18:21 +0000
ROA not before: Thu 15 Feb 2024 10:18:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:46:42:18:39:d1:70:c4:2a:23:7b:59:e5:ad:b5:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 15 10:18:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f692ab561a34bb557d82e72f399720c438af5910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:69:33:e2:37:fd:00:0e:13:cd:a3:8f:ae:5d:
5c:fc:f9:78:b9:3e:cc:a2:e5:4a:a1:bd:47:a8:f9:
61:d1:92:ff:08:35:e3:b7:75:75:64:c0:ad:97:61:
e2:50:af:d0:14:80:1f:82:4c:27:97:af:80:f8:42:
95:db:80:c1:ed:c2:7b:55:19:9f:60:90:54:1d:ac:
45:a0:6a:b2:16:62:37:86:04:4c:dd:b5:1d:c5:70:
46:e5:c3:2c:ed:5a:e9:ab:92:62:4c:b6:8c:a7:35:
4c:ba:b3:be:e7:ea:23:bd:34:de:6d:43:57:16:a7:
f7:d1:5e:6e:a6:b6:4d:e3:de:32:aa:94:b9:e4:18:
68:37:d7:5c:a2:4c:94:a1:4c:36:86:93:9b:17:9f:
2c:19:b8:a6:8e:75:21:c9:40:89:63:b8:ed:44:bd:
57:f3:18:36:b2:c5:14:00:50:8b:cb:87:1b:b7:16:
2d:6e:22:a7:a8:4a:6f:bc:e5:e9:7c:69:82:30:87:
b6:25:0f:60:81:cb:a8:1c:a4:c2:c3:71:45:40:50:
85:8f:55:24:04:e8:f4:6b:3a:78:3c:fd:48:24:f4:
1e:11:59:b6:e1:fe:4b:90:11:5f:2d:18:c2:96:73:
73:84:e7:4c:a1:75:7d:9e:6f:88:61:bc:09:c4:72:
b6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:92:AB:56:1A:34:BB:55:7D:82:E7:2F:39:97:20:C4:38:AF:59:10
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9pKrVho0u1V9gucvOZcgxDivWRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:3d:db:4d:33:ac:84:54:f3:4d:9e:9b:6f:a6:ff:20:1a:3d:
21:45:20:5f:e3:b8:fe:c1:1f:b2:11:6a:70:f2:91:63:b6:c7:
d6:56:2c:29:d6:c7:b6:c3:bc:c1:f2:ac:58:82:73:dc:ea:96:
d6:95:3c:2e:37:f6:0c:c2:e3:4b:4f:8f:f6:14:4d:91:3d:38:
68:7f:e1:d9:a4:38:70:2a:de:fe:e6:db:b6:cb:af:2e:18:81:
ce:88:cb:95:09:6a:54:b5:37:7d:02:29:49:b6:67:71:4b:ff:
00:bf:54:46:d9:48:22:10:2f:87:25:cd:e5:04:60:24:26:17:
cf:c4:bf:5c:ce:e1:19:9d:21:b8:04:72:cd:5d:76:8e:1d:f2:
a7:b3:ed:46:7e:07:34:fe:4b:1a:27:5f:0e:46:ab:4c:53:30:
e9:7a:05:81:f0:8b:82:b8:8b:b4:20:c2:fa:d3:c7:ad:2c:79:
5f:e1:20:79:9f:78:09:0b:6c:41:6c:93:75:e8:9d:f3:59:67:
f6:42:34:92:8b:6c:84:e7:f0:c2:df:c9:96:43:a3:96:bd:49:
fc:f5:f3:1b:11:06:91:0b:2e:d7:23:75:45:88:53:17:88:14:
cc:83:84:ff:2b:8f:cf:cf:74:a7:4a:f2:0e:94:d4:50:6a:a0:
43:03:13:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2sRkIYOdFwxCoje1nlrbWBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE1MTAxODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjkyYWI1NjFhMzRiYjU1N2Q4MmU3MmYzOTk3MjBjNDM4YWY1OTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmkz4jf9AA4TzaOPrl1c/Pl4uT7M
ouVKob1HqPlh0ZL/CDXjt3V1ZMCtl2HiUK/QFIAfgkwnl6+A+EKV24DB7cJ7VRmf
YJBUHaxFoGqyFmI3hgRM3bUdxXBG5cMs7Vrpq5JiTLaMpzVMurO+5+ojvTTebUNX
Fqf30V5uprZN494yqpS55BhoN9dcokyUoUw2hpObF58sGbimjnUhyUCJY7jtRL1X
8xg2ssUUAFCLy4cbtxYtbiKnqEpvvOXpfGmCMIe2JQ9ggcuoHKTCw3FFQFCFj1Uk
BOj0azp4PP1IJPQeEVm24f5LkBFfLRjClnNzhOdMoXV9nm+IYbwJxHK2+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPaSq1YaNLtVfYLnLzmXIMQ4r1kQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOXBLclZobzB1MVY5Z3Vjdk9aY2d4RGl2V1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJw9200zrIRU802em2+m
/yAaPSFFIF/juP7BH7IRanDykWO2x9ZWLCnWx7bDvMHyrFiCc9zqltaVPC439gzC
40tPj/YUTZE9OGh/4dmkOHAq3v7m27bLry4Ygc6Iy5UJalS1N30CKUm2Z3FL/wC/
VEbZSCIQL4clzeUEYCQmF8/Ev1zO4RmdIbgEcs1ddo4d8qez7UZ+BzT+SxonXw5G
q0xTMOl6BYHwi4K4i7QgwvrTx60seV/hIHmfeAkLbEFsk3XonfNZZ/ZCNJKLbITn
8MLfyZZDo5a9Sfz18xsRBpELLtcjdUWIUxeIFMyDhP8rj8/PdKdK8g6U1FBqoEMD
E2Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:21 2025 by rpki-client