Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9w4Bqdd-H9jTDGokdQETDuinq_M.roa
File: 9w4Bqdd-H9jTDGokdQETDuinq_M.roa (raw, json)
Hash identifier: 4s0m5Xg15soZuq/kpoRZxEHBG8VG6reo8X0Rt0hKaVs=
Subject key identifier: F7:0E:01:A9:D7:7E:1F:D8:D3:0C:6A:24:75:01:13:0E:E8:A7:AB:F3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB6BE01DB36355395547A9C7E356DEEAF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9w4Bqdd-H9jTDGokdQETDuinq_M.roa
Signing time: Sat 17 Feb 2024 11:05:22 +0000
ROA not before: Sat 17 Feb 2024 11:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:b6bd:1edf/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b6:be:01:db:36:35:53:95:54:7a:9c:7e:35:6d:ee:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 17 11:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f70e01a9d77e1fd8d30c6a247501130ee8a7abf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e2:e5:85:a1:af:87:88:45:4a:63:25:b1:fe:
38:05:99:30:c4:66:86:22:32:12:a9:b4:bc:f1:d8:
8e:9a:c8:c7:d1:eb:09:45:78:12:51:e7:8b:4e:6d:
ba:bb:14:26:fd:4c:94:21:26:14:1f:8a:a6:5b:76:
9e:cf:3f:ba:c2:87:bd:55:5f:35:59:cd:78:43:07:
7f:49:f7:fd:e1:dd:8b:98:71:5a:b8:b2:be:76:6c:
f6:61:6f:27:f3:1c:72:e1:65:ba:a2:bf:83:b5:4d:
4d:5c:ea:dc:4d:63:2c:30:4f:2b:5d:6c:b5:14:19:
2d:33:da:49:ad:59:7b:17:d1:d3:d6:73:65:e5:07:
96:b8:3f:9f:b6:b7:2d:b4:2c:1d:9d:27:af:e6:e4:
a8:73:22:ba:78:55:76:9c:86:0a:6c:f8:da:90:34:
23:eb:cb:be:34:39:7a:e9:bd:52:f5:53:ca:29:fa:
2d:27:89:4b:1f:59:61:83:14:9c:15:28:c0:c4:44:
16:7b:b9:9d:40:2d:a3:4a:b2:6b:35:14:2c:40:c1:
39:4b:fd:7e:92:1e:a1:b8:f3:7e:3f:df:c3:57:12:
ed:6c:89:35:6f:db:87:8f:73:6d:9e:2f:b4:ec:00:
55:6c:e6:6a:5b:b6:59:87:b1:73:fe:b8:be:7a:59:
49:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:0E:01:A9:D7:7E:1F:D8:D3:0C:6A:24:75:01:13:0E:E8:A7:AB:F3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/9w4Bqdd-H9jTDGokdQETDuinq_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:0f:63:5d:c4:5e:15:cb:35:6c:24:77:03:7a:3c:aa:d4:43:
2d:94:ac:a2:cb:ac:2f:5d:86:65:1a:9a:2d:97:3d:95:ce:ca:
1f:bf:5f:75:e3:9c:96:2b:a2:d3:ba:f0:67:a8:c7:24:c9:91:
8b:92:4b:37:45:27:b6:66:86:c6:5d:8d:f9:fc:f1:43:74:f5:
ab:47:b7:b1:1f:d2:15:78:e6:72:e1:fc:52:4e:b6:7c:fa:57:
17:40:60:c7:01:ee:cb:6e:79:4c:5f:9f:d2:ae:da:f4:21:22:
af:8d:e0:fe:0b:11:50:09:ca:5f:bf:8e:07:cc:e0:f5:c7:5f:
98:0c:0d:6e:76:0c:14:1e:48:9b:dc:4e:ff:b0:64:79:41:0c:
22:55:59:af:93:0c:dc:45:01:02:9e:00:9b:64:6f:87:68:bb:
c1:cb:5f:05:1a:41:f3:1b:91:63:a3:ff:c2:f6:bf:2a:a3:09:
ac:32:a0:19:83:1c:b6:83:30:c9:83:34:a6:89:9a:5c:56:af:
de:9d:2d:8b:a3:c3:9b:6a:85:b8:8d:bd:3a:44:6d:13:ad:e7:
f3:af:49:1c:8e:ad:96:24:b8:77:68:2f:49:f3:09:ca:01:b3:
14:bc:80:cc:d1:02:63:3d:31:4f:22:77:fe:7d:ca:bc:f7:c7:
5d:2e:bc:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY22vgHbNjVTlVR6nH41be6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE3MTEwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzBlMDFhOWQ3N2UxZmQ4ZDMwYzZhMjQ3NTAxMTMwZWU4YTdhYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+LlhaGvh4hFSmMlsf44BZkwxGaG
IjISqbS88diOmsjH0esJRXgSUeeLTm26uxQm/UyUISYUH4qmW3aezz+6woe9VV81
Wc14Qwd/Sff94d2LmHFauLK+dmz2YW8n8xxy4WW6or+DtU1NXOrcTWMsME8rXWy1
FBktM9pJrVl7F9HT1nNl5QeWuD+ftrcttCwdnSev5uSocyK6eFV2nIYKbPjakDQj
68u+NDl66b1S9VPKKfotJ4lLH1lhgxScFSjAxEQWe7mdQC2jSrJrNRQsQME5S/1+
kh6huPN+P9/DVxLtbIk1b9uHj3Ntni+07ABVbOZqW7ZZh7Fz/ri+ellJSwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPcOAanXfh/Y0wxqJHUBEw7op6vzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvOXc0QnFkZC1IOWpUREdva2RRRVREdWlucV9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFwPY13EXhXLNWwkdwN6
PKrUQy2UrKLLrC9dhmUami2XPZXOyh+/X3XjnJYrotO68GeoxyTJkYuSSzdFJ7Zm
hsZdjfn88UN09atHt7Ef0hV45nLh/FJOtnz6VxdAYMcB7stueUxfn9Ku2vQhIq+N
4P4LEVAJyl+/jgfM4PXHX5gMDW52DBQeSJvcTv+wZHlBDCJVWa+TDNxFAQKeAJtk
b4dou8HLXwUaQfMbkWOj/8L2vyqjCawyoBmDHLaDMMmDNKaJmlxWr96dLYujw5tq
hbiNvTpEbROt5/OvSRyOrZYkuHdoL0nzCcoBsxS8gMzRAmM9MU8id/59yrz3x10u
vAM=
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:52:25 2025 by rpki-client