Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AL4AvSFiWMWHwaD52iVCERhgmWg.roa
File: AL4AvSFiWMWHwaD52iVCERhgmWg.roa (raw, json)
Hash identifier: 4Q9MGb8j7+RAzq5bSFHNsI6ZcPSdsbWUcrGH6GGmBww=
Subject key identifier: 00:BE:00:BD:21:62:58:C5:87:C1:A0:F9:DA:25:42:11:18:60:99:68
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDD2CAA19F99D1C4587DF86820DCBEDEF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AL4AvSFiWMWHwaD52iVCERhgmWg.roa
Signing time: Sat 24 Feb 2024 22:11:48 +0000
ROA not before: Sat 24 Feb 2024 22:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:dd:2c:aa:19:f9:9d:1c:45:87:df:86:82:0d:cb:ed:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 24 22:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00be00bd216258c587c1a0f9da25421118609968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:df:de:3d:30:df:4d:94:b5:15:f3:d4:19:97:
da:4d:73:41:02:5d:53:20:84:2a:d3:2b:3e:35:9f:
d7:3a:20:57:41:d3:4f:63:a6:87:8e:62:42:c3:e1:
e1:3d:6c:52:ac:fa:84:22:6c:06:11:71:c5:5a:a3:
52:82:74:52:f6:e7:a2:71:c2:16:8e:3e:18:22:d0:
5a:ef:e7:f4:7a:4b:41:4d:24:61:4d:84:16:73:3c:
ef:b8:83:39:01:62:ac:c5:d7:d8:47:3a:91:e5:cb:
d5:6f:34:25:6b:83:4c:0a:55:21:75:1b:97:56:00:
87:e4:8f:a2:73:85:55:a0:7b:aa:a6:0a:85:54:30:
3d:74:ba:89:5f:38:49:4b:75:1a:e3:42:9f:24:e4:
5d:1b:53:76:74:5b:69:a8:34:05:da:63:2e:5a:97:
b9:1c:45:29:00:79:71:a9:1a:be:95:a8:97:06:90:
26:52:12:70:74:7f:50:50:4c:3b:8d:cd:b8:f8:ec:
b3:f2:d4:a3:ef:72:e7:4c:56:06:13:38:c1:4c:7b:
e7:87:14:60:a5:74:8f:44:7c:87:b7:11:3c:78:8b:
a9:14:48:63:45:b1:b2:fa:7e:78:25:67:db:80:67:
95:36:39:50:c7:b4:fe:6b:06:6c:d2:bd:ff:fe:95:
a8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BE:00:BD:21:62:58:C5:87:C1:A0:F9:DA:25:42:11:18:60:99:68
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AL4AvSFiWMWHwaD52iVCERhgmWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:60:89:92:2f:e8:31:42:8a:f2:69:7e:a9:61:37:da:fd:f7:
95:45:da:73:36:18:74:7f:47:98:02:ba:b8:d9:95:ba:8f:06:
77:6c:8f:27:60:3f:29:31:29:ba:29:b9:67:8f:28:7d:d5:e6:
6e:f2:fd:ac:bb:87:b3:5a:94:d0:af:17:bc:40:e2:5a:66:9b:
14:06:21:53:2b:0b:6d:66:93:23:d6:c6:5b:fb:c2:e1:77:45:
05:90:9b:ef:9c:ab:05:8e:99:27:24:28:57:81:08:9a:fa:3a:
73:a7:c5:7c:33:f1:89:d4:a1:65:a5:2a:f6:8c:44:64:02:4c:
42:70:b9:00:f6:48:50:9b:17:11:67:1e:77:1e:7b:5c:1e:75:
b0:bf:66:82:04:80:6c:4d:5a:3a:3e:96:17:51:e3:29:ba:c2:
cd:62:91:79:35:4c:32:15:d9:99:f3:22:fd:2a:66:14:88:f5:
00:34:0b:3f:cf:cd:9c:c8:2c:52:43:54:8b:3d:2f:d4:11:03:
c4:d5:0e:fe:80:d8:f4:a7:b0:ec:1c:da:1e:57:61:60:49:b9:
94:c5:3d:b1:41:28:f1:7d:7f:8f:7b:a6:88:62:f7:46:4c:ca:
0d:ac:81:28:ae:d0:3b:b2:cc:00:8c:59:07:de:6c:be:b2:c4:
04:06:57:ba
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3dLKoZ+Z0cRYffhoINy+3vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI0MjIxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGJlMDBiZDIxNjI1OGM1ODdjMWEwZjlkYTI1NDIxMTE4NjA5OTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgN/ePTDfTZS1FfPUGZfaTXNBAl1T
IIQq0ys+NZ/XOiBXQdNPY6aHjmJCw+HhPWxSrPqEImwGEXHFWqNSgnRS9ueiccIW
jj4YItBa7+f0ektBTSRhTYQWczzvuIM5AWKsxdfYRzqR5cvVbzQla4NMClUhdRuX
VgCH5I+ic4VVoHuqpgqFVDA9dLqJXzhJS3Ua40KfJORdG1N2dFtpqDQF2mMuWpe5
HEUpAHlxqRq+laiXBpAmUhJwdH9QUEw7jc24+Oyz8tSj73LnTFYGEzjBTHvnhxRg
pXSPRHyHtxE8eIupFEhjRbGy+n54JWfbgGeVNjlQx7T+awZs0r3//pWo0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAC+AL0hYljFh8Gg+dolQhEYYJloMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQUw0QXZTRmlXTVdId2FENTJpVkNFUmhnbVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGBgiZIv6DFCivJpfqlh
N9r995VF2nM2GHR/R5gCurjZlbqPBndsjydgPykxKbopuWePKH3V5m7y/ay7h7Na
lNCvF7xA4lpmmxQGIVMrC21mkyPWxlv7wuF3RQWQm++cqwWOmSckKFeBCJr6OnOn
xXwz8YnUoWWlKvaMRGQCTEJwuQD2SFCbFxFnHncee1wedbC/ZoIEgGxNWjo+lhdR
4ym6ws1ikXk1TDIV2ZnzIv0qZhSI9QA0Cz/PzZzILFJDVIs9L9QRA8TVDv6A2PSn
sOwc2h5XYWBJuZTFPbFBKPF9f497pohi90ZMyg2sgSiu0DuyzACMWQfebL6yxAQG
V7o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:32 2025 by rpki-client