Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AX2kVr8Bt9XbEtv5Sw4pvmlsuno.roa
File: AX2kVr8Bt9XbEtv5Sw4pvmlsuno.roa (raw, json)
Hash identifier: tQqorHvpu8JF+xNGJ9a2z3xkQYH4et9WucOqydDwDUU=
Subject key identifier: 01:7D:A4:56:BF:01:B7:D5:DB:12:DB:F9:4B:0E:29:BE:69:6C:BA:7A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CC44C3696B381751225F05903DAE1530A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AX2kVr8Bt9XbEtv5Sw4pvmlsuno.roa
Signing time: Mon 01 Jan 2024 09:12:58 +0000
ROA not before: Mon 01 Jan 2024 09:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:4c:36:96:b3:81:75:12:25:f0:59:03:da:e1:53:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 1 09:12:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=017da456bf01b7d5db12dbf94b0e29be696cba7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:36:ff:99:c1:19:6c:df:13:5f:b8:39:47:4f:
ac:79:93:d2:0c:a1:e0:74:30:a6:b0:9a:93:7a:ba:
d2:a0:22:14:65:29:6f:51:e5:2f:98:ed:18:41:46:
ee:c8:4f:4d:8a:e0:08:89:36:6e:f6:ff:43:6f:9b:
b7:54:a4:1d:0d:25:fa:ec:41:26:5b:b0:ce:5c:03:
37:b6:98:00:d1:d8:e1:f1:d3:ac:86:3c:90:99:1f:
74:5d:1e:49:23:be:02:bb:88:59:58:66:55:34:a3:
b0:2d:52:1e:6b:f3:a4:40:4d:9a:c8:0c:69:20:aa:
7e:ee:3a:66:55:fd:15:25:f5:3e:ac:09:9c:22:9b:
2e:d3:be:4c:6e:65:a4:19:fe:fe:d7:1f:8e:ee:5a:
c7:29:f2:62:80:f0:26:f3:ec:af:d4:17:54:ac:bd:
fd:f8:62:a5:6f:52:64:d8:3a:5d:d4:a8:30:39:a4:
d5:aa:15:b5:b6:32:d7:26:c1:d4:b6:38:15:9b:43:
44:16:4f:54:03:00:5a:2e:d5:95:de:ea:dd:2f:18:
c0:2b:36:2b:17:a1:57:5f:05:7f:4f:c9:d6:83:4a:
48:e6:bd:b4:b9:a5:9e:26:4c:0e:6f:e2:20:b8:e4:
d7:c3:4d:a9:60:63:bb:81:63:99:62:e2:b4:7b:f7:
f1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7D:A4:56:BF:01:B7:D5:DB:12:DB:F9:4B:0E:29:BE:69:6C:BA:7A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AX2kVr8Bt9XbEtv5Sw4pvmlsuno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5d:87:4e:19:b3:f0:a7:56:b9:0c:bb:61:22:83:59:25:f9:69:
51:94:2f:f0:1f:7d:bd:ca:cb:b9:1e:0a:e0:73:8c:5f:f4:c7:
84:cf:0d:4c:6f:32:37:0e:ff:68:60:dc:1c:64:62:0a:5b:c3:
b2:77:7b:ac:b9:6f:79:6c:d1:48:dd:13:a2:1d:de:ab:e3:5e:
4d:55:e8:af:81:df:05:31:75:c5:51:ac:af:5b:9f:1f:d8:42:
1a:e4:dc:e8:c3:19:f4:3b:ee:58:80:d4:9d:54:61:48:26:39:
eb:cd:1e:bf:9e:81:91:45:a9:93:c3:1d:99:6f:ad:86:f7:81:
4a:8c:ba:c9:50:9c:16:31:34:f0:2c:4c:e9:e2:e0:3b:df:21:
bc:b5:0d:ee:45:8d:ad:01:bf:21:44:0d:cc:fe:e6:e6:d2:e6:
d9:19:62:4d:7a:ba:10:04:9b:51:fd:88:41:fa:a7:ae:a1:6b:
f1:69:e3:22:94:2a:99:a1:54:a5:3c:f7:6a:bb:17:d7:92:a8:
0c:2c:6f:86:0e:79:92:a7:9c:62:77:76:b7:a6:fe:ac:f7:99:
09:a4:c8:e6:73:77:2f:ea:77:58:01:3e:ad:85:d1:23:d2:0b:
09:e7:73:fd:44:85:4f:f5:ba:a7:34:51:a6:be:4e:5a:af:13:
41:7b:94:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzETDaWs4F1EiXwWQPa4VMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAxMDkxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdkYTQ1NmJmMDFiN2Q1ZGIxMmRiZjk0YjBlMjliZTY5NmNiYTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDb/mcEZbN8TX7g5R0+seZPSDKHg
dDCmsJqTerrSoCIUZSlvUeUvmO0YQUbuyE9NiuAIiTZu9v9Db5u3VKQdDSX67EEm
W7DOXAM3tpgA0djh8dOshjyQmR90XR5JI74Cu4hZWGZVNKOwLVIea/OkQE2ayAxp
IKp+7jpmVf0VJfU+rAmcIpsu075MbmWkGf7+1x+O7lrHKfJigPAm8+yv1BdUrL39
+GKlb1Jk2Dpd1KgwOaTVqhW1tjLXJsHUtjgVm0NEFk9UAwBaLtWV3urdLxjAKzYr
F6FXXwV/T8nWg0pI5r20uaWeJkwOb+IguOTXw02pYGO7gWOZYuK0e/fxKQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAF9pFa/AbfV2xLb+UsOKb5pbLp6MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQVgya1ZyOEJ0OVhiRXR2NVN3NHB2bWxzdW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAF2HThmz8KdWuQy7YSKD
WSX5aVGUL/Affb3Ky7keCuBzjF/0x4TPDUxvMjcO/2hg3BxkYgpbw7J3e6y5b3ls
0UjdE6Id3qvjXk1V6K+B3wUxdcVRrK9bnx/YQhrk3OjDGfQ77liA1J1UYUgmOevN
Hr+egZFFqZPDHZlvrYb3gUqMuslQnBYxNPAsTOni4DvfIby1De5Fja0BvyFEDcz+
5ubS5tkZYk16uhAEm1H9iEH6p66ha/Fp4yKUKpmhVKU892q7F9eSqAwsb4YOeZKn
nGJ3drem/qz3mQmkyOZzdy/qd1gBPq2F0SPSCwnnc/1EhU/1uqc0Uaa+TlqvE0F7
lHs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:05 2025 by rpki-client