Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AqNxBDm8hkjLotQLOIpdt687UVI.roa
File: AqNxBDm8hkjLotQLOIpdt687UVI.roa (raw, json)
Hash identifier: Bz5gGLMoc0ejrgYL8/kAeEyKMOCJqq++W46xdtpHjMg=
Subject key identifier: 02:A3:71:04:39:BC:86:48:CB:A2:D4:0B:38:8A:5D:B7:AF:3B:51:52
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E36DFDEBA9DBB39D5243CBBF5CCEDAF09
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AqNxBDm8hkjLotQLOIpdt687UVI.roa
Signing time: Wed 13 Mar 2024 08:13:44 +0000
ROA not before: Wed 13 Mar 2024 08:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:36:df:de:ba:9d:bb:39:d5:24:3c:bb:f5:cc:ed:af:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 08:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02a3710439bc8648cba2d40b388a5db7af3b5152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f1:f9:77:ba:28:ee:90:1e:b9:be:33:33:ea:
62:ec:9f:e6:23:15:11:4c:45:2d:58:35:2f:a0:f4:
70:19:bb:e4:42:80:e9:23:2e:a3:cc:db:9d:79:87:
e4:26:4c:b7:f9:71:f3:d4:03:d0:95:f7:1f:6a:e5:
b8:c0:3e:de:60:3a:ad:33:29:69:0f:ca:da:ed:5a:
0c:f8:e4:e8:12:c4:93:49:ee:d9:f5:54:50:d6:71:
44:c7:99:0a:c4:37:7e:65:a7:fe:3b:cd:66:d4:d6:
1a:ac:fc:50:03:42:0d:79:e4:1c:6b:cc:2d:80:c3:
2b:28:fa:df:97:44:0c:86:f7:a5:b1:57:48:02:48:
d0:4c:03:72:09:f1:ae:61:4b:38:3f:06:28:a3:cf:
30:f6:19:79:cb:01:e9:52:c7:d8:72:0d:97:5f:eb:
43:3b:bc:76:47:04:3a:51:62:bf:f1:f8:9c:dc:2b:
00:28:49:06:11:b5:27:17:4c:17:0b:38:46:0f:92:
ec:5b:34:05:4a:9a:1d:c3:e5:4d:03:83:31:e1:4d:
f9:ad:d6:ee:19:08:eb:c3:2e:cf:d4:b0:18:54:2f:
2d:7a:d8:ab:9e:aa:90:11:bc:a1:7b:e5:d4:7b:3b:
1a:93:d1:d0:b0:77:46:6a:ac:0f:5c:a5:55:bc:8d:
7c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A3:71:04:39:BC:86:48:CB:A2:D4:0B:38:8A:5D:B7:AF:3B:51:52
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AqNxBDm8hkjLotQLOIpdt687UVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
74:04:a1:ac:fb:9d:1c:7b:0b:cf:84:8b:3d:ab:2b:80:fb:47:
cb:ee:ef:1b:30:00:5b:cb:3f:2e:90:33:de:fc:ec:51:38:86:
40:ac:be:c8:97:d2:34:ec:ba:f4:dd:14:c2:e2:d3:21:7c:86:
21:51:23:64:b2:bc:95:ac:95:1b:26:53:11:9c:d0:60:3b:55:
21:3c:85:0c:40:fb:60:1f:0c:05:4c:f6:e5:a3:78:62:1d:7f:
4c:58:f6:ae:66:a8:2e:06:49:a7:49:40:f0:cb:c5:51:61:e3:
60:98:8e:14:7a:7c:a6:42:51:d4:5a:f5:03:c8:82:bd:20:b1:
79:f0:95:46:f9:88:e0:a4:d6:97:df:6e:4c:08:75:e9:1b:f0:
6a:0b:98:d1:6b:61:6a:81:ba:62:b3:45:58:d1:58:a6:d0:e8:
96:52:41:62:9b:b9:7e:f9:5c:da:4f:0b:a9:d6:35:b8:04:3a:
83:a9:00:c8:3c:d9:ea:7c:18:8b:44:ea:be:74:39:dc:e8:0d:
9b:aa:af:ed:2b:75:c7:bf:7d:34:5a:51:b3:05:94:ac:df:3a:
1b:cd:7f:b1:b8:af:76:25:a2:0a:be:6d:d8:2e:10:8d:6f:82:
89:94:fe:d3:38:f8:1c:bb:0b:b8:ef:8e:73:12:c7:0e:3a:0b:
74:4a:e3:1c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY423966nbs51SQ8u/XM7a8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMDgxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmEzNzEwNDM5YmM4NjQ4Y2JhMmQ0MGIzODhhNWRiN2FmM2I1MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPH5d7oo7pAeub4zM+pi7J/mIxUR
TEUtWDUvoPRwGbvkQoDpIy6jzNudeYfkJky3+XHz1APQlfcfauW4wD7eYDqtMylp
D8ra7VoM+OToEsSTSe7Z9VRQ1nFEx5kKxDd+Zaf+O81m1NYarPxQA0INeeQca8wt
gMMrKPrfl0QMhvelsVdIAkjQTANyCfGuYUs4PwYoo88w9hl5ywHpUsfYcg2XX+tD
O7x2RwQ6UWK/8fic3CsAKEkGEbUnF0wXCzhGD5LsWzQFSpodw+VNA4Mx4U35rdbu
GQjrwy7P1LAYVC8tetirnqqQEbyhe+XUezsak9HQsHdGaqwPXKVVvI181wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAKjcQQ5vIZIy6LUCziKXbevO1FSMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQXFOeEJEbThoa2pMb3RRTE9JcGR0Njg3VVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHQEoaz7nRx7C8+Eiz2r
K4D7R8vu7xswAFvLPy6QM9787FE4hkCsvsiX0jTsuvTdFMLi0yF8hiFRI2SyvJWs
lRsmUxGc0GA7VSE8hQxA+2AfDAVM9uWjeGIdf0xY9q5mqC4GSadJQPDLxVFh42CY
jhR6fKZCUdRa9QPIgr0gsXnwlUb5iOCk1pffbkwIdekb8GoLmNFrYWqBumKzRVjR
WKbQ6JZSQWKbuX75XNpPC6nWNbgEOoOpAMg82ep8GItE6r50OdzoDZuqr+0rdce/
fTRaUbMFlKzfOhvNf7G4r3Ylogq+bdguEI1vgomU/tM4+By7C7jvjnMSxw46C3RK
4xw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:47 2025 by rpki-client