Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AqhMAvfdeEV-sPbsM0MmXlm1QdA.roa
File: AqhMAvfdeEV-sPbsM0MmXlm1QdA.roa (raw, json)
Hash identifier: ddN2gOb8E7gK3DV2E4gthRcVl8zRh3xhKSpGDoeQlX4=
Subject key identifier: 02:A8:4C:02:F7:DD:78:45:7E:B0:F6:EC:33:43:26:5E:59:B5:41:D0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DCD1789432971580F992B30840970D2B1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AqhMAvfdeEV-sPbsM0MmXlm1QdA.roa
Signing time: Wed 21 Feb 2024 19:14:48 +0000
ROA not before: Wed 21 Feb 2024 19:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cd:17:89:43:29:71:58:0f:99:2b:30:84:09:70:d2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 19:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=02a84c02f7dd78457eb0f6ec3343265e59b541d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d1:d5:65:0d:59:7c:2a:d8:4c:03:4a:7f:a9:
88:a7:bb:35:72:14:da:65:f0:40:04:7f:4a:f4:e9:
cf:24:73:40:ea:3a:3f:56:64:b2:9f:c0:86:e2:27:
bf:e8:69:78:83:6c:44:81:50:05:0d:67:c5:09:a2:
98:a7:c6:c2:1a:49:e9:c1:9c:8c:6e:ea:a4:30:02:
90:81:7d:30:4a:58:a3:a1:8d:83:b3:c6:9b:a2:7a:
2b:9d:d8:79:e9:2e:74:0e:34:ab:fc:ed:86:ff:39:
eb:00:0b:00:e6:51:51:72:ef:cf:53:59:70:f4:51:
84:6e:cd:72:e7:ef:9c:16:d4:ad:e6:bf:a6:e1:da:
cd:73:1d:fb:67:48:82:4a:9d:34:86:ec:7b:11:65:
fe:d4:cf:88:fc:3f:f7:42:89:a2:24:de:2f:36:4d:
f5:e6:9d:77:93:a6:23:1f:c6:7e:87:a6:86:5c:75:
1e:b5:ea:b7:07:4f:1c:fa:4e:70:ea:4a:a1:99:1f:
d1:f8:34:84:d5:78:bc:f7:0a:2b:86:6f:b4:e5:2d:
17:ee:c5:bb:fd:a2:4a:a0:39:2b:e4:81:b9:80:6b:
38:b6:9a:fb:30:82:e5:dc:fa:58:67:ad:de:25:18:
c4:7d:1b:b2:b9:b7:7a:a0:b9:4b:ce:f0:40:01:99:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A8:4C:02:F7:DD:78:45:7E:B0:F6:EC:33:43:26:5E:59:B5:41:D0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/AqhMAvfdeEV-sPbsM0MmXlm1QdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:cf:73:4d:5b:e7:2a:58:69:29:73:0a:cd:f4:d2:85:ab:98:
91:0b:51:a2:79:08:d0:32:7a:69:bf:e9:67:ab:dc:e4:ca:f8:
20:e6:2b:d4:f8:a3:39:14:4d:27:d9:98:24:31:15:13:b3:41:
24:c8:1a:80:5a:b5:86:ec:65:27:58:0d:48:23:67:e8:90:ff:
77:93:d2:8e:ef:c3:18:8c:fe:e6:66:b4:3c:c5:29:52:f5:e2:
69:f7:8e:a9:22:ae:65:e5:d8:ba:02:82:23:ae:bb:ec:bf:9e:
4f:c0:76:9d:cc:ce:10:24:de:83:c4:15:ae:b0:c3:fb:4d:45:
b2:cd:ff:33:63:10:77:d2:76:fd:ff:cf:69:7f:08:f7:b3:52:
35:17:e1:fb:7a:32:78:17:4a:39:5d:d8:06:b4:35:fe:79:47:
c1:b5:7e:ec:8a:a0:79:1a:90:89:22:ee:2a:d5:72:07:6c:70:
2a:47:20:f9:ac:ff:73:cc:b8:ca:c0:c8:91:a2:d6:a2:07:e4:
a2:03:77:26:af:08:3a:89:11:7c:71:5e:76:df:de:83:cc:71:
2d:81:51:1a:24:10:46:7f:60:2b:c1:24:be:e7:e5:a3:ec:6e:
78:06:8b:ac:92:85:6f:25:48:27:6c:20:4a:9b:41:cb:38:b0:
0a:60:e4:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3NF4lDKXFYD5krMIQJcNKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMTkxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmE4NGMwMmY3ZGQ3ODQ1N2ViMGY2ZWMzMzQzMjY1ZTU5YjU0MWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNHVZQ1ZfCrYTANKf6mIp7s1chTa
ZfBABH9K9OnPJHNA6jo/VmSyn8CG4ie/6Gl4g2xEgVAFDWfFCaKYp8bCGknpwZyM
buqkMAKQgX0wSlijoY2Ds8abonorndh56S50DjSr/O2G/znrAAsA5lFRcu/PU1lw
9FGEbs1y5++cFtSt5r+m4drNcx37Z0iCSp00hux7EWX+1M+I/D/3QomiJN4vNk31
5p13k6YjH8Z+h6aGXHUeteq3B08c+k5w6kqhmR/R+DSE1Xi89worhm+05S0X7sW7
/aJKoDkr5IG5gGs4tpr7MILl3PpYZ63eJRjEfRuyubd6oLlLzvBAAZlWWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAKoTAL33XhFfrD27DNDJl5ZtUHQMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQXFoTUF2ZmRlRVYtc1Bic00wTW1YbG0xUWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHbPc01b5ypYaSlzCs30
0oWrmJELUaJ5CNAyemm/6Wer3OTK+CDmK9T4ozkUTSfZmCQxFROzQSTIGoBatYbs
ZSdYDUgjZ+iQ/3eT0o7vwxiM/uZmtDzFKVL14mn3jqkirmXl2LoCgiOuu+y/nk/A
dp3MzhAk3oPEFa6ww/tNRbLN/zNjEHfSdv3/z2l/CPezUjUX4ft6MngXSjld2Aa0
Nf55R8G1fuyKoHkakIki7irVcgdscCpHIPms/3PMuMrAyJGi1qIH5KIDdyavCDqJ
EXxxXnbf3oPMcS2BURokEEZ/YCvBJL7n5aPsbngGi6yShW8lSCdsIEqbQcs4sApg
5G0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:47 2025 by rpki-client