Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/B5OxjR5-UtHBGh4-2Jao9HqO2cE.roa
File: B5OxjR5-UtHBGh4-2Jao9HqO2cE.roa (raw, json)
Hash identifier: iLl//eehFUZVwtxuYfkyeCHuyD0WQolL1Cqzyg26Wa8=
Subject key identifier: 07:93:B1:8D:1E:7E:52:D1:C1:1A:1E:3E:D8:96:A8:F4:7A:8E:D9:C1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DE8C5B7C2FA839A75035C45174C98A724
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/B5OxjR5-UtHBGh4-2Jao9HqO2cE.roa
Signing time: Tue 27 Feb 2024 04:14:48 +0000
ROA not before: Tue 27 Feb 2024 04:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e8:c5:b7:c2:fa:83:9a:75:03:5c:45:17:4c:98:a7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 27 04:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0793b18d1e7e52d1c11a1e3ed896a8f47a8ed9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fa:e8:7d:15:f1:e4:36:98:2a:70:70:dc:49:
a4:02:a0:53:42:62:9e:57:57:3a:b5:66:a9:32:9f:
ac:2e:d9:dc:46:b2:7a:b0:04:da:78:66:03:ea:a5:
1a:21:41:ca:7b:c9:1e:46:1a:c4:36:69:a2:75:d0:
d2:a4:55:fa:84:c4:68:98:c8:5a:f1:38:01:e9:3e:
b0:83:9d:6e:1d:a2:8e:b4:60:41:20:a1:b6:9d:3d:
7e:bb:f5:b6:42:73:27:75:89:8d:92:52:87:9a:65:
5c:92:ea:32:1a:8f:62:3f:5c:9a:46:30:8b:cb:64:
8a:e6:f9:4c:fc:e2:81:4f:c6:5f:28:9d:f7:d7:d6:
b6:5a:34:cc:dd:27:79:f0:c7:d8:4d:2a:2b:aa:9b:
d0:d7:90:bd:60:9f:b3:8b:c7:89:9c:ee:db:05:21:
2e:b7:7f:a9:74:28:17:11:f8:6b:4a:9a:d1:21:7c:
98:f9:56:c9:7c:1c:44:d4:d4:fe:45:db:a0:13:91:
e8:09:5d:34:a6:02:02:54:bb:e1:5c:e4:52:43:ef:
8d:4a:18:39:82:65:c0:74:1b:0f:dd:f7:50:0a:2a:
ee:07:aa:a4:05:7e:48:ae:c6:6d:ab:73:df:09:e2:
98:39:43:b1:dc:68:ac:da:22:be:48:2c:6c:55:e7:
39:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:93:B1:8D:1E:7E:52:D1:C1:1A:1E:3E:D8:96:A8:F4:7A:8E:D9:C1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/B5OxjR5-UtHBGh4-2Jao9HqO2cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:e7:18:9a:5d:a4:a8:7f:ad:f2:52:ba:a2:4c:f2:49:e5:57:
63:7c:6a:bb:75:b4:79:5b:6a:1f:97:21:27:ea:fe:fa:a3:2c:
d2:5d:18:14:12:5f:aa:af:55:28:09:77:7b:2f:99:6d:6a:8e:
2f:3c:aa:42:13:ff:2f:b1:dc:45:9e:f6:d9:8c:ad:37:e2:ac:
25:3a:57:ab:e0:68:01:5d:cd:5a:dd:85:f6:d5:63:16:eb:c5:
de:76:bc:8f:b4:7a:47:7e:d4:e0:1b:98:ff:9b:8f:30:ad:e0:
e2:e8:5e:38:17:27:87:ba:47:4b:24:2d:9f:82:4b:91:6c:db:
70:44:c5:2d:0c:ce:da:d7:12:da:87:73:3f:73:09:25:85:de:
21:8f:91:66:9f:f7:24:52:17:d3:0c:3f:04:6c:cc:8b:8e:97:
b8:71:d6:9f:3d:46:e2:4b:2d:06:72:de:e5:65:e9:88:3b:3a:
b5:75:da:4b:5a:45:c2:0e:45:db:aa:dc:63:09:b9:ea:5b:40:
5b:62:18:2d:f8:6d:2b:50:2c:41:c3:56:b6:e7:5a:09:33:bb:
b7:0a:b2:56:9c:af:86:c2:ce:a5:52:04:9e:80:a5:81:61:3e:
f9:1b:26:0a:19:11:2f:14:42:13:a5:05:93:6f:da:bb:b2:00:
0b:99:ae:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3oxbfC+oOadQNcRRdMmKckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI3MDQxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzkzYjE4ZDFlN2U1MmQxYzExYTFlM2VkODk2YThmNDdhOGVkOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5frofRXx5DaYKnBw3EmkAqBTQmKe
V1c6tWapMp+sLtncRrJ6sATaeGYD6qUaIUHKe8keRhrENmmiddDSpFX6hMRomMha
8TgB6T6wg51uHaKOtGBBIKG2nT1+u/W2QnMndYmNklKHmmVckuoyGo9iP1yaRjCL
y2SK5vlM/OKBT8ZfKJ3319a2WjTM3Sd58MfYTSorqpvQ15C9YJ+zi8eJnO7bBSEu
t3+pdCgXEfhrSprRIXyY+VbJfBxE1NT+RdugE5HoCV00pgICVLvhXORSQ++NShg5
gmXAdBsP3fdQCiruB6qkBX5IrsZtq3PfCeKYOUOx3Gis2iK+SCxsVec5AQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAeTsY0eflLRwRoePtiWqPR6jtnBMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQjVPeGpSNS1VdEhCR2g0LTJKYW85SHFPMmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABbnGJpdpKh/rfJSuqJM
8knlV2N8art1tHlbah+XISfq/vqjLNJdGBQSX6qvVSgJd3svmW1qji88qkIT/y+x
3EWe9tmMrTfirCU6V6vgaAFdzVrdhfbVYxbrxd52vI+0ekd+1OAbmP+bjzCt4OLo
XjgXJ4e6R0skLZ+CS5Fs23BExS0MztrXEtqHcz9zCSWF3iGPkWaf9yRSF9MMPwRs
zIuOl7hx1p89RuJLLQZy3uVl6Yg7OrV12ktaRcIORduq3GMJuepbQFtiGC34bStQ
LEHDVrbnWgkzu7cKslacr4bCzqVSBJ6ApYFhPvkbJgoZES8UQhOlBZNv2ruyAAuZ
rqQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:57 2025 by rpki-client