Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/C8Pqmrht_xn5k8Z15H5-FvUGbQg.roa
File: C8Pqmrht_xn5k8Z15H5-FvUGbQg.roa (raw, json)
Hash identifier: Ks/lbrifwlat1AEANY58OPlWoZRr0nNRpDevNK46Pdw=
Subject key identifier: 0B:C3:EA:9A:B8:6D:FF:19:F9:93:C6:75:E4:7E:7E:16:F5:06:6D:08
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA6DF70CFC0FF9F318E67C006C4563B99
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/C8Pqmrht_xn5k8Z15H5-FvUGbQg.roa
Signing time: Thu 04 Apr 2024 02:10:45 +0000
ROA not before: Thu 04 Apr 2024 02:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a6:df:70:cf:c0:ff:9f:31:8e:67:c0:06:c4:56:3b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 4 02:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bc3ea9ab86dff19f993c675e47e7e16f5066d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:bb:e3:86:cf:7a:5c:32:58:8b:61:a9:9d:37:
f9:dd:f1:3a:07:7b:de:03:88:0e:3c:ca:f3:93:25:
bf:37:e6:8a:bd:39:b6:36:c5:16:dd:d4:ce:4e:61:
6e:23:06:ca:1e:a3:67:31:e7:10:9f:4f:69:68:33:
66:25:de:9c:52:64:fa:d9:d2:58:da:00:98:a9:25:
8c:29:e9:6a:f1:39:51:c7:00:e6:40:1c:38:ec:13:
fe:f4:e1:b4:5a:1f:20:d6:40:f0:a8:98:1d:0f:26:
f0:9c:2e:99:67:59:15:9e:81:41:31:88:9e:11:77:
c5:df:76:69:7f:e3:d2:35:9e:47:56:15:de:9d:05:
20:c6:97:34:2f:2d:b3:c2:e9:b1:00:85:0f:93:8d:
79:4c:e5:39:c0:4d:25:1e:e5:de:77:b8:a6:78:51:
15:46:28:16:b1:ca:72:c3:5a:e9:b0:1c:66:d5:56:
5b:92:9c:52:76:b2:b2:52:ab:97:fc:fd:b0:75:fd:
b4:3d:4a:ba:ed:3c:90:20:83:7e:92:40:84:63:bb:
fe:30:16:9b:88:1e:0c:4d:ff:65:cd:bc:0b:c3:ed:
37:4f:f4:7a:47:cc:9f:a3:62:a3:86:56:6f:15:a8:
6f:66:82:5a:f4:e6:19:2c:da:e6:8d:f7:d9:5e:94:
cc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C3:EA:9A:B8:6D:FF:19:F9:93:C6:75:E4:7E:7E:16:F5:06:6D:08
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/C8Pqmrht_xn5k8Z15H5-FvUGbQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
66:70:f6:32:0b:3d:7f:69:88:db:62:5f:fc:b3:d5:91:14:8a:
c5:3c:77:bd:66:f1:35:18:aa:be:d1:a7:12:16:ec:d0:19:8c:
fa:9c:59:33:37:98:26:d7:59:04:be:ce:6c:dd:d4:b3:00:72:
fa:b4:69:98:c7:7b:4e:29:3b:c7:90:f6:a5:99:31:7e:26:1f:
ed:13:01:2f:15:2c:a3:bd:1f:60:6c:db:b0:b1:1a:bc:09:36:
4a:bf:82:ce:0a:0a:e5:fc:8a:5b:71:d9:63:d9:9a:f9:a4:9c:
8f:83:16:08:20:64:de:af:9f:dc:77:6a:04:d2:2b:cf:9a:cb:
1a:1b:e8:68:98:a7:f8:68:ef:f5:84:1f:31:45:e6:a8:05:81:
72:7b:4e:21:fa:fe:7c:06:53:eb:2c:a4:a0:c4:3d:16:63:a3:
28:83:05:92:f2:cb:d6:a9:22:fb:6c:c4:78:38:b8:f8:09:d7:
28:cc:56:e8:a4:4a:df:00:cd:9b:60:e9:08:74:cc:ff:d0:f6:
d5:2c:c0:a8:eb:6f:c0:f1:2d:83:1f:33:75:c6:7b:5b:0d:03:
3a:a0:2f:05:cf:ff:6b:a2:18:5b:4e:95:09:21:63:b9:9e:3a:
fb:e4:9d:d6:7f:bb:3e:f6:fd:91:e1:5a:48:6f:c7:7f:03:1e:
0c:32:f5:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6m33DPwP+fMY5nwAbEVjuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA0MDIxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmMzZWE5YWI4NmRmZjE5Zjk5M2M2NzVlNDdlN2UxNmY1MDY2ZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rvjhs96XDJYi2GpnTf53fE6B3ve
A4gOPMrzkyW/N+aKvTm2NsUW3dTOTmFuIwbKHqNnMecQn09paDNmJd6cUmT62dJY
2gCYqSWMKelq8TlRxwDmQBw47BP+9OG0Wh8g1kDwqJgdDybwnC6ZZ1kVnoFBMYie
EXfF33Zpf+PSNZ5HVhXenQUgxpc0Ly2zwumxAIUPk415TOU5wE0lHuXed7imeFEV
RigWscpyw1rpsBxm1VZbkpxSdrKyUquX/P2wdf20PUq67TyQIIN+kkCEY7v+MBab
iB4MTf9lzbwLw+03T/R6R8yfo2KjhlZvFahvZoJa9OYZLNrmjffZXpTMtQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAvD6pq4bf8Z+ZPGdeR+fhb1Bm0IMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQzhQcW1yaHRfeG41azhaMTVINS1GdlVHYlFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGZw9jILPX9piNtiX/yz
1ZEUisU8d71m8TUYqr7RpxIW7NAZjPqcWTM3mCbXWQS+zmzd1LMAcvq0aZjHe04p
O8eQ9qWZMX4mH+0TAS8VLKO9H2Bs27CxGrwJNkq/gs4KCuX8iltx2WPZmvmknI+D
FgggZN6vn9x3agTSK8+ayxob6GiYp/ho7/WEHzFF5qgFgXJ7TiH6/nwGU+sspKDE
PRZjoyiDBZLyy9apIvtsxHg4uPgJ1yjMVuikSt8AzZtg6Qh0zP/Q9tUswKjrb8Dx
LYMfM3XGe1sNAzqgLwXP/2uiGFtOlQkhY7meOvvkndZ/uz72/ZHhWkhvx38DHgwy
9Y0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:25 2025 by rpki-client