Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CN1fMHdAdO3rPDxHSlOEqFa52kc.roa
File: CN1fMHdAdO3rPDxHSlOEqFa52kc.roa (raw, json)
Hash identifier: K2A6Eikl89GHDhyg3bzHDL8AiDvGfY1eRirc4menXfE=
Subject key identifier: 08:DD:5F:30:77:40:74:ED:EB:3C:3C:47:4A:53:84:A8:56:B9:DA:47
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D30D8818AF70CD1606E2CEA4124FA492D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CN1fMHdAdO3rPDxHSlOEqFa52kc.roa
Signing time: Mon 22 Jan 2024 11:05:11 +0000
ROA not before: Mon 22 Jan 2024 11:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:30d8:271f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:d8:81:8a:f7:0c:d1:60:6e:2c:ea:41:24:fa:49:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 22 11:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08dd5f30774074edeb3c3c474a5384a856b9da47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:41:45:88:24:90:a4:08:6d:14:6f:38:a3:be:
8b:9f:22:d8:87:4d:f8:11:03:bf:40:9d:2a:5f:9e:
b4:c8:69:9e:69:dd:10:fb:3c:5e:f6:ea:7d:2a:2b:
2b:40:f8:32:10:3c:04:ab:8a:1a:e3:f3:2e:77:11:
7a:0f:fc:a8:17:7b:09:6f:a8:e7:be:eb:e4:80:f9:
80:30:02:99:df:46:97:ba:ea:ab:39:7e:5a:d0:8e:
63:28:d7:fa:f8:e8:06:79:41:bd:03:1c:e0:02:d4:
8f:c2:9c:69:b2:7f:92:22:60:49:fd:37:f2:3c:9d:
0a:89:07:8e:20:39:c9:8e:88:48:4e:bb:1c:6c:3a:
2e:c7:86:65:ba:87:c8:9c:14:01:67:92:9d:58:84:
60:f9:94:ba:a7:57:f2:69:46:ef:a3:c8:31:51:39:
39:10:41:40:7c:b8:77:b6:2b:ad:67:e3:e9:7b:93:
e8:aa:54:1b:d4:24:66:58:89:df:58:65:38:58:26:
c0:de:38:b6:1e:98:91:75:9e:87:7d:20:5c:b2:1f:
f3:c9:f8:69:26:13:8e:49:af:1c:e5:60:82:1c:73:
48:f4:83:40:0e:b4:b2:8d:da:58:42:4a:19:35:d8:
2e:7f:e9:5a:ef:be:15:4a:fb:02:f6:94:e5:8f:3f:
09:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DD:5F:30:77:40:74:ED:EB:3C:3C:47:4A:53:84:A8:56:B9:DA:47
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CN1fMHdAdO3rPDxHSlOEqFa52kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a1:ef:ce:ec:c1:c8:80:9e:77:be:4e:62:d1:d5:41:ba:13:d2:
26:fd:d3:c5:8f:11:98:2f:0e:46:04:51:01:49:bb:b7:2d:96:
8e:47:eb:86:66:bf:d4:2f:27:cc:23:5c:a2:1c:92:a1:e4:24:
b2:c7:aa:18:85:ab:c2:ac:77:77:f4:ff:b1:08:a0:ae:89:47:
9b:82:2b:fb:85:d4:11:45:ef:b5:f7:6e:8c:c5:24:05:c8:f2:
dc:f2:c0:36:52:1e:2b:27:57:5c:1a:3b:de:71:e5:4d:bc:04:
61:33:bb:19:93:42:3c:87:da:7d:cd:26:c7:4d:ab:c0:87:3e:
38:ec:e4:91:09:60:b7:7d:04:2c:4a:b7:24:ad:19:1f:19:50:
d8:cc:ba:35:4a:83:1a:ad:b2:24:67:40:95:0d:ad:b8:63:f9:
b1:67:63:7d:54:04:17:c6:23:21:38:90:58:83:34:70:1f:03:
47:d5:41:d5:5c:80:02:1d:c2:8b:d9:1a:39:93:28:40:08:7c:
eb:36:51:d8:ef:a7:4f:45:78:b7:80:ba:5e:e7:c4:d4:3a:86:
82:e4:c2:c4:86:e9:5d:68:cf:1c:ff:1a:f7:25:f9:d1:f2:ea:
01:c6:18:68:58:bd:fa:c6:41:e1:ba:3d:46:5e:2e:40:7d:71:
9c:32:57:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0w2IGK9wzRYG4s6kEk+kktMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIyMTEwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRkNWYzMDc3NDA3NGVkZWIzYzNjNDc0YTUzODRhODU2YjlkYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUFFiCSQpAhtFG84o76LnyLYh034
EQO/QJ0qX560yGmead0Q+zxe9up9KisrQPgyEDwEq4oa4/MudxF6D/yoF3sJb6jn
vuvkgPmAMAKZ30aXuuqrOX5a0I5jKNf6+OgGeUG9AxzgAtSPwpxpsn+SImBJ/Tfy
PJ0KiQeOIDnJjohITrscbDoux4ZluofInBQBZ5KdWIRg+ZS6p1fyaUbvo8gxUTk5
EEFAfLh3tiutZ+Ppe5PoqlQb1CRmWInfWGU4WCbA3ji2HpiRdZ6HfSBcsh/zyfhp
JhOOSa8c5WCCHHNI9INADrSyjdpYQkoZNdguf+la774VSvsC9pTljz8JdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAjdXzB3QHTt6zw8R0pThKhWudpHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ04xZk1IZEFkTzNyUER4SFNsT0VxRmE1MmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKHvzuzByICed75OYtHV
QboT0ib908WPEZgvDkYEUQFJu7ctlo5H64Zmv9QvJ8wjXKIckqHkJLLHqhiFq8Ks
d3f0/7EIoK6JR5uCK/uF1BFF77X3bozFJAXI8tzywDZSHisnV1waO95x5U28BGEz
uxmTQjyH2n3NJsdNq8CHPjjs5JEJYLd9BCxKtyStGR8ZUNjMujVKgxqtsiRnQJUN
rbhj+bFnY31UBBfGIyE4kFiDNHAfA0fVQdVcgAIdwovZGjmTKEAIfOs2Udjvp09F
eLeAul7nxNQ6hoLkwsSG6V1ozxz/Gvcl+dHy6gHGGGhYvfrGQeG6PUZeLkB9cZwy
V9k=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:31 2025 by rpki-client