Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ChzYAgMqR4UMGNIINFbyElv_VaA.roa
File: ChzYAgMqR4UMGNIINFbyElv_VaA.roa (raw, json)
Hash identifier: YaCW51WUMYKbc/aY524Jd5PNY7yOhYZGIW9pp4DJmRU=
Subject key identifier: 0A:1C:D8:02:03:2A:47:85:0C:18:D2:08:34:56:F2:12:5B:FF:55:A0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA78A768C58EEEE9341909C4B6C8E95EC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ChzYAgMqR4UMGNIINFbyElv_VaA.roa
Signing time: Tue 26 Dec 2023 19:11:58 +0000
ROA not before: Tue 26 Dec 2023 19:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a7:8a:76:8c:58:ee:ee:93:41:90:9c:4b:6c:8e:95:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 26 19:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a1cd802032a47850c18d2083456f2125bff55a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:db:bb:db:40:99:a5:f6:2e:15:ad:aa:60:be:
29:80:03:e6:7d:af:fe:59:07:6c:83:ee:fd:4c:b3:
3d:48:e1:2c:63:1b:d9:51:bc:0f:23:eb:77:8d:7c:
96:42:fa:ea:f3:55:4b:c2:95:09:ff:3d:ba:41:fe:
2f:77:e0:a8:76:79:a2:e1:95:e4:10:81:2e:48:e7:
27:a4:50:7c:f5:b6:2b:c0:d9:71:59:4c:56:ef:e0:
cb:3f:5c:26:cc:52:5c:e0:26:c2:6f:e0:7f:88:ec:
76:a1:45:ab:32:6f:d9:7e:5b:69:7f:f3:d3:6f:67:
d1:3f:d1:86:42:05:55:3f:a3:a3:0d:ed:31:32:3e:
bc:47:59:df:65:40:60:13:e4:79:ba:7a:d6:e6:ca:
9e:71:ba:c5:57:83:af:f6:e7:b4:e2:c4:c6:e4:7d:
aa:9d:ce:27:71:cf:05:04:8a:b5:60:3d:51:d2:49:
26:a4:21:cc:c3:64:90:66:91:1d:6b:08:f2:9e:44:
f6:90:d0:14:9c:98:67:1d:f1:f3:92:92:b8:ac:92:
b8:c2:ff:b3:9c:0c:c2:1c:1c:f3:2b:48:70:c1:3e:
b1:71:ea:f0:e2:4b:2b:c6:e6:c7:7e:98:70:a3:ab:
e6:2e:2e:3d:8a:5e:71:82:25:1b:2e:59:91:ea:85:
f3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1C:D8:02:03:2A:47:85:0C:18:D2:08:34:56:F2:12:5B:FF:55:A0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ChzYAgMqR4UMGNIINFbyElv_VaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:8c:1c:2f:88:07:c6:1c:5e:69:76:51:56:7f:50:69:cd:1f:
ff:a8:49:17:fe:d9:0f:f7:a8:9e:7b:69:3d:57:b2:0f:b4:3d:
35:5f:e7:ea:65:db:32:47:ec:cb:b5:fb:35:82:56:9c:07:05:
66:b9:20:57:67:ac:8e:c9:26:33:c6:32:17:bd:ed:92:f7:81:
a2:5d:49:eb:06:35:85:40:5c:d7:04:62:70:af:3c:58:f1:94:
3f:7a:57:76:91:3d:b0:6a:2f:82:f7:9b:65:f0:c7:c0:68:2e:
61:83:d5:26:2a:f9:50:fb:55:d0:f6:69:bf:ac:c9:a2:e6:23:
2c:7b:f3:bf:2e:23:e5:79:c2:1a:36:f1:74:02:90:db:c1:33:
23:65:1a:01:7d:59:3f:bb:24:9e:76:b1:94:01:b8:e4:44:06:
84:5f:3a:0d:d7:cc:8b:f2:2b:d2:83:22:37:dc:24:1c:15:d5:
16:be:0d:f1:bc:0d:3a:c0:1d:b3:e4:fe:1d:1e:5c:17:ff:41:
8d:1b:30:41:df:62:a3:ad:38:c0:2f:89:1a:4c:0f:07:8e:56:
51:52:19:65:f9:e6:22:b5:70:fa:f5:be:4a:c4:ab:79:d6:e3:
74:f3:c8:bc:7d:29:4f:d3:8c:aa:62:88:3e:4b:00:93:98:61:
11:f2:0c:77
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyninaMWO7uk0GQnEtsjpXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI2MTkxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTFjZDgwMjAzMmE0Nzg1MGMxOGQyMDgzNDU2ZjIxMjViZmY1NWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA89u720CZpfYuFa2qYL4pgAPmfa/+
WQdsg+79TLM9SOEsYxvZUbwPI+t3jXyWQvrq81VLwpUJ/z26Qf4vd+Codnmi4ZXk
EIEuSOcnpFB89bYrwNlxWUxW7+DLP1wmzFJc4CbCb+B/iOx2oUWrMm/Zfltpf/PT
b2fRP9GGQgVVP6OjDe0xMj68R1nfZUBgE+R5unrW5sqecbrFV4Ov9ue04sTG5H2q
nc4ncc8FBIq1YD1R0kkmpCHMw2SQZpEdawjynkT2kNAUnJhnHfHzkpK4rJK4wv+z
nAzCHBzzK0hwwT6xcerw4ksrxubHfphwo6vmLi49il5xgiUbLlmR6oXzKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAoc2AIDKkeFDBjSCDRW8hJb/1WgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ2h6WUFnTXFSNFVNR05JSU5GYnlFbHZfVmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGCMHC+IB8YcXml2UVZ/
UGnNH/+oSRf+2Q/3qJ57aT1Xsg+0PTVf5+pl2zJH7Mu1+zWCVpwHBWa5IFdnrI7J
JjPGMhe97ZL3gaJdSesGNYVAXNcEYnCvPFjxlD96V3aRPbBqL4L3m2Xwx8BoLmGD
1SYq+VD7VdD2ab+syaLmIyx7878uI+V5who28XQCkNvBMyNlGgF9WT+7JJ52sZQB
uOREBoRfOg3XzIvyK9KDIjfcJBwV1Ra+DfG8DTrAHbPk/h0eXBf/QY0bMEHfYqOt
OMAviRpMDweOVlFSGWX55iK1cPr1vkrEq3nW43TzyLx9KU/TjKpiiD5LAJOYYRHy
DHc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:48 2025 by rpki-client