Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CpjLMu1RpqfzoBczy6YKucPMWE4.roa
File: CpjLMu1RpqfzoBczy6YKucPMWE4.roa (raw, json)
Hash identifier: Em2oV2TFbDomGms49yW9AbvDk+LnfYxNiW29rs7lzt4=
Subject key identifier: 0A:98:CB:32:ED:51:A6:A7:F3:A0:17:33:CB:A6:0A:B9:C3:CC:58:4E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD3F1B090CB51186A268AE483795E7589
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CpjLMu1RpqfzoBczy6YKucPMWE4.roa
Signing time: Fri 23 Feb 2024 03:10:48 +0000
ROA not before: Fri 23 Feb 2024 03:10:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d3:f1:b0:90:cb:51:18:6a:26:8a:e4:83:79:5e:75:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 23 03:10:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a98cb32ed51a6a7f3a01733cba60ab9c3cc584e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:75:d9:56:06:3b:f1:92:23:89:67:d7:55:
94:03:ea:29:3e:2b:05:52:8a:a9:34:6f:f1:03:f9:
72:82:3c:01:f1:e1:b9:a9:78:f6:ef:6e:91:bb:92:
b6:b2:4b:9a:fc:b2:c9:52:7a:91:b7:af:fa:8e:98:
7b:c8:dc:35:9a:92:38:af:56:3d:77:b1:8d:c4:15:
a9:9a:41:e0:60:76:d1:54:5a:3e:70:1e:49:02:03:
64:67:87:2d:69:b7:9e:e8:d8:77:59:12:c1:a2:c9:
b6:d3:83:86:6b:8a:b6:0c:21:0e:11:97:94:91:ec:
68:53:df:70:24:0f:9b:90:2e:6c:89:d1:a9:93:5f:
8e:1f:24:cd:08:62:6f:a9:13:fc:30:f5:39:95:61:
60:f1:69:3e:0a:5f:0d:3a:0e:98:63:b3:66:65:e2:
cf:00:c4:95:2a:f3:4e:83:ba:17:f0:c5:57:b3:5d:
52:ef:22:fe:16:95:a7:0c:7c:79:2b:e1:3d:fb:ac:
fb:b1:5b:ca:60:1b:77:87:4d:58:bc:ff:25:61:bf:
37:d0:d6:d9:23:50:45:44:95:d3:ef:74:d9:7c:c8:
a1:64:99:6d:11:33:6c:2a:a8:88:b3:32:20:3d:62:
aa:24:37:68:31:e1:78:54:30:76:d3:c5:35:a2:51:
af:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:98:CB:32:ED:51:A6:A7:F3:A0:17:33:CB:A6:0A:B9:C3:CC:58:4E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/CpjLMu1RpqfzoBczy6YKucPMWE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
16:aa:ee:bb:c1:5e:6b:11:c3:46:71:36:af:40:c7:13:c4:6c:
d8:76:e7:53:18:8d:aa:94:5f:77:bb:7d:c8:e6:fa:ea:cf:ca:
3d:e9:ce:56:be:2c:5e:70:c5:14:1b:e9:77:e8:33:e0:56:ca:
5c:ad:bc:c7:95:65:ef:4b:3a:63:89:82:c0:08:c7:8f:46:da:
9d:c3:d4:d9:14:5e:37:15:f2:33:37:ad:9b:8a:65:8d:03:31:
59:a2:ae:20:6e:5a:4b:29:21:6c:cc:74:f1:99:50:26:01:7f:
a7:87:6b:04:b3:e9:47:7d:b5:b6:c7:33:30:d1:a6:d9:0d:6d:
27:cd:c3:d6:56:2e:d9:ba:7c:68:ac:71:af:ef:60:38:12:8b:
9d:e6:0f:57:11:1b:65:ad:85:f0:a8:fc:6a:4a:e5:10:8e:c2:
c5:d3:fc:0a:eb:fe:72:51:c5:62:81:7d:6d:37:ca:25:ca:c4:
40:a3:65:24:9b:d0:b0:f2:e4:85:00:0e:bf:18:d1:e5:42:de:
02:4f:e3:20:cb:3b:73:17:93:1b:01:2b:ca:97:5d:8f:e5:bd:
1c:f9:05:32:be:28:7b:bc:83:af:f8:23:57:b7:c6:85:6a:6c:
d1:fb:da:3f:1d:43:86:0f:b0:12:92:7f:9d:91:6d:26:be:e4:
58:65:f5:dc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3T8bCQy1EYaiaK5IN5XnWJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIzMDMxMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk4Y2IzMmVkNTFhNmE3ZjNhMDE3MzNjYmE2MGFiOWMzY2M1ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhV12VYGO/GSI4ln11WUA+opPisF
UoqpNG/xA/lygjwB8eG5qXj2726Ru5K2skua/LLJUnqRt6/6jph7yNw1mpI4r1Y9
d7GNxBWpmkHgYHbRVFo+cB5JAgNkZ4ctabee6Nh3WRLBosm204OGa4q2DCEOEZeU
kexoU99wJA+bkC5sidGpk1+OHyTNCGJvqRP8MPU5lWFg8Wk+Cl8NOg6YY7NmZeLP
AMSVKvNOg7oX8MVXs11S7yL+FpWnDHx5K+E9+6z7sVvKYBt3h01YvP8lYb830NbZ
I1BFRJXT73TZfMihZJltETNsKqiIszIgPWKqJDdoMeF4VDB208U1olGvNwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAqYyzLtUaan86AXM8umCrnDzFhOMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvQ3BqTE11MVJwcWZ6b0Jjenk2WUt1Y1BNV0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABaq7rvBXmsRw0ZxNq9A
xxPEbNh251MYjaqUX3e7fcjm+urPyj3pzla+LF5wxRQb6XfoM+BWylytvMeVZe9L
OmOJgsAIx49G2p3D1NkUXjcV8jM3rZuKZY0DMVmiriBuWkspIWzMdPGZUCYBf6eH
awSz6Ud9tbbHMzDRptkNbSfNw9ZWLtm6fGisca/vYDgSi53mD1cRG2WthfCo/GpK
5RCOwsXT/Arr/nJRxWKBfW03yiXKxECjZSSb0LDy5IUADr8Y0eVC3gJP4yDLO3MX
kxsBK8qXXY/lvRz5BTK+KHu8g6/4I1e3xoVqbNH72j8dQ4YPsBKSf52RbSa+5Fhl
9dw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:41 2025 by rpki-client