Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DWveqyE5VmT1M3ZnP8e03-w3Uhg.roa
File: DWveqyE5VmT1M3ZnP8e03-w3Uhg.roa (raw, json)
Hash identifier: lsF/7I8YLDIUG6OotHkjlvsf+SeHYP5KkddvmoNGNHk=
Subject key identifier: 0D:6B:DE:AB:21:39:56:64:F5:33:76:67:3F:C7:B4:DF:EC:37:52:18
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5DB72354C565D9ED47B58A69C6487894
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DWveqyE5VmT1M3ZnP8e03-w3Uhg.roa
Signing time: Wed 31 Jan 2024 04:11:39 +0000
ROA not before: Wed 31 Jan 2024 04:11:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5d:b7:23:54:c5:65:d9:ed:47:b5:8a:69:c6:48:78:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 31 04:11:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d6bdeab21395664f53376673fc7b4dfec375218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:54:e7:ee:11:47:50:79:7d:3a:b2:00:75:ce:
21:ae:07:4a:e4:4c:0a:61:7a:4e:e5:aa:39:e4:05:
8e:f1:dd:4a:a8:b5:81:78:08:e3:5e:86:25:0a:75:
98:f0:97:a7:f7:13:21:c8:a4:a4:2f:08:e0:3c:23:
6e:ec:b5:1b:bc:d4:8a:46:48:0f:57:07:c2:48:b9:
b2:75:a6:e7:4b:b4:6d:f0:d6:70:3c:23:a0:d4:f7:
a4:3d:30:8d:b9:d0:68:c3:bf:49:89:9f:83:94:f8:
53:6f:57:e1:b2:dd:ef:ad:5b:e9:de:ab:fe:72:20:
3c:12:cf:0d:52:82:c4:53:44:59:b8:cf:f0:14:ad:
e4:29:51:85:93:3d:14:8a:61:64:df:10:e9:36:cf:
1d:5c:3b:e1:5b:b7:99:6d:b4:13:79:cb:72:35:37:
24:14:eb:9a:b6:09:66:ef:8e:63:62:1c:bd:04:c3:
be:14:dc:74:6d:34:ba:fe:a5:6a:5e:cb:a5:25:0d:
f5:fa:26:da:ad:18:55:0d:6f:0a:31:b0:c3:43:a7:
04:49:f7:f3:87:2f:51:cb:07:a4:c7:d7:e9:21:fd:
81:91:b1:20:9c:72:17:da:0d:40:0b:c4:81:c1:de:
70:1d:91:9a:ff:58:45:f8:44:cd:27:46:60:73:c6:
13:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:6B:DE:AB:21:39:56:64:F5:33:76:67:3F:C7:B4:DF:EC:37:52:18
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DWveqyE5VmT1M3ZnP8e03-w3Uhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
38:0c:c6:15:a6:dc:75:24:d6:b6:31:59:12:89:ec:70:ce:1b:
44:fd:b2:56:41:5e:49:9d:bf:40:db:9f:3d:81:f6:01:3e:9d:
81:d1:e7:ff:12:9c:fd:55:4d:d9:e9:18:b1:7e:98:bb:2f:f2:
93:82:90:bf:58:b3:a4:f3:06:a0:2e:d1:4c:53:eb:cf:01:b0:
22:82:ea:a7:34:3c:49:05:7d:6f:26:98:a8:6f:7e:9f:20:70:
60:4d:72:cd:a9:fb:a7:0b:a9:d4:a3:65:a6:09:42:ec:a5:d6:
9b:6f:13:49:b5:41:2b:8f:e8:32:e2:42:3d:89:e8:32:37:b8:
b9:fc:d1:a5:a8:d0:a7:56:68:80:7e:eb:93:cd:cd:80:6c:de:
dd:e7:31:1c:23:22:2b:20:2e:96:5b:3c:5c:bb:00:f6:eb:76:
62:e4:e4:ed:a0:e8:02:75:6f:4c:6b:81:e4:2d:97:97:f1:9e:
06:54:4b:a5:fd:5a:e8:4e:fd:20:89:d7:af:04:53:c3:05:a0:
74:eb:5a:21:3a:44:80:20:51:2b:91:14:8a:44:cf:3e:e3:51:
6e:f1:14:79:bf:53:56:7a:dd:18:78:4d:f4:3b:1d:ca:fc:58:
6f:ca:1e:6d:95:96:c6:74:80:65:a3:47:b4:c5:a5:d7:ec:79:
c7:00:69:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1dtyNUxWXZ7Ue1imnGSHiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMxMDQxMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDZiZGVhYjIxMzk1NjY0ZjUzMzc2NjczZmM3YjRkZmVjMzc1MjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFTn7hFHUHl9OrIAdc4hrgdK5EwK
YXpO5ao55AWO8d1KqLWBeAjjXoYlCnWY8Jen9xMhyKSkLwjgPCNu7LUbvNSKRkgP
VwfCSLmydabnS7Rt8NZwPCOg1PekPTCNudBow79JiZ+DlPhTb1fhst3vrVvp3qv+
ciA8Es8NUoLEU0RZuM/wFK3kKVGFkz0UimFk3xDpNs8dXDvhW7eZbbQTectyNTck
FOuatglm745jYhy9BMO+FNx0bTS6/qVqXsulJQ31+ibarRhVDW8KMbDDQ6cESffz
hy9Rywekx9fpIf2BkbEgnHIX2g1AC8SBwd5wHZGa/1hF+ETNJ0Zgc8YT0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA1r3qshOVZk9TN2Zz/HtN/sN1IYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRFd2ZXF5RTVWbVQxTTNablA4ZTAzLXczVWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADgMxhWm3HUk1rYxWRKJ
7HDOG0T9slZBXkmdv0Dbnz2B9gE+nYHR5/8SnP1VTdnpGLF+mLsv8pOCkL9Ys6Tz
BqAu0UxT688BsCKC6qc0PEkFfW8mmKhvfp8gcGBNcs2p+6cLqdSjZaYJQuyl1ptv
E0m1QSuP6DLiQj2J6DI3uLn80aWo0KdWaIB+65PNzYBs3t3nMRwjIisgLpZbPFy7
APbrdmLk5O2g6AJ1b0xrgeQtl5fxngZUS6X9WuhO/SCJ168EU8MFoHTrWiE6RIAg
USuRFIpEzz7jUW7xFHm/U1Z63Rh4TfQ7Hcr8WG/KHm2VlsZ0gGWjR7TFpdfseccA
aSA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:44 2025 by rpki-client