Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DZFl1LUluxGRmjG_rEuTdi3g8eY.roa
File: DZFl1LUluxGRmjG_rEuTdi3g8eY.roa (raw, json)
Hash identifier: VIy1efqTvzaQe3bRap0EESi0j24WhfwvSxt1/xX9XIc=
Subject key identifier: 0D:91:65:D4:B5:25:BB:11:91:9A:31:BF:AC:4B:93:76:2D:E0:F1:E6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D91700AA76B5BDC64BB1977EF1DA7796D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DZFl1LUluxGRmjG_rEuTdi3g8eY.roa
Signing time: Sat 10 Feb 2024 05:14:15 +0000
ROA not before: Sat 10 Feb 2024 05:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:91:70:0a:a7:6b:5b:dc:64:bb:19:77:ef:1d:a7:79:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 10 05:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d9165d4b525bb11919a31bfac4b93762de0f1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:47:e6:52:5b:d1:c9:d1:09:ce:4d:cf:4e:11:
d3:a1:e4:4f:22:1b:0f:03:6f:34:94:3a:ff:b1:24:
73:b6:12:12:68:10:81:eb:41:81:87:c1:e0:89:85:
f2:45:68:c8:37:ae:6f:2a:67:f4:6f:42:c4:c6:a5:
3e:11:af:8b:f8:a5:3d:0e:ec:ec:af:af:ab:0b:ee:
5c:e3:81:cf:a6:92:8d:de:02:73:e4:e6:ab:73:ad:
de:94:fb:21:00:78:09:49:25:3e:db:ad:9d:82:d3:
98:5f:a3:b2:fa:79:4e:c7:05:f9:58:cc:d6:53:90:
93:1d:12:92:90:80:72:c2:4c:ad:51:81:0d:5f:de:
56:6a:e6:e1:2b:14:c6:4c:dc:36:8d:1e:a3:4c:58:
da:7a:fc:c8:a7:33:7e:a7:53:01:d7:cf:84:1a:29:
a2:da:a7:65:01:92:37:4f:a6:f3:09:b5:03:2f:86:
16:4b:f8:58:07:fe:e7:08:93:e7:9d:47:d7:c9:3e:
0a:b1:7d:ae:aa:c9:9c:32:9c:38:01:cb:fe:98:12:
c7:27:c6:7e:5b:7b:fb:15:5a:de:6a:68:60:4f:6c:
83:9f:57:f5:03:b1:52:50:9c:24:66:17:4d:2b:51:
d5:02:86:0f:64:bb:71:e0:bb:eb:b5:72:2d:6d:9e:
3c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:91:65:D4:B5:25:BB:11:91:9A:31:BF:AC:4B:93:76:2D:E0:F1:E6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/DZFl1LUluxGRmjG_rEuTdi3g8eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:84:a0:8e:74:19:32:31:ac:31:50:15:66:59:ca:d9:23:9c:
6a:ed:44:6b:e6:2d:ba:bb:27:b7:9d:f0:5d:10:7f:79:d9:46:
dc:25:01:98:23:d0:d1:3c:02:1c:fb:b1:25:83:28:48:32:1f:
79:c3:43:20:32:0a:06:7d:ef:90:40:91:bf:cf:34:61:aa:bf:
51:b3:b6:a5:4a:9b:29:41:a2:fb:61:cd:aa:97:81:10:94:f7:
c0:05:e7:99:df:7c:7b:ba:42:fc:8c:ef:ac:a8:1f:b8:8a:9b:
84:86:01:bd:8b:ef:04:7e:4a:73:49:fe:86:4c:a7:3e:89:b0:
97:d8:cf:b0:23:7e:2d:3d:74:81:ee:ed:e5:91:c5:de:51:48:
b0:5f:dc:85:d0:1c:18:bb:f6:45:ce:9e:b2:8f:6c:46:a0:dc:
75:a2:9b:b9:97:c6:17:90:18:09:8f:a6:f4:9a:62:34:49:2e:
1c:95:db:2d:56:6e:4c:fc:c2:53:08:27:06:2c:f8:da:1d:b1:
c8:2c:9e:60:e0:28:bf:a1:c9:81:46:49:8e:c7:8e:4c:64:fa:
80:d2:14:ee:fb:26:06:b3:d1:72:a0:61:39:d9:91:32:b4:22:
95:9e:7a:02:cf:34:cc:5d:d7:89:9e:80:69:e8:c3:ed:5c:55:
97:b7:81:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2RcAqna1vcZLsZd+8dp3ltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEwMDUxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDkxNjVkNGI1MjViYjExOTE5YTMxYmZhYzRiOTM3NjJkZTBmMWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEfmUlvRydEJzk3PThHToeRPIhsP
A280lDr/sSRzthISaBCB60GBh8HgiYXyRWjIN65vKmf0b0LExqU+Ea+L+KU9Duzs
r6+rC+5c44HPppKN3gJz5Oarc63elPshAHgJSSU+262dgtOYX6Oy+nlOxwX5WMzW
U5CTHRKSkIBywkytUYENX95WaubhKxTGTNw2jR6jTFjaevzIpzN+p1MB18+EGimi
2qdlAZI3T6bzCbUDL4YWS/hYB/7nCJPnnUfXyT4KsX2uqsmcMpw4Acv+mBLHJ8Z+
W3v7FVreamhgT2yDn1f1A7FSUJwkZhdNK1HVAoYPZLtx4LvrtXItbZ48owIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA2RZdS1JbsRkZoxv6xLk3Yt4PHmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRFpGbDFMVWx1eEdSbWpHX3JFdVRkaTNnOGVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGCEoI50GTIxrDFQFWZZ
ytkjnGrtRGvmLbq7J7ed8F0Qf3nZRtwlAZgj0NE8Ahz7sSWDKEgyH3nDQyAyCgZ9
75BAkb/PNGGqv1GztqVKmylBovthzaqXgRCU98AF55nffHu6QvyM76yoH7iKm4SG
Ab2L7wR+SnNJ/oZMpz6JsJfYz7Ajfi09dIHu7eWRxd5RSLBf3IXQHBi79kXOnrKP
bEag3HWim7mXxheQGAmPpvSaYjRJLhyV2y1Wbkz8wlMIJwYs+NodscgsnmDgKL+h
yYFGSY7Hjkxk+oDSFO77Jgaz0XKgYTnZkTK0IpWeegLPNMxd14megGnow+1cVZe3
gcU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:33 2025 by rpki-client