Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ERNwLhroSO4PPtq4fPBBi6N_tEc.roa
File: ERNwLhroSO4PPtq4fPBBi6N_tEc.roa (raw, json)
Hash identifier: AwYGAnfHmSuFh8nnMMelAOMGIW1wSDx7yD6pX5iF/oc=
Subject key identifier: 11:13:70:2E:1A:E8:48:EE:0F:3E:DA:B8:7C:F0:41:8B:A3:7F:B4:47
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE5FF134A44FA1F790DB3AABBB10A2D26
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ERNwLhroSO4PPtq4fPBBi6N_tEc.roa
Signing time: Sun 07 Jan 2024 22:15:48 +0000
ROA not before: Sun 07 Jan 2024 22:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e5:ff:13:4a:44:fa:1f:79:0d:b3:aa:bb:b1:0a:2d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 7 22:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1113702e1ae848ee0f3edab87cf0418ba37fb447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:54:1b:c7:20:80:18:24:c4:7d:9c:8f:4c:e3:
16:cb:e6:60:e5:72:f7:7e:d8:ee:49:e7:16:b5:65:
05:45:32:cc:4d:65:8e:45:e5:9e:02:58:e6:b4:c0:
2b:bb:50:b7:6c:7f:5d:02:cf:47:cc:7c:7e:e0:df:
17:94:b5:74:6c:3a:78:b3:eb:90:3e:ca:d9:71:b4:
ff:e0:89:e3:78:90:fc:1e:1b:d8:f8:74:f7:52:ed:
93:63:b2:fa:d7:b3:01:13:1b:5d:a5:43:3a:be:77:
f6:34:f5:84:2e:c7:e4:4a:15:26:32:af:1c:43:19:
67:db:0d:04:1f:e7:81:24:14:4e:55:0d:19:f4:a5:
b4:9c:04:41:4b:e1:52:3f:89:cf:d6:ed:47:4c:d8:
d4:ce:1f:22:c1:49:7f:7b:47:18:dc:d6:1e:05:47:
f8:10:f5:eb:38:30:40:96:97:4c:d0:52:c4:42:83:
74:f8:1a:46:a3:f0:ea:a0:21:aa:23:f2:9c:ee:63:
75:9f:9b:29:17:6f:e3:1a:4f:75:21:95:9a:3d:5b:
8a:98:06:7f:09:a5:8e:15:30:e2:eb:6c:aa:83:0f:
d6:46:96:bb:6c:0d:a1:ff:a6:ed:5a:a2:19:fd:26:
00:b3:00:82:99:d4:a5:1d:56:f9:d5:1b:94:4e:66:
c9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:13:70:2E:1A:E8:48:EE:0F:3E:DA:B8:7C:F0:41:8B:A3:7F:B4:47
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ERNwLhroSO4PPtq4fPBBi6N_tEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:99:df:7c:b1:85:a9:f6:4d:1f:32:47:83:31:d9:31:45:53:
9d:eb:7a:a7:0d:10:9b:c0:d1:5f:a5:d6:f0:e9:c7:48:3d:88:
9c:29:6e:49:07:d8:aa:f5:54:da:8f:0a:1e:3b:3d:11:ce:5b:
20:8a:8d:ee:23:c7:a4:04:98:09:4e:39:9b:63:96:b9:8c:ff:
09:94:5f:6a:5a:b1:67:a6:3f:11:57:e8:e8:cb:52:4e:18:8a:
fb:3d:64:0c:d5:53:48:59:d9:3d:19:56:f2:7c:d0:e0:b8:b4:
09:b1:93:b0:5a:62:08:38:61:eb:82:1a:98:fd:93:97:f2:eb:
c3:ac:6d:13:79:7e:25:80:c9:4b:f7:b0:34:c4:a6:f2:b4:52:
78:e0:a8:23:24:86:fd:1d:86:02:c8:70:34:1b:b0:ce:76:b7:
67:75:8f:30:03:65:0d:dd:c0:17:1c:5a:8e:b4:d8:1e:27:2e:
53:33:59:ef:f4:58:23:65:f8:e9:bc:1e:7e:fc:2a:54:5a:b2:
9b:39:53:eb:b6:03:ad:eb:4a:d4:e3:81:7e:8d:10:e9:e0:77:
3b:45:63:63:2f:d4:55:d5:a8:a0:26:7a:84:4d:30:c1:53:ec:
6d:62:2c:bf:3d:68:b1:05:02:a0:2b:92:0e:de:38:9c:30:31:
b4:db:a8:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzl/xNKRPofeQ2zqruxCi0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA3MjIxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTEzNzAyZTFhZTg0OGVlMGYzZWRhYjg3Y2YwNDE4YmEzN2ZiNDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1QbxyCAGCTEfZyPTOMWy+Zg5XL3
ftjuSecWtWUFRTLMTWWOReWeAljmtMAru1C3bH9dAs9HzHx+4N8XlLV0bDp4s+uQ
PsrZcbT/4InjeJD8HhvY+HT3Uu2TY7L617MBExtdpUM6vnf2NPWELsfkShUmMq8c
Qxln2w0EH+eBJBROVQ0Z9KW0nARBS+FSP4nP1u1HTNjUzh8iwUl/e0cY3NYeBUf4
EPXrODBAlpdM0FLEQoN0+BpGo/DqoCGqI/Kc7mN1n5spF2/jGk91IZWaPVuKmAZ/
CaWOFTDi62yqgw/WRpa7bA2h/6btWqIZ/SYAswCCmdSlHVb51RuUTmbJvwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBETcC4a6EjuDz7auHzwQYujf7RHMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRVJOd0xocm9TTzRQUHRxNGZQQkJpNk5fdEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACuZ33yxhan2TR8yR4Mx
2TFFU53reqcNEJvA0V+l1vDpx0g9iJwpbkkH2Kr1VNqPCh47PRHOWyCKje4jx6QE
mAlOOZtjlrmM/wmUX2pasWemPxFX6OjLUk4Yivs9ZAzVU0hZ2T0ZVvJ80OC4tAmx
k7BaYgg4YeuCGpj9k5fy68OsbRN5fiWAyUv3sDTEpvK0UnjgqCMkhv0dhgLIcDQb
sM52t2d1jzADZQ3dwBccWo602B4nLlMzWe/0WCNl+Om8Hn78KlRasps5U+u2A63r
StTjgX6NEOngdztFY2Mv1FXVqKAmeoRNMMFT7G1iLL89aLEFAqArkg7eOJwwMbTb
qL4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:03 2025 by rpki-client