Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EokEKO32sMJ433O6gyjL72fu0dQ.roa
File: EokEKO32sMJ433O6gyjL72fu0dQ.roa (raw, json)
Hash identifier: TGtt22AfZzaJt2OEBLppDa8obv7g00BdyVJXuN4QpsA=
Subject key identifier: 12:89:04:28:ED:F6:B0:C2:78:DF:73:BA:83:28:CB:EF:67:EE:D1:D4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D721B1E916CD092E8CD88BE4856FB9FD4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EokEKO32sMJ433O6gyjL72fu0dQ.roa
Signing time: Sun 04 Feb 2024 03:13:16 +0000
ROA not before: Sun 04 Feb 2024 03:13:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:72:1b:1e:91:6c:d0:92:e8:cd:88:be:48:56:fb:9f:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 4 03:13:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12890428edf6b0c278df73ba8328cbef67eed1d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5e:e1:61:1e:30:e8:a2:7e:15:ec:eb:4c:90:
25:98:24:b3:06:85:b3:05:d3:d9:12:0c:a4:83:fb:
73:74:63:35:60:f2:5c:72:f0:9b:ff:bd:dd:4e:a9:
c2:91:11:64:08:75:3e:4a:a0:a1:79:38:3d:59:ba:
04:29:16:96:b8:aa:17:c8:c5:15:63:7f:f3:fc:9c:
cc:b0:3f:b0:ad:d9:88:67:bb:09:6f:fc:23:86:49:
cc:e1:19:cd:bb:ba:e2:42:1b:30:fe:12:97:dd:be:
5d:23:de:0b:78:b4:5e:72:bf:6a:fe:c0:55:03:04:
71:ac:66:0a:4c:f0:c5:93:8e:57:40:08:c5:c7:a2:
c8:dd:4a:09:e1:5b:64:3f:fe:d5:57:2c:03:b6:05:
09:36:8d:e4:01:dd:b6:e3:ea:7d:8b:7e:58:30:3d:
80:d3:c3:01:7a:0f:0d:90:9a:04:50:af:f7:78:0d:
a9:7f:3b:0a:a9:63:37:70:3f:b7:28:b1:f9:7e:69:
83:73:ef:07:d1:9d:de:9e:2e:9d:03:1f:e2:00:b0:
d9:66:7c:00:52:b0:86:bd:4e:b1:3e:87:f6:3e:bd:
da:48:75:f6:69:31:dc:85:cb:75:a1:01:4b:13:b3:
89:1c:04:dc:80:3c:e4:34:60:67:74:0f:6c:d2:c4:
c3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:89:04:28:ED:F6:B0:C2:78:DF:73:BA:83:28:CB:EF:67:EE:D1:D4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EokEKO32sMJ433O6gyjL72fu0dQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
54:c3:e7:af:01:f8:7a:a8:d1:9a:58:e1:6f:fc:9c:b9:bc:f8:
b6:e6:8d:d3:6c:ca:07:71:9a:29:e3:cd:eb:41:ca:3f:82:85:
ce:51:64:89:00:29:46:be:81:63:9e:6e:54:f3:16:53:b8:1f:
6f:fd:75:34:9e:73:b3:cf:d8:8d:62:ff:29:16:a6:ab:c7:65:
11:a0:2f:d8:1f:58:ab:68:de:09:36:a2:90:e3:62:ea:ba:bb:
11:2f:0c:3a:be:c3:79:7f:ce:4c:8c:ac:af:1e:0f:1f:19:e6:
86:c3:62:ff:f9:4d:1b:c7:36:48:3c:15:56:4d:9e:b5:86:76:
33:0c:94:81:df:f9:40:75:23:32:b1:65:41:81:d4:b9:ee:d5:
ae:b0:42:aa:b5:3e:0c:31:c0:61:7e:ac:5f:ae:4b:27:c5:4f:
51:00:22:ed:69:59:dd:2f:74:32:a2:cb:16:4d:62:b1:c6:4b:
0c:de:b0:5a:73:88:56:17:9a:c7:d5:57:bc:08:fa:4b:80:80:
09:d7:8a:b2:f5:eb:56:11:0b:b2:1c:f7:33:d0:5a:d4:90:a6:
a1:a3:2a:7e:d4:a6:60:f4:32:f7:04:d7:41:00:3b:9e:88:94:
bb:ce:d8:3f:11:eb:4e:ee:26:b2:af:5d:f2:d9:53:38:42:7b:
a3:b8:bf:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1yGx6RbNCS6M2IvkhW+5/UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA0MDMxMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjg5MDQyOGVkZjZiMGMyNzhkZjczYmE4MzI4Y2JlZjY3ZWVkMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV7hYR4w6KJ+FezrTJAlmCSzBoWz
BdPZEgykg/tzdGM1YPJccvCb/73dTqnCkRFkCHU+SqCheTg9WboEKRaWuKoXyMUV
Y3/z/JzMsD+wrdmIZ7sJb/wjhknM4RnNu7riQhsw/hKX3b5dI94LeLRecr9q/sBV
AwRxrGYKTPDFk45XQAjFx6LI3UoJ4VtkP/7VVywDtgUJNo3kAd224+p9i35YMD2A
08MBeg8NkJoEUK/3eA2pfzsKqWM3cD+3KLH5fmmDc+8H0Z3eni6dAx/iALDZZnwA
UrCGvU6xPof2Pr3aSHX2aTHchct1oQFLE7OJHATcgDzkNGBndA9s0sTDfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBKJBCjt9rDCeN9zuoMoy+9n7tHUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRW9rRUtPMzJzTUo0MzNPNmd5akw3MmZ1MGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFTD568B+Hqo0ZpY4W/8
nLm8+LbmjdNsygdxminjzetByj+Chc5RZIkAKUa+gWOeblTzFlO4H2/9dTSec7PP
2I1i/ykWpqvHZRGgL9gfWKto3gk2opDjYuq6uxEvDDq+w3l/zkyMrK8eDx8Z5obD
Yv/5TRvHNkg8FVZNnrWGdjMMlIHf+UB1IzKxZUGB1Lnu1a6wQqq1PgwxwGF+rF+u
SyfFT1EAIu1pWd0vdDKiyxZNYrHGSwzesFpziFYXmsfVV7wI+kuAgAnXirL161YR
C7Ic9zPQWtSQpqGjKn7UpmD0MvcE10EAO56IlLvO2D8R607uJrKvXfLZUzhCe6O4
v/s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:49 2025 by rpki-client