Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EwuGY2hjhndLxk-m97oJqiZTLaE.roa
File: EwuGY2hjhndLxk-m97oJqiZTLaE.roa (raw, json)
Hash identifier: age+QIf15EIvpnth6Mi+3tY/AJyMsRM+a6aEm7mRWQk=
Subject key identifier: 13:0B:86:63:68:63:86:77:4B:C6:4F:A6:F7:BA:09:AA:26:53:2D:A1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC9A6FA80A2C14F9C866434AC56A6C843
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EwuGY2hjhndLxk-m97oJqiZTLaE.roa
Signing time: Wed 21 Feb 2024 03:12:59 +0000
ROA not before: Wed 21 Feb 2024 03:12:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c9:a6:fa:80:a2:c1:4f:9c:86:64:34:ac:56:a6:c8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 03:12:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=130b8663686386774bc64fa6f7ba09aa26532da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b7:9d:66:65:80:77:d7:ac:f0:5f:87:c4:04:
41:78:bb:81:40:33:e4:41:5a:c1:8f:12:8c:c1:77:
ea:a7:30:16:b8:09:b8:61:9f:8c:b0:a1:43:cd:ed:
1a:26:ed:78:f2:68:ff:05:39:c2:3d:9a:eb:8f:9c:
64:f3:74:98:b6:1d:6d:0a:eb:60:6b:a1:60:19:b1:
4a:2a:fe:ff:30:0f:ee:00:0c:11:de:58:e2:19:cc:
91:f4:e0:06:08:c5:60:ec:35:bf:d6:07:4a:ba:77:
91:01:7d:b1:db:9e:de:23:b9:b7:13:17:39:4e:a9:
0d:ca:13:52:ed:84:65:ea:27:f8:02:b5:7a:7b:78:
44:26:2e:72:5f:e5:a3:92:2b:bb:a2:1a:45:b3:c8:
b1:5f:be:0a:2a:f4:ff:c5:c6:f3:ea:83:7b:1b:fa:
2b:22:15:aa:f2:97:8f:45:50:36:ad:24:6a:41:04:
18:02:8b:93:af:7b:f3:a6:31:2f:78:3e:f6:37:c4:
05:68:0e:cc:01:22:1b:b0:c1:ab:4e:85:25:7f:8a:
a3:cc:04:84:6d:e4:c8:54:fb:0b:4a:f0:17:f0:6c:
25:43:fa:9e:2c:e6:9e:59:a4:1a:22:0f:a6:3d:d7:
30:9d:79:ef:0f:8a:fe:1b:54:47:32:ee:3f:b1:42:
83:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:0B:86:63:68:63:86:77:4B:C6:4F:A6:F7:BA:09:AA:26:53:2D:A1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/EwuGY2hjhndLxk-m97oJqiZTLaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9f:03:fd:79:43:c0:82:74:83:cf:1d:1b:47:81:e0:bc:bb:ad:
1f:c9:16:ca:5c:e2:f0:77:f6:86:6e:30:a2:f1:f6:20:08:b8:
61:09:18:ad:6b:bc:f9:37:e2:c8:1c:98:a7:7b:de:3d:15:a7:
fa:be:74:1c:85:f9:b5:50:96:ed:17:ab:ce:09:aa:38:af:ae:
e3:b5:45:e9:42:ab:9d:4e:56:77:1f:29:e2:99:bc:17:55:d4:
7f:34:2e:36:cc:02:6a:ea:5e:d5:54:31:05:36:62:99:30:55:
b0:f6:f1:da:99:c9:c0:44:d3:45:21:36:5a:37:3d:94:83:e1:
10:66:09:d0:94:73:72:1d:1c:49:64:6e:eb:7d:5c:07:a9:4a:
c9:a2:5b:b7:92:e8:2d:5c:7b:91:a9:cc:35:0a:1e:3e:d6:15:
46:0f:bc:43:88:0c:79:92:a0:c9:d0:f6:50:4b:ac:d0:f4:b0:
8a:20:c8:31:8f:53:4f:b9:6d:34:b3:59:85:06:fb:34:f3:bb:
c3:fd:21:7d:77:e5:ef:e2:54:60:ca:26:6a:b5:7c:bc:56:a6:
5e:14:8c:00:0f:e3:c3:84:c8:9f:61:03:e0:b6:2f:ff:44:53:
1e:f7:89:a9:60:44:5a:0e:94:09:db:eb:55:66:a3:a4:55:06:
89:c0:a5:33
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3JpvqAosFPnIZkNKxWpshDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMDMxMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzBiODY2MzY4NjM4Njc3NGJjNjRmYTZmN2JhMDlhYTI2NTMyZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLedZmWAd9es8F+HxARBeLuBQDPk
QVrBjxKMwXfqpzAWuAm4YZ+MsKFDze0aJu148mj/BTnCPZrrj5xk83SYth1tCutg
a6FgGbFKKv7/MA/uAAwR3ljiGcyR9OAGCMVg7DW/1gdKuneRAX2x257eI7m3Exc5
TqkNyhNS7YRl6if4ArV6e3hEJi5yX+Wjkiu7ohpFs8ixX74KKvT/xcbz6oN7G/or
IhWq8pePRVA2rSRqQQQYAouTr3vzpjEveD72N8QFaA7MASIbsMGrToUlf4qjzASE
beTIVPsLSvAX8GwlQ/qeLOaeWaQaIg+mPdcwnXnvD4r+G1RHMu4/sUKDIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBMLhmNoY4Z3S8ZPpve6CaomUy2hMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvRXd1R1kyaGpobmRMeGstbTk3b0pxaVpUTGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ8D/XlDwIJ0g88dG0eB
4Ly7rR/JFspc4vB39oZuMKLx9iAIuGEJGK1rvPk34sgcmKd73j0Vp/q+dByF+bVQ
lu0Xq84JqjivruO1RelCq51OVncfKeKZvBdV1H80LjbMAmrqXtVUMQU2YpkwVbD2
8dqZycBE00UhNlo3PZSD4RBmCdCUc3IdHElkbut9XAepSsmiW7eS6C1ce5GpzDUK
Hj7WFUYPvEOIDHmSoMnQ9lBLrND0sIogyDGPU0+5bTSzWYUG+zTzu8P9IX135e/i
VGDKJmq1fLxWpl4UjAAP48OEyJ9hA+C2L/9EUx73ialgRFoOlAnb61Vmo6RVBonA
pTM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:06 2025 by rpki-client