Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IbJFFRYRCfhUx2XLbfkC0jydDLA.roa
File: IbJFFRYRCfhUx2XLbfkC0jydDLA.roa (raw, json)
Hash identifier: uQYZ0VbHy4EHSwB9gAZ1HCOWhNXedPGImtdtL65O/nY=
Subject key identifier: 21:B2:45:15:16:11:09:F8:54:C7:65:CB:6D:F9:02:D2:3C:9D:0C:B0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBE141D2ED4A78C646A3C3C920E732CD4
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IbJFFRYRCfhUx2XLbfkC0jydDLA.roa
Signing time: Sun 31 Dec 2023 04:13:58 +0000
ROA not before: Sun 31 Dec 2023 04:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:be:14:1d:2e:d4:a7:8c:64:6a:3c:3c:92:0e:73:2c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 04:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21b24515161109f854c765cb6df902d23c9d0cb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:38:31:27:ea:13:ec:ee:f4:72:b3:b0:68:1c:
79:d8:ab:7a:70:35:2b:b6:d5:40:60:33:34:66:b8:
57:9a:b2:a5:87:96:1c:88:3c:96:20:72:b8:27:82:
fc:5d:6c:ff:b3:ed:a7:c5:2f:e0:99:dc:f2:35:e7:
59:d6:4e:d0:8a:25:0e:36:d4:42:d7:69:af:36:c7:
95:12:1f:57:88:ad:9b:05:19:d6:8f:b4:30:88:60:
95:04:9e:ce:40:3c:67:cd:4b:0d:dd:10:e0:3d:91:
68:5d:cc:f0:3b:40:eb:56:d0:72:1a:78:0b:99:06:
bb:65:9f:c9:d5:96:87:1f:68:b6:7d:80:ef:36:81:
a3:7b:8c:ba:43:2a:95:42:ed:48:04:64:37:95:8f:
4f:25:08:02:f4:f9:a1:97:15:b7:ed:16:82:a6:d2:
25:5a:33:36:78:3d:56:39:e4:37:d3:1a:e5:0a:d2:
32:23:73:68:46:a7:d6:71:93:e4:45:f9:e2:89:1d:
94:28:e6:8b:69:07:ee:49:a4:1c:9d:4c:a1:b0:f5:
df:ec:53:2a:f8:ce:72:ae:e7:57:49:c2:40:af:22:
a9:c4:34:9d:29:be:59:c1:84:3d:ea:0d:8d:9b:6c:
57:b0:2e:61:fa:58:17:53:cc:b2:9c:9c:ed:5c:c8:
7d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B2:45:15:16:11:09:F8:54:C7:65:CB:6D:F9:02:D2:3C:9D:0C:B0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/IbJFFRYRCfhUx2XLbfkC0jydDLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:d9:b9:3c:d7:df:2e:5e:98:f7:2b:7f:23:36:d0:7b:f9:63:
91:4d:83:d9:03:b2:c0:03:94:3c:eb:fd:ab:be:2d:5c:4c:30:
3c:4f:b0:8a:99:2c:ec:83:af:b8:81:d3:75:fe:e2:14:5b:f2:
33:5a:f9:26:77:cc:9e:aa:88:01:3c:7e:91:c3:1a:db:c0:10:
1c:64:d9:ee:de:b7:15:5a:2b:a8:83:43:39:03:e1:83:03:4e:
bf:09:cf:51:c2:95:b5:c7:7a:08:56:1f:fe:b1:79:8b:ce:d3:
1e:f6:6c:16:e6:95:e2:0d:81:8e:bc:81:22:4f:fc:b9:88:ed:
f8:b5:f1:be:07:ae:ad:5b:f1:da:ae:6b:a6:0c:be:48:a0:27:
d9:c4:91:47:02:89:28:da:aa:d2:31:46:cf:1e:18:cf:66:ea:
0b:25:3f:cb:92:71:40:c7:22:43:8a:df:39:05:95:96:40:60:
1b:22:bd:d5:82:48:65:6c:78:eb:e0:82:44:92:8f:5a:fa:f7:
e8:32:26:ae:f6:35:66:4e:8e:88:cb:b6:d2:d7:99:db:b1:e8:
5c:95:84:5b:61:6f:59:b2:f8:be:b7:5d:a5:4d:d2:dc:de:5a:
48:9a:29:fe:cf:51:0c:16:55:ce:c0:30:91:85:7d:5a:e7:2e:
fc:6d:8f:f2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy+FB0u1KeMZGo8PJIOcyzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMDQxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWIyNDUxNTE2MTEwOWY4NTRjNzY1Y2I2ZGY5MDJkMjNjOWQwY2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzgxJ+oT7O70crOwaBx52Kt6cDUr
ttVAYDM0ZrhXmrKlh5YciDyWIHK4J4L8XWz/s+2nxS/gmdzyNedZ1k7QiiUONtRC
12mvNseVEh9XiK2bBRnWj7QwiGCVBJ7OQDxnzUsN3RDgPZFoXczwO0DrVtByGngL
mQa7ZZ/J1ZaHH2i2fYDvNoGje4y6QyqVQu1IBGQ3lY9PJQgC9PmhlxW37RaCptIl
WjM2eD1WOeQ30xrlCtIyI3NoRqfWcZPkRfniiR2UKOaLaQfuSaQcnUyhsPXf7FMq
+M5yrudXScJAryKpxDSdKb5ZwYQ96g2Nm2xXsC5h+lgXU8yynJztXMh9tQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCGyRRUWEQn4VMdly235AtI8nQywMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSWJKRkZSWVJDZmhVeDJYTGJma0MwanlkRExBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABzZuTzX3y5emPcrfyM2
0Hv5Y5FNg9kDssADlDzr/au+LVxMMDxPsIqZLOyDr7iB03X+4hRb8jNa+SZ3zJ6q
iAE8fpHDGtvAEBxk2e7etxVaK6iDQzkD4YMDTr8Jz1HClbXHeghWH/6xeYvO0x72
bBbmleINgY68gSJP/LmI7fi18b4Hrq1b8dqua6YMvkigJ9nEkUcCiSjaqtIxRs8e
GM9m6gslP8uScUDHIkOK3zkFlZZAYBsivdWCSGVseOvggkSSj1r69+gyJq72NWZO
jojLttLXmdux6FyVhFthb1my+L63XaVN0tzeWkiaKf7PUQwWVc7AMJGFfVrnLvxt
j/I=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:31:03 2025 by rpki-client