Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JANmi7ssgrGqDXNfZV0SDw9kJbM.roa
File: JANmi7ssgrGqDXNfZV0SDw9kJbM.roa (raw, json)
Hash identifier: AVoQZsprr0RL+KcKvhdJzaEY8HBjI046qnLYsBz6ZZw=
Subject key identifier: 24:03:66:8B:BB:2C:82:B1:AA:0D:73:5F:65:5D:12:0F:0F:64:25:B3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFC7A4670CBC65C5F64C99B59231AB92C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JANmi7ssgrGqDXNfZV0SDw9kJbM.roa
Signing time: Sat 02 Mar 2024 00:04:48 +0000
ROA not before: Sat 02 Mar 2024 00:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:fc79:ec39/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fc:7a:46:70:cb:c6:5c:5f:64:c9:9b:59:23:1a:b9:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 00:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2403668bbb2c82b1aa0d735f655d120f0f6425b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:ca:f0:6a:61:aa:3f:cf:8a:52:31:55:7a:
98:8d:0f:1b:62:9d:3e:b9:d5:aa:8d:54:a7:af:ce:
77:fc:40:25:84:53:e6:ec:17:98:18:57:f3:48:96:
e0:50:cc:24:7d:61:95:ec:3d:15:af:7d:b9:06:95:
14:af:7f:b8:c8:c1:3d:49:87:7d:67:bc:ab:a1:62:
34:10:9c:90:9a:0e:ff:57:56:9a:b5:1b:ae:ac:c0:
67:10:49:2d:96:8e:2e:0e:94:e7:86:56:3b:df:70:
0a:af:0c:f1:8b:7f:42:a6:19:a7:6f:e2:93:1e:72:
3e:17:39:f2:c5:8d:4a:82:1f:bc:84:bf:68:93:32:
a3:66:f2:36:11:06:70:36:cc:ab:13:f8:91:aa:c6:
8c:d1:79:fd:b1:b7:09:ed:28:c9:8b:40:75:88:dd:
1f:de:7c:2a:b1:c0:76:76:56:fc:4b:fa:fe:13:61:
8f:36:38:bd:8e:9b:6f:a5:89:98:37:1f:96:37:9b:
32:ab:e0:d7:69:9f:81:58:64:16:f0:a3:fb:24:99:
4f:1b:09:43:1b:1a:b2:a3:75:0b:0e:15:83:73:1a:
54:0f:b9:f2:f7:56:df:07:8c:cf:10:6b:f3:03:be:
57:61:05:68:a6:ed:eb:87:76:2e:5b:84:a3:dc:7d:
38:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:03:66:8B:BB:2C:82:B1:AA:0D:73:5F:65:5D:12:0F:0F:64:25:B3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JANmi7ssgrGqDXNfZV0SDw9kJbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
76:cf:ab:e4:d5:01:2c:5a:2a:12:00:52:c8:d4:41:02:5f:e4:
5b:73:8f:e7:a6:80:15:30:9d:ad:e7:a1:fc:5d:39:4a:d3:f7:
07:dc:df:ef:38:9c:82:62:b2:45:7b:8e:aa:df:d6:05:b6:16:
08:06:d9:ee:ac:61:5f:17:ae:17:b6:a1:44:3f:6e:e4:b5:bc:
d2:f0:99:a0:a0:58:92:eb:05:c1:9a:33:3a:4c:58:0e:89:7b:
6a:f6:2b:c8:e1:14:5c:4b:5c:67:8b:b2:ac:f2:15:10:13:a0:
51:7f:b1:e5:f6:f1:1b:08:fd:66:1b:9c:8b:58:01:e1:61:42:
b6:0b:af:f6:43:0f:2a:2a:03:4e:62:8a:aa:f9:eb:18:5d:8e:
a8:6c:05:55:7b:2c:84:db:6c:85:3c:05:02:15:b9:38:32:54:
97:d2:24:0c:a7:35:ee:ec:0c:a1:02:28:fa:db:1e:cd:4f:6d:
b4:df:8e:2e:fa:45:97:b8:0c:ce:73:07:a7:d9:51:a3:cb:d4:
2d:a6:f9:6a:73:c5:29:ba:12:f3:30:86:32:25:e9:ce:97:fd:
e6:61:63:98:84:6a:22:85:b1:ff:a5:3c:80:d8:26:20:44:65:
bc:20:a2:c0:bb:ba:a3:9e:8a:f7:0f:ca:13:1d:54:f7:40:a4:
a4:00:7e:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY38ekZwy8ZcX2TJm1kjGrksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMDAwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDAzNjY4YmJiMmM4MmIxYWEwZDczNWY2NTVkMTIwZjBmNjQyNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjfK8Gphqj/PilIxVXqYjQ8bYp0+
udWqjVSnr853/EAlhFPm7BeYGFfzSJbgUMwkfWGV7D0Vr325BpUUr3+4yME9SYd9
Z7yroWI0EJyQmg7/V1aatRuurMBnEEktlo4uDpTnhlY733AKrwzxi39Cphmnb+KT
HnI+FznyxY1Kgh+8hL9okzKjZvI2EQZwNsyrE/iRqsaM0Xn9sbcJ7SjJi0B1iN0f
3nwqscB2dlb8S/r+E2GPNji9jptvpYmYNx+WN5syq+DXaZ+BWGQW8KP7JJlPGwlD
Gxqyo3ULDhWDcxpUD7ny91bfB4zPEGvzA75XYQVopu3rh3YuW4Sj3H04QwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCQDZou7LIKxqg1zX2VdEg8PZCWzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSkFObWk3c3NnckdxRFhOZlpWMFNEdzlrSmJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHbPq+TVASxaKhIAUsjU
QQJf5Ftzj+emgBUwna3nofxdOUrT9wfc3+84nIJiskV7jqrf1gW2FggG2e6sYV8X
rhe2oUQ/buS1vNLwmaCgWJLrBcGaMzpMWA6Je2r2K8jhFFxLXGeLsqzyFRAToFF/
seX28RsI/WYbnItYAeFhQrYLr/ZDDyoqA05iiqr56xhdjqhsBVV7LITbbIU8BQIV
uTgyVJfSJAynNe7sDKECKPrbHs1PbbTfji76RZe4DM5zB6fZUaPL1C2m+WpzxSm6
EvMwhjIl6c6X/eZhY5iEaiKFsf+lPIDYJiBEZbwgosC7uqOeivcPyhMdVPdApKQA
fr0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:54 2025 by rpki-client