Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/J_cAetkiuBaaCHjrTMRcd_nVlAk.roa
File: J_cAetkiuBaaCHjrTMRcd_nVlAk.roa (raw, json)
Hash identifier: 9TTVHXuDb6Wvf+KL4TbI75KaaC5oP15q7ufaWrrqo7g=
Subject key identifier: 27:F7:00:7A:D9:22:B8:16:9A:08:78:EB:4C:C4:5C:77:F9:D5:94:09
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EDB3CECA2D851257D679E4C5F9B3741A6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/J_cAetkiuBaaCHjrTMRcd_nVlAk.roa
Signing time: Sun 14 Apr 2024 06:13:06 +0000
ROA not before: Sun 14 Apr 2024 06:13:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:db:3c:ec:a2:d8:51:25:7d:67:9e:4c:5f:9b:37:41:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 14 06:13:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=27f7007ad922b8169a0878eb4cc45c77f9d59409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dc:29:c6:6e:ef:de:ee:7b:3b:a4:db:98:fc:
28:22:c0:4a:37:ea:d9:c0:25:11:45:bf:73:2b:b8:
41:ba:a4:2a:de:91:f3:96:9d:14:1b:a9:ee:7f:a4:
1f:04:95:21:53:6e:7a:83:2b:d0:6d:25:30:53:f7:
0f:da:55:ed:81:09:6a:3b:73:69:40:70:33:44:62:
2e:9b:f5:ef:35:4f:1b:c9:a6:37:72:7a:24:77:e8:
e0:21:7d:1b:6b:3f:b2:01:d3:a1:c8:17:9d:01:88:
67:bd:0d:37:3c:45:5f:86:19:41:82:a4:55:ae:b2:
a1:6e:e1:a0:ae:d3:d4:32:6a:7c:1d:c9:bc:90:81:
2b:b1:79:41:9d:7e:5d:62:9d:a0:e9:3e:9c:4d:ae:
b2:60:7e:fa:b1:0a:b6:2e:d0:06:e5:7b:66:f5:af:
df:fa:52:25:d4:75:f0:af:cb:29:4f:11:48:b4:c1:
9f:fe:26:55:aa:4b:9b:c5:38:80:24:70:51:cb:1a:
ca:69:49:5a:d0:50:45:8f:44:84:c8:ad:17:2b:87:
9f:d3:62:1b:db:6c:e8:0d:f3:67:29:f9:23:9c:43:
fb:c4:8f:16:95:b0:6b:86:dd:d2:e6:2d:60:ec:ad:
4d:65:45:d1:46:a5:82:dd:4f:aa:15:91:cd:13:43:
ff:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F7:00:7A:D9:22:B8:16:9A:08:78:EB:4C:C4:5C:77:F9:D5:94:09
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/J_cAetkiuBaaCHjrTMRcd_nVlAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
13:0c:40:2a:61:7e:d8:fa:22:29:06:ba:52:41:3b:ea:b9:3f:
01:8b:24:1c:17:32:da:1b:3c:01:c4:ff:45:59:1c:2d:56:67:
33:9c:f9:98:85:6b:8c:62:08:99:75:a7:a7:08:a4:51:0f:be:
59:7c:00:76:40:50:fc:2e:a2:e4:0a:b3:8d:67:8e:0b:c2:6a:
32:4c:95:66:14:da:82:e4:d5:bb:e0:5e:3f:9d:03:cd:78:b8:
9c:42:af:73:4a:d8:33:90:77:fe:f5:b1:1f:b3:ef:2f:15:61:
ad:d1:ce:77:b9:97:d0:c2:a6:f0:0d:03:27:9e:57:97:44:16:
aa:aa:a9:5f:62:25:14:82:95:92:b9:d4:ca:89:15:b7:88:2a:
8f:1e:85:d1:69:62:7f:7a:81:95:3b:01:74:cb:93:77:b1:ae:
cb:02:21:e3:e9:89:61:be:04:62:73:03:02:cc:54:35:f3:2d:
a0:67:fc:21:f0:73:1f:33:a5:b5:11:be:d8:f4:9d:e1:b4:e6:
a3:13:de:d7:14:5d:79:7a:d0:ac:5f:8f:9a:67:40:1b:68:db:
65:3e:62:00:c2:a3:2a:7f:02:83:a0:21:71:38:06:f2:31:bb:
06:42:37:e1:51:c7:8b:1a:78:c0:b6:6b:4f:41:3f:95:52:8b:
90:4c:8c:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7bPOyi2FElfWeeTF+bN0GmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE0MDYxMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2Y3MDA3YWQ5MjJiODE2OWEwODc4ZWI0Y2M0NWM3N2Y5ZDU5NDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9wpxm7v3u57O6TbmPwoIsBKN+rZ
wCURRb9zK7hBuqQq3pHzlp0UG6nuf6QfBJUhU256gyvQbSUwU/cP2lXtgQlqO3Np
QHAzRGIum/XvNU8byaY3cnokd+jgIX0baz+yAdOhyBedAYhnvQ03PEVfhhlBgqRV
rrKhbuGgrtPUMmp8Hcm8kIErsXlBnX5dYp2g6T6cTa6yYH76sQq2LtAG5Xtm9a/f
+lIl1HXwr8spTxFItMGf/iZVqkubxTiAJHBRyxrKaUla0FBFj0SEyK0XK4ef02Ib
22zoDfNnKfkjnEP7xI8WlbBrht3S5i1g7K1NZUXRRqWC3U+qFZHNE0P/jQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCf3AHrZIrgWmgh460zEXHf51ZQJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSl9jQWV0a2l1QmFhQ0hqclRNUmNkX25WbEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABMMQCphftj6IikGulJB
O+q5PwGLJBwXMtobPAHE/0VZHC1WZzOc+ZiFa4xiCJl1p6cIpFEPvll8AHZAUPwu
ouQKs41njgvCajJMlWYU2oLk1bvgXj+dA814uJxCr3NK2DOQd/71sR+z7y8VYa3R
zne5l9DCpvANAyeeV5dEFqqqqV9iJRSClZK51MqJFbeIKo8ehdFpYn96gZU7AXTL
k3exrssCIePpiWG+BGJzAwLMVDXzLaBn/CHwcx8zpbURvtj0neG05qMT3tcUXXl6
0Kxfj5pnQBto22U+YgDCoyp/AoOgIXE4BvIxuwZCN+FRx4saeMC2a09BP5VSi5BM
jA8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:20 2025 by rpki-client