Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Je8wNSQ_HTGLreYH2nG0ssZja8o.roa
File: Je8wNSQ_HTGLreYH2nG0ssZja8o.roa (raw, json)
Hash identifier: Ata4x59SwKuFQBAfVciv1A1MEbYmGmy0/MAkpFyi/iM=
Subject key identifier: 25:EF:30:35:24:3F:1D:31:8B:AD:E6:07:DA:71:B4:B2:C6:63:6B:CA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5EC0EA8745471C90DCC009EC37861778
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Je8wNSQ_HTGLreYH2nG0ssZja8o.roa
Signing time: Thu 21 Mar 2024 02:04:45 +0000
ROA not before: Thu 21 Mar 2024 02:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:5ec0:807c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5e:c0:ea:87:45:47:1c:90:dc:c0:09:ec:37:86:17:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 21 02:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=25ef3035243f1d318bade607da71b4b2c6636bca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e8:78:1d:cb:e6:2b:8f:65:d0:37:87:e4:bf:
4e:d2:98:3d:7e:4c:e7:0d:34:a9:ee:53:d1:d9:9b:
9a:fa:fe:16:62:5d:14:5a:7f:08:ca:e4:65:a2:df:
cc:98:2d:c1:3f:f1:00:af:fa:1f:29:df:45:65:dd:
92:62:62:d2:7c:85:f9:51:2d:b7:ba:da:4f:c9:a5:
7b:90:4b:2a:f3:99:94:d5:92:ea:8f:8b:ec:ff:fd:
9b:e0:dd:ff:05:db:b9:aa:06:49:ac:6a:af:04:e9:
5c:23:30:80:91:6b:c8:fd:ec:c7:c5:a8:7c:17:c6:
ea:62:3c:02:20:c4:07:4f:c1:ab:ec:c0:8f:14:4f:
3b:30:80:0d:05:57:80:01:50:ef:23:f4:9f:b4:b1:
a6:0c:f8:db:43:dd:5e:33:cb:9a:cb:ba:64:72:4f:
37:11:30:54:68:f5:89:30:87:e0:9d:47:d2:12:ba:
2f:cb:9b:cb:eb:4e:ff:5e:1f:8a:09:95:a7:ff:b0:
59:1b:d1:22:80:36:4c:9a:0f:11:7e:48:62:e8:f5:
58:a0:5b:0c:59:df:a7:d2:d7:8d:e4:e7:01:40:5b:
92:17:33:05:ca:d1:e1:89:90:89:31:44:7d:06:dc:
42:4e:d8:d8:40:c6:9e:b4:f4:3a:b4:2a:c7:cc:5c:
66:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:EF:30:35:24:3F:1D:31:8B:AD:E6:07:DA:71:B4:B2:C6:63:6B:CA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Je8wNSQ_HTGLreYH2nG0ssZja8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:20:66:83:e3:3e:39:d5:21:16:d6:34:d6:f5:60:9b:29:1d:
83:3e:1d:ff:ff:81:d4:cf:a6:d7:6d:9a:e4:06:a6:bb:11:b6:
80:7f:02:42:3d:16:c5:9b:3a:8c:11:e0:db:00:8d:08:d1:65:
05:e3:48:96:df:5a:f3:83:d6:bf:b6:a0:b2:6b:e8:2a:83:7c:
ea:38:3e:b3:2d:a4:ce:bf:5d:ac:36:da:56:65:e0:8c:a6:6f:
c1:17:d4:5e:bc:fd:0f:39:5d:82:ca:64:f7:46:63:16:21:55:
94:57:0e:05:90:09:f6:00:f5:f6:ff:7b:58:94:84:23:da:d6:
53:cd:ff:57:91:98:bb:6f:23:3f:9b:43:7d:28:85:26:93:de:
d8:73:63:35:4e:8e:c1:f2:d6:ef:02:64:aa:4e:60:8f:32:2a:
15:81:4a:0d:93:bb:6f:4c:7d:d9:ca:c0:2b:5b:15:33:05:b5:
99:8e:bf:39:4a:f9:97:6a:f0:90:e4:36:b9:31:1b:74:d0:b3:
36:09:47:e4:f6:53:4b:7f:13:ad:8f:85:01:70:a9:80:0d:18:
42:07:b1:48:8c:00:b4:66:bd:89:62:fe:a8:c4:2f:dd:15:eb:
84:06:8e:16:d6:9c:e9:25:d7:4d:b0:4f:af:9e:2e:ec:36:20:
c8:98:09:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5ewOqHRUcckNzACew3hhd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIxMDIwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWVmMzAzNTI0M2YxZDMxOGJhZGU2MDdkYTcxYjRiMmM2NjM2YmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+h4HcvmK49l0DeH5L9O0pg9fkzn
DTSp7lPR2Zua+v4WYl0UWn8IyuRlot/MmC3BP/EAr/ofKd9FZd2SYmLSfIX5US23
utpPyaV7kEsq85mU1ZLqj4vs//2b4N3/Bdu5qgZJrGqvBOlcIzCAkWvI/ezHxah8
F8bqYjwCIMQHT8Gr7MCPFE87MIANBVeAAVDvI/SftLGmDPjbQ91eM8uay7pkck83
ETBUaPWJMIfgnUfSErovy5vL607/Xh+KCZWn/7BZG9EigDZMmg8Rfkhi6PVYoFsM
Wd+n0teN5OcBQFuSFzMFytHhiZCJMUR9BtxCTtjYQMaetPQ6tCrHzFxmawIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCXvMDUkPx0xi63mB9pxtLLGY2vKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSmU4d05TUV9IVEdMcmVZSDJuRzBzc1pqYThvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAwgZoPjPjnVIRbWNNb1
YJspHYM+Hf//gdTPptdtmuQGprsRtoB/AkI9FsWbOowR4NsAjQjRZQXjSJbfWvOD
1r+2oLJr6CqDfOo4PrMtpM6/Xaw22lZl4Iymb8EX1F68/Q85XYLKZPdGYxYhVZRX
DgWQCfYA9fb/e1iUhCPa1lPN/1eRmLtvIz+bQ30ohSaT3thzYzVOjsHy1u8CZKpO
YI8yKhWBSg2Tu29MfdnKwCtbFTMFtZmOvzlK+Zdq8JDkNrkxG3TQszYJR+T2U0t/
E62PhQFwqYANGEIHsUiMALRmvYli/qjEL90V64QGjhbWnOkl102wT6+eLuw2IMiY
CQc=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:14 2025 by rpki-client