Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JiDBPRHIN58Ovk7XhtbtkeDqalI.roa
File: JiDBPRHIN58Ovk7XhtbtkeDqalI.roa (raw, json)
Hash identifier: jC5cqywqRCOUngiQez4D1JDTwtoRlGMYPRJtTm7Rc1c=
Subject key identifier: 26:20:C1:3D:11:C8:37:9F:0E:BE:4E:D7:86:D6:ED:91:E0:EA:6A:52
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB2ED0C31DEB574F8D74FB02B4CFF9C62
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JiDBPRHIN58Ovk7XhtbtkeDqalI.roa
Signing time: Fri 16 Feb 2024 17:18:15 +0000
ROA not before: Fri 16 Feb 2024 17:18:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b2:ed:0c:31:de:b5:74:f8:d7:4f:b0:2b:4c:ff:9c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 16 17:18:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2620c13d11c8379f0ebe4ed786d6ed91e0ea6a52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:08:c2:f7:de:5b:7c:d2:44:80:4e:90:30:c4:
8e:2a:8d:ad:ec:95:e6:11:56:18:6e:ec:3e:16:93:
17:b6:00:52:72:06:99:ad:8e:56:9b:c5:a3:7c:7a:
a2:24:96:4a:1f:cd:48:64:e0:42:aa:79:a2:81:3f:
dc:09:e6:df:82:56:93:00:c8:c0:fe:21:33:81:0c:
66:7d:f5:51:1c:8b:0d:9f:ad:cb:6d:b8:5f:b1:fe:
f0:0d:a0:5e:17:e9:42:7f:25:e1:8f:62:94:b9:9f:
e8:dd:ef:d6:b9:32:a6:de:23:16:68:bb:c7:eb:89:
41:45:5d:7e:85:46:b2:e4:9e:0d:08:92:74:72:37:
c4:57:87:32:0a:e3:54:58:5d:3b:f1:10:e1:23:f7:
89:3f:43:25:de:9c:c7:70:1f:27:0b:c5:a0:d9:c5:
f8:04:43:10:a9:3d:76:d9:7d:f2:5e:3a:e1:87:63:
07:74:1a:9a:a2:a2:f2:30:ac:b2:87:78:8e:34:87:
00:c8:b2:65:d9:21:0d:2b:48:50:9f:5a:f2:ad:cf:
b8:7c:46:d2:31:af:77:70:28:c1:12:bf:6d:31:44:
9c:91:f6:b6:6c:fa:ee:7c:5e:06:e4:9e:c9:21:52:
6e:09:fb:70:a1:b7:43:48:fd:c3:22:c3:e8:7c:9a:
f0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:20:C1:3D:11:C8:37:9F:0E:BE:4E:D7:86:D6:ED:91:E0:EA:6A:52
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/JiDBPRHIN58Ovk7XhtbtkeDqalI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:d4:3f:4e:b8:9f:a4:ef:b8:d8:bf:74:52:9c:bb:7e:f4:72:
29:30:4d:0b:b3:4b:ad:e7:b7:b2:79:26:d3:c8:da:17:d6:e7:
31:0a:c3:e0:a7:1d:78:44:ec:63:ac:7f:e8:38:d5:0d:74:9d:
17:0f:bb:97:2f:61:78:63:f0:31:6b:a1:1f:a1:5b:22:ba:4d:
26:3e:ad:b5:00:b9:dd:37:92:93:ff:5e:02:04:45:8f:83:9f:
8d:0a:0f:47:11:be:21:6b:24:38:40:01:9d:8d:65:3c:88:28:
2e:57:95:ff:51:a5:42:3c:5b:fd:6b:75:ae:a8:82:f3:4a:bc:
3e:a5:4e:5a:30:58:d0:68:f2:38:6b:b3:0b:20:ff:58:3e:80:
3e:03:98:f2:9b:fb:c5:9c:98:6b:88:4c:8c:e4:8d:b6:65:23:
18:99:03:be:f6:4b:b9:25:cf:b3:fa:02:42:c3:d9:5b:68:ca:
97:63:fd:19:59:30:86:6e:dc:e6:be:72:c4:aa:98:89:0e:b8:
25:4f:d0:5c:60:60:9e:27:d0:c1:5d:c1:20:9d:46:16:7c:2c:
f1:96:57:3b:71:25:e6:46:38:fe:ae:9e:b5:29:9d:bc:d0:18:
76:99:86:a2:2f:d4:ec:94:27:f3:2f:c4:5a:ba:1f:f3:df:6a:
f8:b5:4c:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2y7Qwx3rV0+NdPsCtM/5xiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE2MTcxODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjIwYzEzZDExYzgzNzlmMGViZTRlZDc4NmQ2ZWQ5MWUwZWE2YTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQjC995bfNJEgE6QMMSOKo2t7JXm
EVYYbuw+FpMXtgBScgaZrY5Wm8WjfHqiJJZKH81IZOBCqnmigT/cCebfglaTAMjA
/iEzgQxmffVRHIsNn63Lbbhfsf7wDaBeF+lCfyXhj2KUuZ/o3e/WuTKm3iMWaLvH
64lBRV1+hUay5J4NCJJ0cjfEV4cyCuNUWF078RDhI/eJP0Ml3pzHcB8nC8Wg2cX4
BEMQqT122X3yXjrhh2MHdBqaoqLyMKyyh3iONIcAyLJl2SENK0hQn1ryrc+4fEbS
Ma93cCjBEr9tMUSckfa2bPrufF4G5J7JIVJuCftwobdDSP3DIsPofJrwjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCYgwT0RyDefDr5O14bW7ZHg6mpSMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvSmlEQlBSSElONThPdms3WGh0YnRrZURxYWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA7UP064n6TvuNi/dFKc
u370cikwTQuzS63nt7J5JtPI2hfW5zEKw+CnHXhE7GOsf+g41Q10nRcPu5cvYXhj
8DFroR+hWyK6TSY+rbUAud03kpP/XgIERY+Dn40KD0cRviFrJDhAAZ2NZTyIKC5X
lf9RpUI8W/1rda6ogvNKvD6lTlowWNBo8jhrswsg/1g+gD4DmPKb+8WcmGuITIzk
jbZlIxiZA772S7klz7P6AkLD2Vtoypdj/RlZMIZu3Oa+csSqmIkOuCVP0FxgYJ4n
0MFdwSCdRhZ8LPGWVztxJeZGOP6unrUpnbzQGHaZhqIv1OyUJ/MvxFq6H/Pfavi1
TB0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:02:41 2025 by rpki-client