Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KbS7EExGOb9frgf_UvDGoLQl33s.roa
File: KbS7EExGOb9frgf_UvDGoLQl33s.roa (raw, json)
Hash identifier: N8k8Hb5YuWTKLTsvSTnncmCQAma0S/oqGQOquWj7DnA=
Subject key identifier: 29:B4:BB:10:4C:46:39:BF:5F:AE:07:FF:52:F0:C6:A0:B4:25:DF:7B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D54ECC51A52118D4E234F34CE46558344
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KbS7EExGOb9frgf_UvDGoLQl33s.roa
Signing time: Mon 29 Jan 2024 11:13:39 +0000
ROA not before: Mon 29 Jan 2024 11:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:ec:c5:1a:52:11:8d:4e:23:4f:34:ce:46:55:83:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 29 11:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=29b4bb104c4639bf5fae07ff52f0c6a0b425df7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fe:12:1f:82:1f:04:99:cd:63:c2:54:93:f8:
1b:db:0b:20:cf:8d:c0:2b:84:bd:05:28:59:1c:c0:
0e:59:52:bc:cb:4f:24:a1:ea:a0:da:7e:b9:6e:0b:
4c:01:d1:f6:82:e8:8e:03:ae:29:c5:17:27:d6:7d:
40:ca:ff:bf:bf:17:34:88:fb:a3:97:81:22:bd:7f:
c5:92:7a:c2:14:76:08:88:84:f3:fd:5a:1d:e5:26:
9c:10:9c:b3:20:08:6d:74:c0:96:4c:c4:a1:56:e1:
ca:1c:48:a7:36:f4:7b:56:ab:18:df:42:db:c8:71:
31:ee:37:2c:4a:95:88:1b:a8:8c:f9:d7:0d:57:67:
c5:c5:0f:dc:e1:33:23:1b:88:c3:9e:95:7c:ed:a6:
b7:f5:aa:b4:43:df:6b:f5:49:4e:9c:f6:a3:d7:4b:
69:88:1f:8e:07:db:59:be:fb:fd:4b:6d:3a:b6:81:
bc:79:d0:e7:fc:a0:81:a7:ce:92:44:1a:a4:bb:8b:
d3:a6:aa:cd:09:0f:a9:9f:6a:9e:fd:80:ed:4c:e7:
d8:7a:a3:ef:11:60:ff:33:b4:61:5b:56:06:07:61:
dc:0c:27:f1:b5:7f:ef:fd:36:38:99:97:21:4f:39:
5b:75:c7:5d:96:86:3c:20:a6:59:b6:d3:c6:db:fc:
58:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B4:BB:10:4C:46:39:BF:5F:AE:07:FF:52:F0:C6:A0:B4:25:DF:7B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/KbS7EExGOb9frgf_UvDGoLQl33s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:ce:6d:06:8f:cf:38:0e:ab:6e:a3:48:c0:e4:9c:ac:37:2f:
22:06:b1:85:dd:82:67:f5:11:52:30:f6:fd:13:f1:f1:27:be:
06:6f:6b:21:da:ee:ae:7e:61:25:77:50:bf:2c:1b:21:33:53:
1a:b7:87:35:7a:a4:9f:67:bd:ba:87:ef:26:8e:db:ae:cd:0c:
9d:24:d9:71:e8:68:d3:fa:ef:8f:df:d6:80:7a:63:80:3a:19:
98:a1:15:69:f6:b3:71:a3:eb:e9:e4:6c:c5:4d:9d:85:1a:54:
12:7c:0c:f4:30:21:ec:cb:e2:75:50:9f:d1:5c:59:7e:ac:10:
f5:72:93:6b:ef:19:65:c2:37:b0:07:fb:22:b9:95:72:fc:66:
6b:c3:65:53:ea:81:ac:1a:6e:08:71:6c:c9:24:9e:17:93:92:
eb:cc:07:bb:f3:3d:1f:da:95:74:b2:02:cc:d8:36:1a:39:ad:
15:2b:8a:c2:72:bd:be:0c:07:82:1a:f2:3f:ef:92:92:94:ea:
3d:bd:e0:9a:82:38:4d:0e:fc:b2:e5:5e:9b:6d:10:db:2c:30:
f4:63:1f:db:9b:d7:1c:21:b2:d4:14:8d:98:c3:a8:6c:b6:cf:
b7:50:57:b3:51:1e:d8:72:0c:aa:38:26:a6:41:61:48:a5:45:
f6:3c:f4:b7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1U7MUaUhGNTiNPNM5GVYNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI5MTExMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWI0YmIxMDRjNDYzOWJmNWZhZTA3ZmY1MmYwYzZhMGI0MjVkZjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyf4SH4IfBJnNY8JUk/gb2wsgz43A
K4S9BShZHMAOWVK8y08koeqg2n65bgtMAdH2guiOA64pxRcn1n1Ayv+/vxc0iPuj
l4EivX/FknrCFHYIiITz/Vod5SacEJyzIAhtdMCWTMShVuHKHEinNvR7VqsY30Lb
yHEx7jcsSpWIG6iM+dcNV2fFxQ/c4TMjG4jDnpV87aa39aq0Q99r9UlOnPaj10tp
iB+OB9tZvvv9S206toG8edDn/KCBp86SRBqku4vTpqrNCQ+pn2qe/YDtTOfYeqPv
EWD/M7RhW1YGB2HcDCfxtX/v/TY4mZchTzlbdcddloY8IKZZttPG2/xY7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCm0uxBMRjm/X64H/1LwxqC0Jd97MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS2JTN0VFeEdPYjlmcmdmX1V2REdvTFFsMzNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFzObQaPzzgOq26jSMDk
nKw3LyIGsYXdgmf1EVIw9v0T8fEnvgZvayHa7q5+YSV3UL8sGyEzUxq3hzV6pJ9n
vbqH7yaO267NDJ0k2XHoaNP674/f1oB6Y4A6GZihFWn2s3Gj6+nkbMVNnYUaVBJ8
DPQwIezL4nVQn9FcWX6sEPVyk2vvGWXCN7AH+yK5lXL8ZmvDZVPqgawabghxbMkk
nheTkuvMB7vzPR/alXSyAszYNho5rRUrisJyvb4MB4Ia8j/vkpKU6j294JqCOE0O
/LLlXpttENssMPRjH9ub1xwhstQUjZjDqGy2z7dQV7NRHthyDKo4JqZBYUilRfY8
9Lc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:09 2025 by rpki-client