Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ku2jUvr64RnXYJFJssgNYTIPDl0.roa
File: Ku2jUvr64RnXYJFJssgNYTIPDl0.roa (raw, json)
Hash identifier: 6ySdYGVaNsnWbE4A0valthaWeFqS3WMXXEbDjlgXnJk=
Subject key identifier: 2A:ED:A3:52:FA:FA:E1:19:D7:60:91:49:B2:C8:0D:61:32:0F:0E:5D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E3605102C253DF081B4FAEBD6A9285366
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ku2jUvr64RnXYJFJssgNYTIPDl0.roa
Signing time: Wed 13 Mar 2024 04:14:45 +0000
ROA not before: Wed 13 Mar 2024 04:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:36:05:10:2c:25:3d:f0:81:b4:fa:eb:d6:a9:28:53:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 04:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aeda352fafae119d7609149b2c80d61320f0e5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:22:e7:4d:81:2c:e6:98:e1:0e:2e:8c:2c:bd:
56:29:29:e5:76:2a:0e:ca:ab:58:3d:95:0b:63:28:
a8:fd:a8:5e:7a:8f:a3:8f:ec:96:23:58:2e:ea:9e:
5e:a5:68:b2:58:0f:8c:31:02:f6:07:5b:66:7b:09:
b4:95:48:d0:ce:5d:c8:15:d4:7e:6a:e2:9d:fd:e4:
bb:46:73:c3:f0:c7:6a:d3:44:24:7a:9f:99:0c:3b:
1e:bb:a2:e1:f5:4a:f7:20:18:a7:ae:4c:d3:44:2f:
54:0b:63:52:56:0a:b6:23:85:6c:4d:af:37:ec:4f:
ce:4a:dd:b3:e8:55:4f:46:84:1e:84:12:ff:6c:82:
e1:9b:18:f8:9b:86:98:13:02:6b:3d:a8:a5:e6:ea:
c5:d6:99:b3:1e:7f:e0:8c:42:64:37:b4:f7:40:35:
22:a4:4c:76:f1:63:a6:fb:8d:7d:ef:37:05:8c:1a:
ed:70:e7:69:6b:b6:90:24:4b:49:28:17:58:ac:74:
99:b0:dd:ee:ee:fe:e6:69:6a:54:b6:01:75:54:14:
91:83:4e:39:a9:5e:6a:37:76:c8:15:ee:c0:07:6d:
3e:1b:8b:b5:b7:16:a9:cd:73:d5:7c:e2:7b:32:29:
2f:8f:87:9d:c9:5e:db:3c:a0:d6:4b:7f:60:8f:ec:
19:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:ED:A3:52:FA:FA:E1:19:D7:60:91:49:B2:C8:0D:61:32:0F:0E:5D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Ku2jUvr64RnXYJFJssgNYTIPDl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
60:d0:80:b9:f2:1a:24:75:5c:e6:10:27:95:69:17:66:4f:3a:
ab:b9:b5:f4:fe:11:67:fd:5b:d6:30:6a:76:0d:cb:b9:6c:b5:
dd:d5:ec:de:00:d6:19:fa:1d:e0:a7:ed:dd:4b:a9:a8:79:87:
5c:8a:52:a5:f7:e9:2f:3e:b6:db:81:06:bb:ef:2a:7b:5e:3c:
83:76:00:99:f2:68:04:54:09:6a:9f:da:b1:62:bc:c0:50:ce:
aa:fa:e2:e2:c0:c9:dc:7f:5c:b8:88:06:c2:9e:6f:a6:27:43:
d3:8f:c9:1f:58:20:92:76:e8:f9:2a:82:a5:ab:7c:d8:70:51:
40:b0:ab:62:3e:b2:38:72:1e:15:cd:dc:35:dc:a6:d8:51:e5:
15:d1:90:3e:51:b3:27:e7:85:38:e2:e4:db:a6:e6:cb:e5:29:
a4:a2:56:2d:a2:e8:d3:fa:8a:59:8e:65:0b:59:06:00:25:84:
9f:39:64:d1:63:ed:79:ee:96:67:bb:b6:45:10:47:70:10:6f:
08:0c:af:1c:ad:f9:fd:e5:49:d8:c2:a0:ff:ed:b1:21:8b:75:
d2:53:a0:e7:c9:af:33:cd:30:05:a6:b9:e2:da:08:da:87:00:
b3:3f:29:66:40:72:de:bf:06:f7:64:83:3a:9c:44:43:3b:85:
4e:bd:ac:34
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY42BRAsJT3wgbT669apKFNmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMDQxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVkYTM1MmZhZmFlMTE5ZDc2MDkxNDliMmM4MGQ2MTMyMGYwZTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryLnTYEs5pjhDi6MLL1WKSnldioO
yqtYPZULYyio/aheeo+jj+yWI1gu6p5epWiyWA+MMQL2B1tmewm0lUjQzl3IFdR+
auKd/eS7RnPD8Mdq00Qkep+ZDDseu6Lh9Ur3IBinrkzTRC9UC2NSVgq2I4VsTa83
7E/OSt2z6FVPRoQehBL/bILhmxj4m4aYEwJrPail5urF1pmzHn/gjEJkN7T3QDUi
pEx28WOm+4197zcFjBrtcOdpa7aQJEtJKBdYrHSZsN3u7v7maWpUtgF1VBSRg045
qV5qN3bIFe7AB20+G4u1txapzXPVfOJ7Mikvj4edyV7bPKDWS39gj+wZlQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCrto1L6+uEZ12CRSbLIDWEyDw5dMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvS3UyalV2cjY0Um5YWUpGSnNzZ05ZVElQRGwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGDQgLnyGiR1XOYQJ5Vp
F2ZPOqu5tfT+EWf9W9YwanYNy7lstd3V7N4A1hn6HeCn7d1Lqah5h1yKUqX36S8+
ttuBBrvvKntePIN2AJnyaARUCWqf2rFivMBQzqr64uLAydx/XLiIBsKeb6YnQ9OP
yR9YIJJ26PkqgqWrfNhwUUCwq2I+sjhyHhXN3DXcpthR5RXRkD5RsyfnhTji5Num
5svlKaSiVi2i6NP6ilmOZQtZBgAlhJ85ZNFj7Xnulme7tkUQR3AQbwgMrxyt+f3l
SdjCoP/tsSGLddJToOfJrzPNMAWmueLaCNqHALM/KWZAct6/BvdkgzqcREM7hU69
rDQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:24:00 2025 by rpki-client