Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Lh9Q-SCawkajuk-fYCTZvpUK5-A.roa
File: Lh9Q-SCawkajuk-fYCTZvpUK5-A.roa (raw, json)
Hash identifier: 3Y4wSlW82r/u48dq1KZQPiLHGeEqw1csuetH+EyoCto=
Subject key identifier: 2E:1F:50:F9:20:9A:C2:46:A3:BA:4F:9F:60:24:D9:BE:95:0A:E7:E0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EC66C0876D7297B6383AB62D747387A34
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Lh9Q-SCawkajuk-fYCTZvpUK5-A.roa
Signing time: Wed 10 Apr 2024 05:12:32 +0000
ROA not before: Wed 10 Apr 2024 05:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:6c:08:76:d7:29:7b:63:83:ab:62:d7:47:38:7a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 10 05:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2e1f50f9209ac246a3ba4f9f6024d9be950ae7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bf:2d:4e:62:68:78:f6:38:85:8b:12:f9:3c:
b8:e9:b4:9f:4b:59:ca:63:ae:61:9b:32:dc:4a:f6:
90:78:78:94:09:e6:3b:4e:86:f9:d9:29:3d:26:e2:
41:5a:3f:c6:c1:b3:77:eb:80:64:5d:53:37:7f:9b:
3c:56:f6:71:ff:e0:56:55:5e:c9:c2:40:da:0b:8c:
ae:c8:4b:2c:21:22:8f:c7:d6:95:38:7f:b8:c1:15:
53:61:39:09:b9:25:cf:d0:81:72:bb:d0:d0:b2:f0:
6d:76:f9:7c:55:e4:cd:79:fa:ad:07:f6:71:1e:d2:
e9:54:df:be:9a:33:c4:95:a9:6c:25:04:db:32:ca:
86:ad:eb:69:3a:6d:62:41:32:9d:3a:42:71:14:af:
11:ad:0d:56:c5:0c:7c:3b:ad:d9:ae:58:3f:a6:7b:
47:37:9d:81:4f:50:d3:3f:21:c0:9e:aa:80:20:73:
02:cb:1e:d1:26:ae:60:70:42:10:b1:ed:7e:cc:12:
3b:69:4a:30:78:33:39:48:ab:3d:b3:5b:07:4c:6b:
59:73:33:ad:b5:ff:90:1b:e4:23:82:fe:2b:e3:9e:
78:e7:f5:72:82:28:53:84:41:8a:0c:4c:ee:e8:df:
df:ee:ec:64:35:f1:6c:d0:ab:03:5c:81:b9:7c:a8:
e7:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1F:50:F9:20:9A:C2:46:A3:BA:4F:9F:60:24:D9:BE:95:0A:E7:E0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Lh9Q-SCawkajuk-fYCTZvpUK5-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:5e:72:01:2c:c0:e5:b4:d4:df:f4:4f:e1:0f:82:04:c3:ac:
3a:4e:e0:49:43:a3:76:3d:cc:98:05:1f:fb:27:f9:0b:19:65:
ed:71:e1:2f:65:17:c9:74:94:7b:b6:53:30:37:d1:ec:97:a3:
3c:f7:fa:64:11:18:8d:38:d3:87:af:f4:82:89:0d:3e:5f:ca:
bf:67:5c:c0:21:d3:c1:99:18:d6:87:6d:c2:85:a2:b8:d3:e5:
03:59:d1:b3:c2:c6:8d:ec:95:f7:21:87:8f:d6:6a:6f:51:60:
4b:17:77:b3:11:e7:3a:03:d1:6d:50:ad:e0:50:72:ce:2c:0d:
33:e2:5d:7b:c5:b3:16:bd:ef:ff:d5:38:54:85:92:20:d3:16:
d8:c2:ba:f0:87:a2:72:a6:a9:b9:d6:d6:75:7e:6e:99:35:cb:
84:00:8b:1e:f3:fb:d0:6b:a6:88:2d:1f:f7:a8:62:eb:ee:a5:
7f:c5:ed:cb:1f:4d:67:41:05:f9:5f:67:7b:72:14:8c:bc:9c:
07:7c:95:0d:2d:a4:2c:36:74:58:6b:a7:89:ac:1b:98:94:86:
fd:38:b4:1e:18:20:f6:aa:7f:6d:ef:b7:94:26:f7:20:2e:4e:
c2:07:84:bb:1d:eb:89:c9:af:cc:4b:de:26:c8:6b:15:5d:ec:
b6:ae:8c:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7GbAh21yl7Y4OrYtdHOHo0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEwMDUxMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTFmNTBmOTIwOWFjMjQ2YTNiYTRmOWY2MDI0ZDliZTk1MGFlN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor8tTmJoePY4hYsS+Ty46bSfS1nK
Y65hmzLcSvaQeHiUCeY7Tob52Sk9JuJBWj/GwbN364BkXVM3f5s8VvZx/+BWVV7J
wkDaC4yuyEssISKPx9aVOH+4wRVTYTkJuSXP0IFyu9DQsvBtdvl8VeTNefqtB/Zx
HtLpVN++mjPElalsJQTbMsqGretpOm1iQTKdOkJxFK8RrQ1WxQx8O63Zrlg/pntH
N52BT1DTPyHAnqqAIHMCyx7RJq5gcEIQse1+zBI7aUoweDM5SKs9s1sHTGtZczOt
tf+QG+Qjgv4r45545/VygihThEGKDEzu6N/f7uxkNfFs0KsDXIG5fKjn9QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC4fUPkgmsJGo7pPn2Ak2b6VCufgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTGg5US1TQ2F3a2FqdWstZllDVFp2cFVLNS1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJVecgEswOW01N/0T+EP
ggTDrDpO4ElDo3Y9zJgFH/sn+QsZZe1x4S9lF8l0lHu2UzA30eyXozz3+mQRGI04
04ev9IKJDT5fyr9nXMAh08GZGNaHbcKForjT5QNZ0bPCxo3slfchh4/Wam9RYEsX
d7MR5zoD0W1QreBQcs4sDTPiXXvFsxa97//VOFSFkiDTFtjCuvCHonKmqbnW1nV+
bpk1y4QAix7z+9BrpogtH/eoYuvupX/F7csfTWdBBflfZ3tyFIy8nAd8lQ0tpCw2
dFhrp4msG5iUhv04tB4YIPaqf23vt5Qm9yAuTsIHhLsd64nJr8xL3ibIaxVd7Lau
jKo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:04 2025 by rpki-client