Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O8PUaFK9dQZ1ZA-tZNYN_xzj7pA.roa
File: O8PUaFK9dQZ1ZA-tZNYN_xzj7pA.roa (raw, json)
Hash identifier: fo8nYxzDsF0vM7ALjrrQcxtzGiwee/lKmD8RdcQc9l0=
Subject key identifier: 3B:C3:D4:68:52:BD:75:06:75:64:0F:AD:64:D6:0D:FF:1C:E3:EE:90
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA1F8111DDD1821ECB2E181810666A25F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O8PUaFK9dQZ1ZA-tZNYN_xzj7pA.roa
Signing time: Mon 25 Dec 2023 17:13:58 +0000
ROA not before: Mon 25 Dec 2023 17:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a1:f8:11:1d:dd:18:21:ec:b2:e1:81:81:06:66:a2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 17:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bc3d46852bd750675640fad64d60dff1ce3ee90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:55:53:f2:fc:88:7f:ba:33:40:8d:5e:00:43:
7d:dc:4b:29:bd:f6:53:66:45:09:45:54:bb:39:3f:
4a:25:4c:a1:72:2d:7d:f0:6b:2f:3b:98:bd:a8:31:
ae:98:7f:4e:54:70:ac:52:65:0c:45:86:99:d7:e9:
9c:da:a2:ae:50:54:6a:d0:54:c4:96:93:db:0e:27:
46:b3:b7:a9:46:be:e8:fa:47:61:c9:3a:b7:1c:e6:
ef:d2:e4:e8:1d:6b:6a:a8:f9:d5:37:8a:19:5d:17:
92:2c:57:8b:95:19:3b:e5:6e:e7:9f:bb:0b:16:7a:
7d:79:f3:e9:a5:50:25:08:ab:ae:a5:47:ca:84:43:
c1:26:68:02:40:d2:8f:00:c9:07:9a:99:81:a7:e5:
f4:2a:0a:1c:4f:af:84:3b:20:d5:93:03:d6:03:4c:
a7:0d:e1:33:2b:cc:f2:96:c2:71:ae:83:b7:8c:90:
7c:3d:13:91:16:17:d4:5d:9f:3b:d3:43:da:90:78:
ee:e7:d8:6e:16:8f:07:ce:e7:4d:7e:64:03:17:9e:
5e:0d:3c:d9:db:97:6c:a2:04:c6:a6:1d:b6:a4:80:
44:06:e0:53:fb:3a:df:61:38:40:fc:83:70:67:ef:
77:13:ab:bd:5a:27:34:cc:52:5c:fb:b1:c7:8a:46:
a1:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C3:D4:68:52:BD:75:06:75:64:0F:AD:64:D6:0D:FF:1C:E3:EE:90
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/O8PUaFK9dQZ1ZA-tZNYN_xzj7pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:77:45:0f:e9:08:ce:27:ce:6f:72:44:2d:34:dc:cf:79:d5:
dc:0a:1e:07:bf:e6:e4:60:56:32:02:48:93:ed:cc:f5:01:8a:
00:50:2a:94:c3:78:33:9d:c7:a3:de:51:84:d3:ff:64:a7:b8:
b0:05:e0:84:a1:cb:34:28:a0:19:d8:a4:bc:31:c3:23:dd:fc:
bf:27:93:2e:36:b9:e5:5e:79:12:3e:21:47:06:61:90:dd:76:
44:c4:70:73:5a:90:f7:6f:8c:21:9e:c3:70:08:19:00:d7:48:
f0:d4:1a:09:38:34:ec:79:47:2b:54:26:de:9c:e5:7c:9a:38:
b9:15:8a:1f:16:19:f2:c8:69:08:70:f4:e0:1d:23:1c:48:59:
24:27:00:e2:4f:5a:79:69:bf:f9:fe:ab:51:43:75:91:4d:c0:
1e:07:0f:e5:28:d0:c1:9c:21:4b:05:73:1a:f1:bb:74:b1:ba:
34:35:ef:c2:1d:df:4f:a9:1b:7e:f9:6a:9c:2f:2f:50:4b:80:
4a:1d:90:ff:af:fd:52:48:64:dc:98:5b:1b:44:04:b8:74:ac:
ee:ec:0f:6d:30:49:77:d8:f5:46:33:60:40:26:36:b1:72:0c:
cd:50:27:22:87:6b:72:d6:01:e9:87:0c:2b:98:91:8f:37:6e:
f9:ad:09:a1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyh+BEd3Rgh7LLhgYEGZqJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MTcxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmMzZDQ2ODUyYmQ3NTA2NzU2NDBmYWQ2NGQ2MGRmZjFjZTNlZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlVT8vyIf7ozQI1eAEN93EspvfZT
ZkUJRVS7OT9KJUyhci198GsvO5i9qDGumH9OVHCsUmUMRYaZ1+mc2qKuUFRq0FTE
lpPbDidGs7epRr7o+kdhyTq3HObv0uToHWtqqPnVN4oZXReSLFeLlRk75W7nn7sL
Fnp9efPppVAlCKuupUfKhEPBJmgCQNKPAMkHmpmBp+X0KgocT6+EOyDVkwPWA0yn
DeEzK8zylsJxroO3jJB8PRORFhfUXZ8700PakHju59huFo8HzudNfmQDF55eDTzZ
25dsogTGph22pIBEBuBT+zrfYThA/INwZ+93E6u9Wic0zFJc+7HHikahkwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDvD1GhSvXUGdWQPrWTWDf8c4+6QMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvTzhQVWFGSzlkUVoxWkEtdFpOWU5feHpqN3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKR3RQ/pCM4nzm9yRC00
3M951dwKHge/5uRgVjICSJPtzPUBigBQKpTDeDOdx6PeUYTT/2SnuLAF4IShyzQo
oBnYpLwxwyPd/L8nky42ueVeeRI+IUcGYZDddkTEcHNakPdvjCGew3AIGQDXSPDU
Ggk4NOx5RytUJt6c5XyaOLkVih8WGfLIaQhw9OAdIxxIWSQnAOJPWnlpv/n+q1FD
dZFNwB4HD+Uo0MGcIUsFcxrxu3SxujQ178Id30+pG375apwvL1BLgEodkP+v/VJI
ZNyYWxtEBLh0rO7sD20wSXfY9UYzYEAmNrFyDM1QJyKHa3LWAemHDCuYkY83bvmt
CaE=
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:58:04 2025 by rpki-client