Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OApuoH7D53ZCZqfJTX3ndeRmu_w.roa
File: OApuoH7D53ZCZqfJTX3ndeRmu_w.roa (raw, json)
Hash identifier: Kp+6Xq6ckuKH43U5N2gbh4hAPz0e+mHPt9jnYVGenoE=
Subject key identifier: 38:0A:6E:A0:7E:C3:E7:76:42:66:A7:C9:4D:7D:E7:75:E4:66:BB:FC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D2E4552A5599CA577C18A13975BB1B0BD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OApuoH7D53ZCZqfJTX3ndeRmu_w.roa
Signing time: Sun 21 Jan 2024 23:05:11 +0000
ROA not before: Sun 21 Jan 2024 23:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:2e44:6ca9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2e:45:52:a5:59:9c:a5:77:c1:8a:13:97:5b:b1:b0:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 21 23:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=380a6ea07ec3e7764266a7c94d7de775e466bbfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2a:35:2d:85:2a:91:c9:64:d9:f8:f8:41:5a:
82:d6:0d:17:81:89:7e:a8:3d:fd:37:2b:90:ad:42:
31:44:80:de:95:2d:37:07:e6:fe:a1:a3:94:fa:f1:
7f:ca:1a:92:3b:8e:8e:c8:75:88:a5:0b:7e:2b:5e:
14:4c:ca:2f:f1:ef:6a:e5:f3:ce:dc:84:df:85:dd:
7f:a0:47:02:75:4d:f2:fc:22:e6:e6:1f:69:9a:c9:
bf:e6:d0:31:69:ff:58:1e:54:07:26:ad:d9:5d:74:
86:f1:bd:b0:6d:00:fc:7b:0a:80:f6:80:ab:1a:e2:
d7:00:06:93:c0:48:e6:7c:80:17:c4:66:a6:ca:6f:
db:30:38:7c:e9:33:99:36:91:72:e9:0a:34:b8:3b:
3d:1d:eb:94:96:56:dd:f6:33:0f:a4:e5:44:6a:b2:
c4:ff:8f:17:b3:32:d5:44:ab:15:12:ff:68:30:9a:
3b:49:04:ef:91:b3:12:74:f8:07:39:13:64:c4:b3:
85:99:69:88:a1:9f:25:2d:95:7c:fb:cb:4b:16:3a:
e1:0d:bc:7f:db:dd:84:cb:8f:33:57:98:df:36:87:
db:8d:e8:a6:f4:d3:85:83:72:57:f3:81:f0:5c:b8:
97:6c:49:c6:17:28:69:1f:1b:e6:2a:bb:19:2b:c8:
21:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0A:6E:A0:7E:C3:E7:76:42:66:A7:C9:4D:7D:E7:75:E4:66:BB:FC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OApuoH7D53ZCZqfJTX3ndeRmu_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:e8:2e:e8:0c:16:68:b8:22:e8:2a:3e:d7:7a:0c:9f:7a:66:
23:fc:50:84:f8:4a:81:c6:ca:3f:28:1f:a0:fb:a9:5b:7f:c2:
43:b3:fb:92:60:db:f8:8d:35:98:a2:a9:7f:f4:2c:a3:27:cb:
3d:3d:cc:ea:d1:2b:77:96:6b:c8:a6:d4:54:8d:5a:5e:91:8f:
a7:e0:34:83:e5:9f:d7:6b:66:ea:4f:01:6a:66:e3:ad:5e:50:
7c:dc:45:c7:7a:e5:9e:2e:54:a5:b9:e0:e0:33:dc:03:73:4b:
2c:38:85:9b:d6:1e:57:82:91:dc:cb:c1:ce:09:88:dc:26:79:
bd:bd:d5:2d:a8:cb:ea:19:3e:c7:5c:86:28:2a:ab:d4:9e:8f:
53:48:68:6f:b1:f9:7c:89:a2:11:9f:ce:49:a1:3d:1e:fb:7c:
1d:94:96:8e:9e:36:9c:16:a0:6c:2f:45:d7:36:d0:65:e5:d9:
51:1a:f2:49:17:b3:5b:ef:a8:29:41:67:66:1c:13:fb:a1:34:
85:ef:93:b3:27:90:f7:06:a4:23:f0:26:6e:b3:fc:bd:38:cb:
dd:7c:b5:4d:88:81:f4:a4:aa:08:81:23:73:4c:95:c6:06:97:
be:61:36:f1:56:52:c6:95:0c:e8:ae:46:dd:07:97:03:54:b0:
71:0d:f4:56
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0uRVKlWZyld8GKE5dbsbC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIxMjMwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBhNmVhMDdlYzNlNzc2NDI2NmE3Yzk0ZDdkZTc3NWU0NjZiYmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSo1LYUqkclk2fj4QVqC1g0XgYl+
qD39NyuQrUIxRIDelS03B+b+oaOU+vF/yhqSO46OyHWIpQt+K14UTMov8e9q5fPO
3ITfhd1/oEcCdU3y/CLm5h9pmsm/5tAxaf9YHlQHJq3ZXXSG8b2wbQD8ewqA9oCr
GuLXAAaTwEjmfIAXxGamym/bMDh86TOZNpFy6Qo0uDs9HeuUllbd9jMPpOVEarLE
/48XszLVRKsVEv9oMJo7SQTvkbMSdPgHORNkxLOFmWmIoZ8lLZV8+8tLFjrhDbx/
292Ey48zV5jfNofbjeim9NOFg3JX84HwXLiXbEnGFyhpHxvmKrsZK8ghZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDgKbqB+w+d2QmanyU1953XkZrv8MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT0FwdW9IN0Q1M1pDWnFmSlRYM25kZVJtdV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABLoLugMFmi4IugqPtd6
DJ96ZiP8UIT4SoHGyj8oH6D7qVt/wkOz+5Jg2/iNNZiiqX/0LKMnyz09zOrRK3eW
a8im1FSNWl6Rj6fgNIPln9drZupPAWpm461eUHzcRcd65Z4uVKW54OAz3ANzSyw4
hZvWHleCkdzLwc4JiNwmeb291S2oy+oZPsdchigqq9Sej1NIaG+x+XyJohGfzkmh
PR77fB2Ulo6eNpwWoGwvRdc20GXl2VEa8kkXs1vvqClBZ2YcE/uhNIXvk7MnkPcG
pCPwJm6z/L04y918tU2IgfSkqgiBI3NMlcYGl75hNvFWUsaVDOiuRt0HlwNUsHEN
9FY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:05:55 2025 by rpki-client