Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OB6fA4oLrgfFIrZrSc_FZmHlkyg.roa
File: OB6fA4oLrgfFIrZrSc_FZmHlkyg.roa (raw, json)
Hash identifier: bf1oRFDUwsOwcXdbmEo8kBvgOhQtPdzW3emeceR2gYA=
Subject key identifier: 38:1E:9F:03:8A:0B:AE:07:C5:22:B6:6B:49:CF:C5:66:61:E5:93:28
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EBACEBA7ECA0EFD8A579C7AC4AAD2427E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OB6fA4oLrgfFIrZrSc_FZmHlkyg.roa
Signing time: Sun 07 Apr 2024 23:04:54 +0000
ROA not before: Sun 07 Apr 2024 23:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18e:bace:273c/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ba:ce:ba:7e:ca:0e:fd:8a:57:9c:7a:c4:aa:d2:42:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 23:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=381e9f038a0bae07c522b66b49cfc56661e59328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:37:8e:87:32:fe:12:bf:c6:2d:31:43:fb:0d:
79:f5:e0:31:d6:5d:60:bc:7d:60:81:1e:e1:8a:01:
e6:87:34:b7:de:05:03:f1:b0:c4:1a:e1:44:99:fc:
80:ae:b0:0f:6a:8e:17:f9:5e:3e:6b:a4:41:3f:f2:
c8:e6:bd:c9:46:25:7a:5f:02:72:95:0a:31:4c:55:
b3:89:a8:4b:12:9a:99:fd:88:31:06:33:14:6b:d2:
a7:cb:46:55:e0:70:1e:28:36:ad:d6:e3:14:c8:da:
68:46:69:3b:b7:f8:e7:4c:29:da:f1:12:52:d9:14:
37:4d:37:01:96:32:6a:77:8d:34:60:f3:3e:30:1c:
6f:63:b2:e3:15:df:87:f0:58:de:04:e2:72:f6:ae:
9a:4e:73:4d:b2:82:f8:71:68:e0:1e:53:62:dc:93:
c2:9e:20:01:29:00:e0:c9:d2:2c:70:2a:7b:e0:d6:
b9:74:32:3b:54:83:40:c9:cd:26:f4:90:48:81:bf:
03:28:47:40:58:ca:a3:1a:48:f2:4f:b0:d1:50:1e:
63:b3:10:92:5d:03:2f:4b:63:37:02:f2:bd:61:a9:
a7:15:82:2e:61:2e:58:7b:99:6f:3d:af:b6:1b:9b:
b1:80:8a:78:f4:c2:db:98:93:9b:bf:21:79:24:68:
7f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1E:9F:03:8A:0B:AE:07:C5:22:B6:6B:49:CF:C5:66:61:E5:93:28
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OB6fA4oLrgfFIrZrSc_FZmHlkyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:47:aa:7c:67:cd:7d:85:5f:2e:a0:c9:5d:e3:ff:54:c4:1b:
15:f0:01:71:ab:b0:6c:c1:a2:1d:6c:dc:6e:bb:b8:33:dc:fd:
74:a3:7d:58:43:14:24:b5:0b:11:fe:f9:15:a3:96:95:cd:a6:
64:18:85:b0:df:6b:bf:53:ff:76:14:23:28:c1:3e:1f:ee:ce:
16:6c:0c:42:f7:f0:e7:ba:14:3f:3f:99:07:ce:9f:ce:62:5f:
79:33:d2:f7:59:a2:f2:07:d5:f1:1b:49:d7:6c:26:15:2d:4f:
12:64:60:4b:cd:67:4a:15:bc:6f:ff:15:7b:4f:65:3d:c6:17:
30:cc:d5:6d:f0:63:28:ba:b4:74:47:b6:c8:0a:85:cd:50:f7:
52:51:6d:e1:63:b4:2e:d2:fb:6a:97:ea:b1:2a:b5:d7:5f:80:
4a:89:e3:94:50:ce:72:4e:45:e4:c5:f1:97:18:71:32:ce:c7:
f9:29:cf:89:ed:18:35:e0:43:b3:5f:96:d2:f1:71:b2:99:b9:
46:43:48:19:02:48:e0:7a:fe:47:38:8e:49:6b:e6:7d:7f:de:
48:46:cd:8a:3e:3d:e4:c3:89:d4:f2:70:8c:17:36:d3:ba:98:
1a:12:1d:da:af:85:14:70:a9:31:b1:5c:8b:17:f5:67:1d:2b:
52:ad:a4:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY66zrp+yg79ilecesSq0kJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MjMwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFlOWYwMzhhMGJhZTA3YzUyMmI2NmI0OWNmYzU2NjYxZTU5MzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjeOhzL+Er/GLTFD+w159eAx1l1g
vH1ggR7higHmhzS33gUD8bDEGuFEmfyArrAPao4X+V4+a6RBP/LI5r3JRiV6XwJy
lQoxTFWziahLEpqZ/YgxBjMUa9Kny0ZV4HAeKDat1uMUyNpoRmk7t/jnTCna8RJS
2RQ3TTcBljJqd400YPM+MBxvY7LjFd+H8FjeBOJy9q6aTnNNsoL4cWjgHlNi3JPC
niABKQDgydIscCp74Na5dDI7VINAyc0m9JBIgb8DKEdAWMqjGkjyT7DRUB5jsxCS
XQMvS2M3AvK9YamnFYIuYS5Ye5lvPa+2G5uxgIp49MLbmJObvyF5JGh/GwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDgenwOKC64HxSK2a0nPxWZh5ZMoMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT0I2ZkE0b0xyZ2ZGSXJaclNjX0ZabUhsa3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEZHqnxnzX2FXy6gyV3j
/1TEGxXwAXGrsGzBoh1s3G67uDPc/XSjfVhDFCS1CxH++RWjlpXNpmQYhbDfa79T
/3YUIyjBPh/uzhZsDEL38Oe6FD8/mQfOn85iX3kz0vdZovIH1fEbSddsJhUtTxJk
YEvNZ0oVvG//FXtPZT3GFzDM1W3wYyi6tHRHtsgKhc1Q91JRbeFjtC7S+2qX6rEq
tddfgEqJ45RQznJOReTF8ZcYcTLOx/kpz4ntGDXgQ7NfltLxcbKZuUZDSBkCSOB6
/kc4jklr5n1/3khGzYo+PeTDidTycIwXNtO6mBoSHdqvhRRwqTGxXIsX9WcdK1Kt
pEg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:29 2025 by rpki-client