Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OFq0P-4s_5fGKzhoJ_LDgcN_m-M.roa
File: OFq0P-4s_5fGKzhoJ_LDgcN_m-M.roa (raw, json)
Hash identifier: lbi/TuxMtrabPjnBiM9aBHwihQ7tAz1XN4TfoJldsIk=
Subject key identifier: 38:5A:B4:3F:EE:2C:FF:97:C6:2B:38:68:27:F2:C3:81:C3:7F:9B:E3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DCC71D5B5938AD6DD8438F638F6E85D6D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OFq0P-4s_5fGKzhoJ_LDgcN_m-M.roa
Signing time: Wed 21 Feb 2024 16:13:48 +0000
ROA not before: Wed 21 Feb 2024 16:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cc:71:d5:b5:93:8a:d6:dd:84:38:f6:38:f6:e8:5d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 21 16:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=385ab43fee2cff97c62b386827f2c381c37f9be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a9:e7:f7:90:80:88:1d:34:1c:8d:a4:20:d3:
77:40:0f:db:3e:31:e0:9a:76:45:dd:bb:73:b3:25:
d1:a8:38:2c:61:24:c5:5e:60:13:47:21:30:be:7c:
cf:fb:7a:78:13:35:4b:28:bb:e5:61:97:f3:43:3a:
d1:13:70:46:2a:e2:75:1c:26:c9:2a:37:06:9a:9a:
01:61:d2:ae:6f:96:eb:ba:1e:be:eb:d9:79:f7:9a:
ab:5a:5b:b2:8d:6c:89:ee:f4:4f:a0:71:f1:c4:a1:
41:e2:fa:0b:45:35:37:7b:32:1a:64:e5:db:ec:5a:
84:6e:53:1d:c6:cc:31:c7:61:84:5f:73:84:19:99:
98:00:d9:ba:9b:1e:a0:d9:af:8f:4a:e9:96:04:5f:
cb:98:95:86:7c:97:8d:c8:0e:71:3a:05:2f:97:d6:
a5:3b:00:1f:a0:ff:74:29:ce:af:35:a1:87:b7:35:
46:26:9d:ff:f4:38:23:d3:50:36:18:15:9f:94:fc:
40:73:72:84:da:85:ef:54:72:1a:0b:aa:97:30:2e:
a3:f9:c8:31:0e:e2:86:7f:6b:55:98:4a:cb:aa:db:
60:2e:1e:e7:07:92:1f:17:b4:0b:a3:f3:1e:90:cd:
3c:92:53:ec:57:b9:ed:05:93:ea:8a:8c:40:e5:00:
7a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5A:B4:3F:EE:2C:FF:97:C6:2B:38:68:27:F2:C3:81:C3:7F:9B:E3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/OFq0P-4s_5fGKzhoJ_LDgcN_m-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:3b:d8:04:85:e3:10:17:5a:f9:b8:3e:1e:e0:f1:bb:09:f2:
d9:80:70:9d:74:82:8d:1a:38:df:8c:03:73:83:8c:36:36:68:
2b:a0:c7:8b:f7:d3:16:00:51:a4:d8:23:54:8b:8a:85:b3:ff:
a2:09:c1:99:fc:54:5e:ce:2e:69:f7:2d:55:06:d5:cf:f1:e2:
6b:d9:29:44:e1:0a:72:80:a1:66:9c:3d:0c:52:bb:4d:1e:80:
49:b6:bb:fc:47:87:d0:d1:d8:ae:00:d3:53:bf:9b:2e:3d:af:
51:0a:be:b1:1c:f5:7b:ab:e8:d8:3f:58:b7:da:3f:f8:ab:cc:
5e:41:ab:f3:bd:72:26:fe:b0:84:13:da:bc:54:bc:65:2a:9f:
c1:07:3c:57:d2:2b:f7:9d:a4:63:5e:f6:99:ed:91:8c:77:cd:
a3:29:3d:70:77:96:4e:da:24:c3:f7:b3:f0:ab:c5:3d:be:13:
c4:66:c9:2d:7b:2a:71:3e:5f:b7:41:de:33:f9:d6:f6:a2:20:
ee:76:fb:c9:c0:7b:50:82:5c:c3:a5:3d:34:6a:fa:2f:15:3a:
0a:e6:f0:44:65:83:cf:d9:70:8e:4e:2b:d2:c9:fc:5f:4d:6b:
a5:71:40:3c:ef:94:44:58:ac:3f:e1:74:f5:ea:8b:2a:fb:c6:
e5:c7:b9:cd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3McdW1k4rW3YQ49jj26F1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIxMTYxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODVhYjQzZmVlMmNmZjk3YzYyYjM4NjgyN2YyYzM4MWMzN2Y5YmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqnn95CAiB00HI2kINN3QA/bPjHg
mnZF3btzsyXRqDgsYSTFXmATRyEwvnzP+3p4EzVLKLvlYZfzQzrRE3BGKuJ1HCbJ
KjcGmpoBYdKub5bruh6+69l595qrWluyjWyJ7vRPoHHxxKFB4voLRTU3ezIaZOXb
7FqEblMdxswxx2GEX3OEGZmYANm6mx6g2a+PSumWBF/LmJWGfJeNyA5xOgUvl9al
OwAfoP90Kc6vNaGHtzVGJp3/9Dgj01A2GBWflPxAc3KE2oXvVHIaC6qXMC6j+cgx
DuKGf2tVmErLqttgLh7nB5IfF7QLo/MekM08klPsV7ntBZPqioxA5QB6+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDhatD/uLP+Xxis4aCfyw4HDf5vjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT0ZxMFAtNHNfNWZHS3pob0pfTERnY05fbS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKg72ASF4xAXWvm4Ph7g
8bsJ8tmAcJ10go0aON+MA3ODjDY2aCugx4v30xYAUaTYI1SLioWz/6IJwZn8VF7O
Lmn3LVUG1c/x4mvZKUThCnKAoWacPQxSu00egEm2u/xHh9DR2K4A01O/my49r1EK
vrEc9Xur6Ng/WLfaP/irzF5Bq/O9cib+sIQT2rxUvGUqn8EHPFfSK/edpGNe9pnt
kYx3zaMpPXB3lk7aJMP3s/CrxT2+E8RmyS17KnE+X7dB3jP51vaiIO52+8nAe1CC
XMOlPTRq+i8VOgrm8ERlg8/ZcI5OK9LJ/F9Na6VxQDzvlERYrD/hdPXqiyr7xuXH
uc0=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:35:37 2025 by rpki-client