Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Os41SfUAV_AYkGCRDUEKLofHvCA.roa
File: Os41SfUAV_AYkGCRDUEKLofHvCA.roa (raw, json)
Hash identifier: JbRIJ/+vc9ngre2VJQahLvCkeSGz1USyza2GGl1AGGo=
Subject key identifier: 3A:CE:35:49:F5:00:57:F0:18:90:60:91:0D:41:0A:2E:87:C7:BC:20
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E08BE892D94440A2DA233CD0ADDDB88D8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Os41SfUAV_AYkGCRDUEKLofHvCA.roa
Signing time: Mon 04 Mar 2024 09:14:48 +0000
ROA not before: Mon 04 Mar 2024 09:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:08:be:89:2d:94:44:0a:2d:a2:33:cd:0a:dd:db:88:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 4 09:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ace3549f50057f0189060910d410a2e87c7bc20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:0b:b1:3d:1d:61:ee:ff:ea:39:08:84:ee:5d:
fc:b4:c3:4f:35:47:4f:db:61:ab:11:19:4f:6c:86:
cc:cb:c4:f3:1f:65:db:a0:ae:77:c8:b0:a3:10:46:
e4:df:33:46:b0:8e:43:5b:a6:c0:ec:f2:9e:47:68:
ba:c9:9f:0f:15:d4:47:10:af:45:03:02:d6:0e:c4:
66:95:50:34:47:87:e1:51:87:d7:82:4a:6c:36:77:
0a:bd:ea:8c:16:a0:f8:3c:31:28:87:53:43:ca:b7:
a7:32:a1:12:02:44:88:69:80:89:58:06:74:f6:fa:
92:19:15:07:e7:49:aa:0d:34:77:bd:c8:6f:a1:e8:
77:7a:37:b9:83:9d:f2:7d:66:f5:11:cf:96:11:29:
29:d5:9b:71:57:ec:78:8d:87:f8:39:5f:ef:d3:57:
76:3f:cb:7e:38:0c:40:61:3c:5b:e6:23:e9:87:1b:
ab:9e:75:c5:d9:3a:cb:06:ff:5a:d9:bb:03:4f:f7:
bf:0a:cc:93:8e:8c:44:f8:31:20:b9:92:4b:a3:b8:
a9:c9:75:0f:2a:a6:2b:38:4d:81:94:79:b5:62:69:
8d:b4:82:85:1c:cf:49:e0:9d:fe:e1:2e:38:fb:39:
39:31:96:53:48:fb:3e:e3:49:91:0c:f8:a5:1b:38:
c2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CE:35:49:F5:00:57:F0:18:90:60:91:0D:41:0A:2E:87:C7:BC:20
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Os41SfUAV_AYkGCRDUEKLofHvCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:11:78:50:62:e2:5f:14:16:c1:91:ed:25:3b:3a:55:c0:a2:
da:44:40:4b:5c:69:98:48:a8:ef:c7:33:50:0f:5a:dd:ea:20:
42:7a:70:dd:a0:c2:1f:45:6d:0a:84:97:f4:56:47:e0:8f:22:
32:7e:71:c8:40:a3:21:5f:51:aa:91:5b:6f:30:9b:47:80:54:
fb:ff:32:6f:6f:9e:fd:1b:f6:86:ac:2d:c1:7a:bc:c8:97:56:
6a:f9:30:a2:d2:b9:a9:dc:9b:d8:8d:44:33:37:b5:a5:24:2a:
0c:e7:9b:d7:10:70:df:49:c1:d8:48:1d:81:55:07:e5:95:a4:
83:e3:f2:b1:7b:11:04:a4:06:21:bf:ab:35:bd:8f:f7:c9:a4:
41:80:a9:e7:d0:29:e0:5a:e3:d2:84:b1:f4:d8:57:a1:01:4d:
d3:73:d7:26:b5:c8:3f:78:84:c4:b4:af:49:59:65:00:f9:f2:
fa:a4:63:65:de:eb:f9:f1:6b:d2:f5:f3:3a:c8:70:46:a3:0b:
37:62:3d:e6:80:37:62:e0:3a:1b:32:e8:98:d1:41:04:31:d2:
9d:2b:aa:5f:fb:25:90:eb:2e:b3:96:5f:20:d0:04:16:19:30:
40:4d:95:b7:7a:9c:e6:8d:2c:65:f0:84:d1:ef:f1:82:32:23:
6b:c2:0a:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4IvoktlEQKLaIzzQrd24jYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA0MDkxNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWNlMzU0OWY1MDA1N2YwMTg5MDYwOTEwZDQxMGEyZTg3YzdiYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAuxPR1h7v/qOQiE7l38tMNPNUdP
22GrERlPbIbMy8TzH2XboK53yLCjEEbk3zNGsI5DW6bA7PKeR2i6yZ8PFdRHEK9F
AwLWDsRmlVA0R4fhUYfXgkpsNncKveqMFqD4PDEoh1NDyrenMqESAkSIaYCJWAZ0
9vqSGRUH50mqDTR3vchvoeh3eje5g53yfWb1Ec+WESkp1ZtxV+x4jYf4OV/v01d2
P8t+OAxAYTxb5iPphxurnnXF2TrLBv9a2bsDT/e/CsyTjoxE+DEguZJLo7ipyXUP
KqYrOE2BlHm1YmmNtIKFHM9J4J3+4S44+zk5MZZTSPs+40mRDPilGzjCoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDrONUn1AFfwGJBgkQ1BCi6Hx7wgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvT3M0MVNmVUFWX0FZa0dDUkRVRUtMb2ZIdkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGwReFBi4l8UFsGR7SU7
OlXAotpEQEtcaZhIqO/HM1APWt3qIEJ6cN2gwh9FbQqEl/RWR+CPIjJ+cchAoyFf
UaqRW28wm0eAVPv/Mm9vnv0b9oasLcF6vMiXVmr5MKLSuancm9iNRDM3taUkKgzn
m9cQcN9JwdhIHYFVB+WVpIPj8rF7EQSkBiG/qzW9j/fJpEGAqefQKeBa49KEsfTY
V6EBTdNz1ya1yD94hMS0r0lZZQD58vqkY2Xe6/nxa9L18zrIcEajCzdiPeaAN2Lg
Ohsy6JjRQQQx0p0rql/7JZDrLrOWXyDQBBYZMEBNlbd6nOaNLGXwhNHv8YIyI2vC
Cug=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:57 2025 by rpki-client