Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PBj7sJ0pgNgYyEJfUjwuQpLnwYQ.roa
File: PBj7sJ0pgNgYyEJfUjwuQpLnwYQ.roa (raw, json)
Hash identifier: TeIb2ykVV6Cy3cx4L9AdQrmDTCjZopM8O0Uc6uJvX9k=
Subject key identifier: 3C:18:FB:B0:9D:29:80:D8:18:C8:42:5F:52:3C:2E:42:92:E7:C1:84
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DAD51964E8D05EB06989B26BB9CFC59F5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PBj7sJ0pgNgYyEJfUjwuQpLnwYQ.roa
Signing time: Thu 15 Feb 2024 15:10:21 +0000
ROA not before: Thu 15 Feb 2024 15:10:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ad:51:96:4e:8d:05:eb:06:98:9b:26:bb:9c:fc:59:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 15 15:10:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c18fbb09d2980d818c8425f523c2e4292e7c184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3a:84:0a:16:72:ac:f4:05:14:a0:f1:73:58:
c2:16:17:83:a7:71:ce:dc:98:16:d4:f9:9f:0a:7b:
21:b9:94:7d:5d:d2:8e:b4:a8:4c:e0:b7:8e:65:d8:
14:42:ff:1d:8b:ad:43:48:9f:e4:9a:02:e6:57:55:
02:3c:5d:32:b1:9c:52:71:cb:43:d0:7d:76:79:81:
6b:e1:9a:8f:be:39:b5:fd:28:40:c9:28:96:58:56:
cf:9b:65:4f:50:17:c7:37:a1:0c:d9:09:63:86:b8:
d5:7b:a4:36:dc:29:b6:1e:a3:79:a9:cc:cd:fd:b0:
ba:6c:3e:4a:52:1e:ea:fa:66:ab:96:2c:32:f9:33:
a4:7f:0f:e6:f0:72:49:36:33:9e:cb:2a:93:e4:a3:
c6:8c:57:4b:d6:0b:51:0f:b8:1a:80:e4:28:2d:45:
f5:26:47:b4:02:3c:c4:a1:a9:22:be:e9:97:d5:90:
71:2e:d3:b0:07:61:b2:64:2c:81:e5:f9:a6:96:19:
c6:a9:24:8b:24:c4:f4:bf:ac:e7:b2:29:41:55:0d:
00:20:23:dc:08:d4:41:32:28:79:83:a5:8e:85:de:
72:bd:1b:4e:d3:16:cb:31:9e:b2:b9:dc:d5:a3:9e:
89:00:a5:11:b5:58:a3:8c:d1:29:30:de:f4:00:ed:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:18:FB:B0:9D:29:80:D8:18:C8:42:5F:52:3C:2E:42:92:E7:C1:84
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PBj7sJ0pgNgYyEJfUjwuQpLnwYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1c:50:22:dd:5e:a7:10:10:cc:40:a3:02:d5:2b:00:a9:92:4b:
c2:c2:1a:5b:29:95:d3:88:55:40:d5:82:58:03:76:bf:d9:4d:
41:5b:4b:a1:4c:4f:3b:c4:d3:7f:ab:76:4d:ee:6f:42:44:c4:
e6:9d:bb:98:0e:da:26:e3:7c:e6:0c:22:39:4c:3b:00:05:b6:
d0:88:7e:46:ba:b8:4a:72:03:c5:69:e8:3b:bd:ba:47:83:2f:
58:12:9f:ab:e0:81:81:1b:08:63:d5:5d:27:98:3e:fd:2d:a7:
2b:f4:8a:92:8d:38:68:65:96:93:b6:86:b3:03:aa:92:cb:11:
7a:c3:71:1b:52:78:02:7f:7a:6e:a9:54:59:6d:e1:a1:33:ac:
ce:73:c5:a4:7c:e7:f4:20:bd:96:bf:a9:c7:0f:dd:a8:82:93:
2d:d5:a7:79:0c:9b:79:ca:a2:fc:dd:d3:02:c8:6e:af:5f:c1:
17:4a:86:72:69:38:b1:89:cf:0f:05:7c:ca:5a:10:4b:a4:30:
d7:aa:3b:45:15:e7:f9:6d:43:17:ba:d4:cd:b4:5b:d1:bd:a4:
15:0b:e8:fa:95:c1:7e:f9:28:97:d2:5d:19:d1:26:13:5f:a0:
5b:dd:6a:11:04:b3:52:70:0e:af:a8:27:d9:42:f1:10:12:23:
17:a8:2e:b6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2tUZZOjQXrBpibJruc/Fn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE1MTUxMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzE4ZmJiMDlkMjk4MGQ4MThjODQyNWY1MjNjMmU0MjkyZTdjMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTqEChZyrPQFFKDxc1jCFheDp3HO
3JgW1PmfCnshuZR9XdKOtKhM4LeOZdgUQv8di61DSJ/kmgLmV1UCPF0ysZxScctD
0H12eYFr4ZqPvjm1/ShAySiWWFbPm2VPUBfHN6EM2QljhrjVe6Q23Cm2HqN5qczN
/bC6bD5KUh7q+marliwy+TOkfw/m8HJJNjOeyyqT5KPGjFdL1gtRD7gagOQoLUX1
Jke0AjzEoakivumX1ZBxLtOwB2GyZCyB5fmmlhnGqSSLJMT0v6znsilBVQ0AICPc
CNRBMih5g6WOhd5yvRtO0xbLMZ6yudzVo56JAKURtVijjNEpMN70AO3JjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDwY+7CdKYDYGMhCX1I8LkKS58GEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUEJqN3NKMHBnTmdZeUVKZlVqd3VRcExud1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABxQIt1epxAQzECjAtUr
AKmSS8LCGlspldOIVUDVglgDdr/ZTUFbS6FMTzvE03+rdk3ub0JExOadu5gO2ibj
fOYMIjlMOwAFttCIfka6uEpyA8Vp6Du9ukeDL1gSn6vggYEbCGPVXSeYPv0tpyv0
ipKNOGhllpO2hrMDqpLLEXrDcRtSeAJ/em6pVFlt4aEzrM5zxaR85/QgvZa/qccP
3aiCky3Vp3kMm3nKovzd0wLIbq9fwRdKhnJpOLGJzw8FfMpaEEukMNeqO0UV5/lt
Qxe61M20W9G9pBUL6PqVwX75KJfSXRnRJhNfoFvdahEEs1JwDq+oJ9lC8RASIxeo
LrY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 15:11:49 2025 by rpki-client