Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PDmcQaHDOGqGJwi4bHGpq_9mFsQ.roa
File: PDmcQaHDOGqGJwi4bHGpq_9mFsQ.roa (raw, json)
Hash identifier: MzzGuLBNObuT3NsHWmVjXZvO311YOYMlJo9wxWwd7sw=
Subject key identifier: 3C:39:9C:41:A1:C3:38:6A:86:27:08:B8:6C:71:A9:AB:FF:66:16:C4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDCFCDC6EB1D163134A2A56B66BDCE125
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PDmcQaHDOGqGJwi4bHGpq_9mFsQ.roa
Signing time: Sat 06 Jan 2024 04:16:48 +0000
ROA not before: Sat 06 Jan 2024 04:16:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:dc:fc:dc:6e:b1:d1:63:13:4a:2a:56:b6:6b:dc:e1:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 6 04:16:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c399c41a1c3386a862708b86c71a9abff6616c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:63:b5:d0:8e:1b:5e:88:b3:7a:06:e1:c9:6c:
c5:37:e4:ae:e9:e8:5b:3c:8c:f2:41:e0:4c:36:3c:
d7:01:e4:31:0d:5b:e2:7c:8a:45:2d:a2:07:c3:8f:
4d:66:74:7b:e6:99:df:ee:07:36:d0:8f:3d:9c:68:
cc:86:f1:81:09:47:b7:a3:84:ba:34:b8:03:fb:1c:
ef:b5:b8:2e:0c:55:bf:10:63:b5:9a:c5:b8:7f:f1:
73:9a:11:69:bd:54:ab:1f:1a:91:ce:72:ff:95:74:
22:f0:a5:4f:40:f5:a2:07:53:ba:2d:34:40:48:b8:
74:6b:aa:15:7d:f2:34:f0:d3:eb:f0:bd:7c:43:e0:
3f:54:68:ae:43:98:13:05:01:4f:7d:4a:8b:bb:a5:
c0:69:c0:38:d2:2a:2d:81:30:09:e4:72:2b:48:32:
5f:5a:b8:ca:8a:73:11:27:b0:66:ad:c1:df:2b:67:
7b:90:e6:48:1f:35:b8:71:92:5a:7e:2a:8f:86:19:
a1:f2:2f:71:ee:5a:1e:9f:2d:54:83:21:e1:7f:23:
ab:44:b1:cc:ef:85:bc:57:80:b0:d2:00:2d:e2:36:
0b:8e:16:73:ab:19:05:37:68:df:ef:20:68:27:06:
48:ad:69:6b:b1:c5:af:0e:fd:26:bd:d8:2e:0e:68:
93:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:39:9C:41:A1:C3:38:6A:86:27:08:B8:6C:71:A9:AB:FF:66:16:C4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PDmcQaHDOGqGJwi4bHGpq_9mFsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2a:ca:73:cc:3f:e5:0c:d6:9c:a8:56:d4:80:59:2c:b8:c1:51:
84:0d:5a:bd:d2:33:82:2b:05:7c:b1:d2:88:23:48:62:38:69:
7b:40:0c:bf:9a:0e:d6:a0:a8:98:61:27:e0:b1:d3:21:ba:b2:
e6:24:b2:70:1c:e3:3a:07:57:84:a4:9e:58:0a:e1:d9:8e:06:
6a:8d:7f:44:7a:1f:6c:5f:7c:44:f7:f3:51:d5:23:65:16:98:
bd:30:13:27:15:71:92:3f:1d:c4:c3:4f:a5:f0:05:c8:49:85:
5a:45:9a:b4:4d:8e:ed:9f:58:8b:c6:59:c0:bd:54:a8:b2:82:
fc:31:86:14:37:f2:b8:88:48:83:64:32:1c:7b:ab:93:2b:45:
70:d6:c4:15:7e:c9:05:1a:fc:2a:f2:e0:16:dc:d8:fd:46:25:
94:9d:62:e9:57:f2:46:15:72:65:b6:19:86:cf:ca:08:50:bc:
06:e0:89:c7:9b:dc:93:7c:a7:16:6b:b4:d4:35:ef:ed:79:02:
4d:c6:3e:01:42:b9:e8:6e:49:51:7b:ee:58:14:86:d2:2a:6c:
9b:cb:37:22:62:ed:b8:d3:b9:55:ef:59:c9:9b:4d:8e:63:e4:
9c:16:e2:2e:bc:fc:31:67:7b:77:d9:8e:80:20:0b:ba:2b:0d:
ad:12:ac:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzc/NxusdFjE0oqVrZr3OElMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA2MDQxNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzM5OWM0MWExYzMzODZhODYyNzA4Yjg2YzcxYTlhYmZmNjYxNmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2O10I4bXoizegbhyWzFN+Su6ehb
PIzyQeBMNjzXAeQxDVvifIpFLaIHw49NZnR75pnf7gc20I89nGjMhvGBCUe3o4S6
NLgD+xzvtbguDFW/EGO1msW4f/FzmhFpvVSrHxqRznL/lXQi8KVPQPWiB1O6LTRA
SLh0a6oVffI08NPr8L18Q+A/VGiuQ5gTBQFPfUqLu6XAacA40iotgTAJ5HIrSDJf
WrjKinMRJ7BmrcHfK2d7kOZIHzW4cZJafiqPhhmh8i9x7loeny1UgyHhfyOrRLHM
74W8V4Cw0gAt4jYLjhZzqxkFN2jf7yBoJwZIrWlrscWvDv0mvdguDmiTGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDw5nEGhwzhqhicIuGxxqav/ZhbEMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUERtY1FhSERPR3FHSndpNGJIR3BxXzltRnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACrKc8w/5QzWnKhW1IBZ
LLjBUYQNWr3SM4IrBXyx0ogjSGI4aXtADL+aDtagqJhhJ+Cx0yG6suYksnAc4zoH
V4SknlgK4dmOBmqNf0R6H2xffET381HVI2UWmL0wEycVcZI/HcTDT6XwBchJhVpF
mrRNju2fWIvGWcC9VKiygvwxhhQ38riISINkMhx7q5MrRXDWxBV+yQUa/Cry4Bbc
2P1GJZSdYulX8kYVcmW2GYbPyghQvAbgiceb3JN8pxZrtNQ17+15Ak3GPgFCuehu
SVF77lgUhtIqbJvLNyJi7bjTuVXvWcmbTY5j5JwW4i68/DFne3fZjoAgC7orDa0S
rAg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:52 2025 by rpki-client