Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pbgd0fR6UDqDPExdWmawUk4jyIs.roa
File: Pbgd0fR6UDqDPExdWmawUk4jyIs.roa (raw, json)
Hash identifier: /D0TJNm8VF9Kwq8L6vkh+HQ0/w2GoqKKAA3DahOsKyA=
Subject key identifier: 3D:B8:1D:D1:F4:7A:50:3A:83:3C:4C:5D:5A:66:B0:52:4E:23:C8:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E93C59BDAA4CC4201E0E927E057C99CCD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pbgd0fR6UDqDPExdWmawUk4jyIs.roa
Signing time: Sun 31 Mar 2024 09:09:44 +0000
ROA not before: Sun 31 Mar 2024 09:09:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:93:c5:9b:da:a4:cc:42:01:e0:e9:27:e0:57:c9:9c:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 31 09:09:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3db81dd1f47a503a833c4c5d5a66b0524e23c88b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:85:9b:cc:2b:8c:e1:06:76:aa:8f:d9:d9:79:
9b:c3:93:08:d7:08:a6:6b:37:f3:8e:3f:ad:cc:be:
2e:ce:02:98:60:eb:6d:b6:ac:dd:2f:3e:e8:7b:df:
00:ad:4e:ac:fb:23:48:02:bc:52:8e:ba:21:19:12:
56:2e:e4:91:20:43:67:3d:d9:52:b5:db:d0:0a:cc:
e5:91:3c:ec:d8:2a:9d:97:33:4e:0a:4e:ce:07:72:
b5:0a:a7:50:91:56:df:89:2a:a7:87:3b:d4:31:d2:
e5:5b:6e:67:33:75:33:0e:98:85:ed:f2:5b:82:9d:
05:c2:15:55:df:d0:45:c6:b0:d3:e6:64:1a:09:0b:
de:bf:85:a3:bf:da:22:ce:1b:7b:d1:d4:e1:9f:e0:
0f:86:a6:f1:43:1d:44:d2:5e:e9:c2:d6:d8:27:53:
b4:3a:cf:bc:6b:60:53:2b:66:8e:cb:ce:d0:3a:39:
42:a1:39:b7:52:2c:60:22:69:3c:84:45:48:08:2a:
ca:a5:f3:8a:65:68:2f:90:d3:51:de:aa:c0:71:ee:
79:23:4f:f8:b6:c6:75:67:15:f0:15:59:cb:c7:0e:
eb:64:5e:ee:67:12:bd:ae:54:0b:96:b4:f9:67:91:
a3:c3:43:18:9f:de:be:b1:ba:d1:6f:b0:39:d4:c9:
7b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B8:1D:D1:F4:7A:50:3A:83:3C:4C:5D:5A:66:B0:52:4E:23:C8:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pbgd0fR6UDqDPExdWmawUk4jyIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:0f:61:af:35:65:90:9c:c8:33:31:2a:00:e1:b4:20:86:4f:
94:31:fc:6f:f6:2d:21:0d:fe:c3:b1:77:2b:d1:78:2b:66:26:
38:94:c5:db:ba:d9:de:56:b4:0f:45:0b:1b:8c:83:0f:85:2a:
eb:f1:a1:7f:3e:4c:04:7c:79:95:94:0f:40:a0:82:47:5b:c0:
68:63:2f:c5:b1:2d:ab:2a:40:68:a1:58:0d:20:29:93:58:04:
c9:40:05:29:dd:50:20:3c:09:a2:5c:21:04:0c:7b:d1:b8:04:
2d:fd:04:74:a8:82:1c:40:3e:f0:0b:fe:a2:93:c3:01:39:27:
ab:c8:60:b6:83:34:f8:e7:f5:ad:c7:49:21:ee:3d:28:cc:cc:
1c:71:6d:eb:76:18:e1:d4:0c:13:2c:46:6d:f8:72:03:f3:74:
f7:06:04:da:db:f7:3a:2f:58:69:cb:ca:95:3d:10:70:df:d8:
a1:52:0c:a9:ef:55:01:73:33:aa:8a:87:c6:b0:1e:00:79:b6:
22:17:f0:00:05:9d:bd:a7:42:b1:1f:7f:6e:ee:00:33:61:19:
e1:cd:58:23:f6:93:09:11:3d:53:7d:b5:56:f5:db:b8:ce:da:
ca:37:6a:dc:04:bd:b8:df:30:2a:e2:7d:45:e1:67:d5:2a:29:
4f:d5:88:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6TxZvapMxCAeDpJ+BXyZzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMxMDkwOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGI4MWRkMWY0N2E1MDNhODMzYzRjNWQ1YTY2YjA1MjRlMjNjODhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IWbzCuM4QZ2qo/Z2Xmbw5MI1wim
azfzjj+tzL4uzgKYYOtttqzdLz7oe98ArU6s+yNIArxSjrohGRJWLuSRIENnPdlS
tdvQCszlkTzs2CqdlzNOCk7OB3K1CqdQkVbfiSqnhzvUMdLlW25nM3UzDpiF7fJb
gp0FwhVV39BFxrDT5mQaCQvev4Wjv9oizht70dThn+APhqbxQx1E0l7pwtbYJ1O0
Os+8a2BTK2aOy87QOjlCoTm3UixgImk8hEVICCrKpfOKZWgvkNNR3qrAce55I0/4
tsZ1ZxXwFVnLxw7rZF7uZxK9rlQLlrT5Z5Gjw0MYn96+sbrRb7A51Ml7LQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD24HdH0elA6gzxMXVpmsFJOI8iLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUGJnZDBmUjZVRHFEUEV4ZFdtYXdVazRqeUlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFAPYa81ZZCcyDMxKgDh
tCCGT5Qx/G/2LSEN/sOxdyvReCtmJjiUxdu62d5WtA9FCxuMgw+FKuvxoX8+TAR8
eZWUD0CggkdbwGhjL8WxLasqQGihWA0gKZNYBMlABSndUCA8CaJcIQQMe9G4BC39
BHSoghxAPvAL/qKTwwE5J6vIYLaDNPjn9a3HSSHuPSjMzBxxbet2GOHUDBMsRm34
cgPzdPcGBNrb9zovWGnLypU9EHDf2KFSDKnvVQFzM6qKh8awHgB5tiIX8AAFnb2n
QrEff27uADNhGeHNWCP2kwkRPVN9tVb127jO2so3atwEvbjfMCrifUXhZ9UqKU/V
iBc=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:11 2025 by rpki-client