Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PeqXk3CV3uhAKVmhBOIqxsmciGo.roa
File: PeqXk3CV3uhAKVmhBOIqxsmciGo.roa (raw, json)
Hash identifier: xE3vFP3aI8vYQNPQE8e/d5XI0Bdj7+63CWjaaPMwN18=
Subject key identifier: 3D:EA:97:93:70:95:DE:E8:40:29:59:A1:04:E2:2A:C6:C9:9C:88:6A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DB8B0F7D47E8193D3D4E8566F86528732
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PeqXk3CV3uhAKVmhBOIqxsmciGo.roa
Signing time: Sat 17 Feb 2024 20:10:21 +0000
ROA not before: Sat 17 Feb 2024 20:10:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b8:b0:f7:d4:7e:81:93:d3:d4:e8:56:6f:86:52:87:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 17 20:10:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dea97937095dee8402959a104e22ac6c99c886a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9f:c8:61:54:1e:83:e5:38:b1:85:7a:44:53:
47:fc:68:d9:11:23:38:7d:df:96:d5:db:1c:0a:d4:
5e:1a:26:18:51:cc:70:bf:73:5f:2d:c8:9a:d5:b3:
3b:f5:30:67:9b:02:86:0b:97:d1:8c:73:c6:38:47:
9d:68:5e:5b:55:8f:2e:e1:a3:2f:8f:72:3f:95:78:
c7:58:66:df:eb:c1:b2:1b:1f:6b:91:a3:46:45:17:
6b:3f:81:4c:af:19:33:aa:fd:39:89:62:5f:0e:88:
8e:c7:72:f6:3b:07:71:05:90:87:61:e8:f5:44:0f:
b0:d2:f5:fe:d6:6e:68:d5:a3:43:0d:bd:92:2a:f8:
88:f4:21:21:b6:6d:0d:3b:95:da:df:ef:63:62:e5:
42:e6:aa:e1:69:b1:9d:15:24:8e:46:60:66:fa:cb:
f2:d1:d6:fb:c2:66:8e:f9:cd:f3:17:9c:c1:a4:5c:
da:5f:84:2b:26:e2:4c:8d:8c:52:e9:c4:55:57:bf:
3b:66:f5:79:63:c6:dc:9e:9f:da:85:70:24:df:d6:
cf:c7:03:c5:43:cc:09:f3:9f:71:e2:01:92:30:c7:
ab:84:5c:41:bb:a8:0d:4a:70:a0:cf:3f:cd:36:4e:
cf:61:d1:4e:15:fc:c9:b6:50:25:eb:fe:a6:05:ad:
eb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:EA:97:93:70:95:DE:E8:40:29:59:A1:04:E2:2A:C6:C9:9C:88:6A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/PeqXk3CV3uhAKVmhBOIqxsmciGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:0c:d7:ff:f7:88:4f:85:70:e4:04:af:6d:b5:ed:0a:c9:dc:
72:a4:16:93:48:43:ec:0e:58:f2:af:38:42:fc:a9:e5:17:3e:
8b:6e:1e:5a:ac:a3:92:b9:f3:b8:1a:34:5f:5c:49:45:3e:f5:
8e:65:59:0c:31:93:af:3a:94:0d:7f:9d:04:fb:64:3b:01:5c:
82:2f:c7:ae:2e:ef:2a:f0:ef:ff:d0:03:81:c0:73:88:8a:4d:
99:d7:31:e7:f8:bb:fe:31:e2:32:7c:4c:21:7d:c8:07:29:f5:
62:07:2c:47:58:d1:69:cc:07:be:3b:ec:9b:04:17:02:20:97:
df:25:c0:45:ea:93:15:49:03:d8:63:40:a7:a0:7f:b0:24:39:
86:4a:9c:29:f8:2d:b1:ae:c3:4c:b2:1d:5e:11:df:3c:f5:33:
c0:d8:4d:71:b3:de:ab:21:6d:89:a5:fd:1e:7a:b8:17:a6:2f:
62:1b:18:9e:28:a3:b3:7b:f4:7c:7c:f8:a3:eb:15:60:dd:43:
08:95:42:05:05:f5:5a:d2:c5:1e:14:73:92:99:f4:53:e0:ea:
5e:fa:ee:54:e4:24:48:80:28:53:0a:06:03:ce:7a:1b:95:56:
3b:9f:eb:de:cf:ca:86:ec:24:5a:1c:0d:2e:c2:b6:42:31:aa:
b0:f6:b1:75
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY24sPfUfoGT09ToVm+GUocyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE3MjAxMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGVhOTc5MzcwOTVkZWU4NDAyOTU5YTEwNGUyMmFjNmM5OWM4ODZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5/IYVQeg+U4sYV6RFNH/GjZESM4
fd+W1dscCtReGiYYUcxwv3NfLcia1bM79TBnmwKGC5fRjHPGOEedaF5bVY8u4aMv
j3I/lXjHWGbf68GyGx9rkaNGRRdrP4FMrxkzqv05iWJfDoiOx3L2OwdxBZCHYej1
RA+w0vX+1m5o1aNDDb2SKviI9CEhtm0NO5Xa3+9jYuVC5qrhabGdFSSORmBm+svy
0db7wmaO+c3zF5zBpFzaX4QrJuJMjYxS6cRVV787ZvV5Y8bcnp/ahXAk39bPxwPF
Q8wJ859x4gGSMMerhFxBu6gNSnCgzz/NNk7PYdFOFfzJtlAl6/6mBa3r7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD3ql5Nwld7oQClZoQTiKsbJnIhqMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUGVxWGszQ1YzdWhBS1ZtaEJPSXF4c21jaUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACkM1//3iE+FcOQEr221
7QrJ3HKkFpNIQ+wOWPKvOEL8qeUXPotuHlqso5K587gaNF9cSUU+9Y5lWQwxk686
lA1/nQT7ZDsBXIIvx64u7yrw7//QA4HAc4iKTZnXMef4u/4x4jJ8TCF9yAcp9WIH
LEdY0WnMB7477JsEFwIgl98lwEXqkxVJA9hjQKegf7AkOYZKnCn4LbGuw0yyHV4R
3zz1M8DYTXGz3qshbYml/R56uBemL2IbGJ4oo7N79Hx8+KPrFWDdQwiVQgUF9VrS
xR4Uc5KZ9FPg6l767lTkJEiAKFMKBgPOehuVVjuf697PyobsJFocDS7CtkIxqrD2
sXU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:01 2025 by rpki-client