Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pfcc8WVHJoQJD7lpFicAoAyI9wo.roa
File: Pfcc8WVHJoQJD7lpFicAoAyI9wo.roa (raw, json)
Hash identifier: 5pNISFcfl6J7bYZX4vRzBLLddssd7dk/So4Ktkf3p5w=
Subject key identifier: 3D:F7:1C:F1:65:47:26:84:09:0F:B9:69:16:27:00:A0:0C:88:F7:0A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E7AA6078472ED4937250DDB541EB3F7E3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pfcc8WVHJoQJD7lpFicAoAyI9wo.roa
Signing time: Tue 26 Mar 2024 12:04:45 +0000
ROA not before: Tue 26 Mar 2024 12:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:7aa5:8c68/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7a:a6:07:84:72:ed:49:37:25:0d:db:54:1e:b3:f7:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 26 12:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3df71cf165472684090fb969162700a00c88f70a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c3:02:9e:2d:89:85:3c:14:34:09:01:30:7e:
af:c2:5d:81:a2:3a:e9:06:1c:02:cb:c4:78:35:96:
41:76:48:09:d1:77:d4:c9:7b:0d:47:46:93:a3:c8:
96:a6:f2:da:38:93:6a:d0:ab:b7:26:3f:5d:c6:08:
17:c2:67:63:b9:5d:fd:9e:7b:7f:9e:f0:3e:b5:bc:
30:0c:4a:fa:50:3f:7d:fd:6d:8c:2c:cd:a5:89:54:
dd:93:74:6b:fc:03:7c:9f:6c:94:36:ed:e7:9f:10:
b7:da:96:9c:5b:e4:3a:37:6a:7a:f9:0d:70:66:88:
f3:a9:07:fd:7e:b5:3a:2a:ff:b7:d1:80:ed:a1:a6:
38:27:c2:d5:70:0f:1c:d8:06:99:07:58:82:ef:68:
c8:de:b9:14:a1:36:df:a9:87:fc:a9:34:62:63:c1:
c2:ce:19:04:7a:ea:dc:0d:ce:67:b5:7f:00:c7:6b:
ba:4e:df:84:97:6e:28:a3:ef:30:8f:66:3a:89:96:
9f:ea:03:f1:9e:15:75:c5:21:b9:c8:f5:52:52:3c:
8e:da:11:67:ef:d2:af:b4:c6:37:b7:d9:60:5d:34:
38:e0:42:7f:77:6f:68:1a:17:ea:fc:2a:b9:fe:e9:
09:18:6a:80:4b:ae:65:46:91:8c:ed:e3:8b:b8:55:
f7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F7:1C:F1:65:47:26:84:09:0F:B9:69:16:27:00:A0:0C:88:F7:0A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Pfcc8WVHJoQJD7lpFicAoAyI9wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6a:80:ec:e0:47:3f:33:1c:d6:4b:b9:b9:c7:37:1b:08:9c:88:
ba:77:c8:1a:61:5e:dd:29:4f:f1:a0:2f:10:e9:3d:73:bd:c4:
0b:6a:ca:79:25:be:a7:41:67:42:19:9b:4c:10:97:e7:55:20:
52:b1:6b:7b:e8:b4:04:ad:4a:dc:59:c5:fd:46:71:ef:ef:69:
26:c7:f0:7d:f8:29:bc:d5:8e:49:2f:1c:46:b7:09:06:d8:28:
a9:54:15:63:e6:aa:ec:ac:84:8a:eb:15:cc:05:b8:73:65:2b:
cd:21:c3:7d:a3:22:98:60:04:b7:06:a8:da:9c:da:9d:b3:8d:
df:60:aa:04:a5:76:3c:9b:f0:37:d7:51:2e:b6:74:20:3a:93:
f7:0f:ee:a0:dc:61:6d:99:3d:c9:85:2a:c4:f0:d6:6b:56:1d:
84:1f:28:43:33:98:dc:37:7c:91:08:e6:ad:00:42:b2:40:62:
d2:5c:e3:b4:7b:ce:22:57:0f:e8:85:d8:79:6e:ec:c3:02:3b:
dd:7e:3b:56:e9:65:12:b8:ee:0b:76:c0:7e:be:77:bc:a8:16:
52:cf:f2:34:e5:f5:a7:90:04:8e:f3:31:f6:cd:24:05:80:a7:
c4:37:45:73:24:49:d0:ca:ea:0d:4a:0c:b6:44:d4:3a:0e:61:
27:73:a0:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY56pgeEcu1JNyUN21Qes/fjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI2MTIwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGY3MWNmMTY1NDcyNjg0MDkwZmI5NjkxNjI3MDBhMDBjODhmNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsMCni2JhTwUNAkBMH6vwl2Bojrp
BhwCy8R4NZZBdkgJ0XfUyXsNR0aTo8iWpvLaOJNq0Ku3Jj9dxggXwmdjuV39nnt/
nvA+tbwwDEr6UD99/W2MLM2liVTdk3Rr/AN8n2yUNu3nnxC32pacW+Q6N2p6+Q1w
ZojzqQf9frU6Kv+30YDtoaY4J8LVcA8c2AaZB1iC72jI3rkUoTbfqYf8qTRiY8HC
zhkEeurcDc5ntX8Ax2u6Tt+El24oo+8wj2Y6iZaf6gPxnhV1xSG5yPVSUjyO2hFn
79KvtMY3t9lgXTQ44EJ/d29oGhfq/Cq5/ukJGGqAS65lRpGM7eOLuFX3UQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFD33HPFlRyaECQ+5aRYnAKAMiPcKMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUGZjYzhXVkhKb1FKRDdscEZpY0FvQXlJOXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGqA7OBHPzMc1ku5ucc3
GwiciLp3yBphXt0pT/GgLxDpPXO9xAtqynklvqdBZ0IZm0wQl+dVIFKxa3votASt
StxZxf1Gce/vaSbH8H34KbzVjkkvHEa3CQbYKKlUFWPmquyshIrrFcwFuHNlK80h
w32jIphgBLcGqNqc2p2zjd9gqgSldjyb8DfXUS62dCA6k/cP7qDcYW2ZPcmFKsTw
1mtWHYQfKEMzmNw3fJEI5q0AQrJAYtJc47R7ziJXD+iF2Hlu7MMCO91+O1bpZRK4
7gt2wH6+d7yoFlLP8jTl9aeQBI7zMfbNJAWAp8Q3RXMkSdDK6g1KDLZE1DoOYSdz
oLg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:03 2025 by rpki-client