Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/R3-csZOKF2Ib2GYrMDvjClrhX0s.roa
File: R3-csZOKF2Ib2GYrMDvjClrhX0s.roa (raw, json)
Hash identifier: aMFBWkTG7C9UcSVr7CFOcOXTJUryUzEadIvH9Prg/3c=
Subject key identifier: 47:7F:9C:B1:93:8A:17:62:1B:D8:66:2B:30:3B:E3:0A:5A:E1:5F:4B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5A7649420F6D637E6AE57C26F633D860
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/R3-csZOKF2Ib2GYrMDvjClrhX0s.roa
Signing time: Wed 20 Mar 2024 06:04:45 +0000
ROA not before: Wed 20 Mar 2024 06:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:5a75:c8eb/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5a:76:49:42:0f:6d:63:7e:6a:e5:7c:26:f6:33:d8:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 06:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=477f9cb1938a17621bd8662b303be30a5ae15f4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4e:75:dc:a3:3d:17:1d:52:bf:b4:75:de:ab:
fa:77:94:6d:87:cb:b0:ef:b0:d9:82:2f:95:4a:a0:
43:12:4d:11:06:c1:b9:42:6d:a2:63:19:3f:fb:8b:
12:d0:42:c6:eb:bf:b1:8e:0b:12:1d:e4:66:9f:58:
a6:bd:46:96:56:1c:df:d7:78:fe:52:c2:a2:4c:17:
6c:6b:49:f6:96:fb:97:2f:a5:b9:b8:15:79:d0:1b:
55:79:6b:13:47:7f:0d:61:dc:51:7f:2f:82:f9:7d:
80:6e:46:3d:a3:14:21:34:4c:65:62:1f:51:29:93:
b5:44:3c:01:78:ed:bb:44:fd:b7:5d:f0:9b:cc:80:
33:bc:80:cf:cf:9f:b7:ff:3f:99:94:57:39:9d:ab:
89:8d:f3:97:7a:07:e1:c8:39:5f:bc:f2:da:dc:85:
e6:92:09:b6:4b:41:4d:f6:5c:5d:75:4d:b8:9f:5e:
08:f9:83:5d:53:89:91:af:7f:7a:24:3c:60:8f:65:
8e:c2:14:02:a4:c5:e2:06:44:0c:54:df:a2:b7:76:
cf:aa:8c:16:c4:ba:d3:9c:af:7e:4f:44:76:93:5b:
3d:80:a4:57:71:b2:16:e6:af:d5:42:37:46:0f:fb:
f9:b6:da:c4:af:a4:00:d9:d4:d0:06:43:8e:48:71:
56:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7F:9C:B1:93:8A:17:62:1B:D8:66:2B:30:3B:E3:0A:5A:E1:5F:4B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/R3-csZOKF2Ib2GYrMDvjClrhX0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:61:67:04:99:82:92:20:52:f2:af:6e:3d:76:68:2a:7f:f2:
48:c3:98:0a:78:7f:ce:92:0f:4d:ee:13:e1:5c:37:01:7d:2e:
cf:04:8b:4a:f8:77:02:ce:15:e2:39:84:02:91:14:8a:85:8b:
d0:cf:b7:dd:57:00:e2:df:25:5e:bf:f9:37:59:cb:29:fb:68:
61:ba:71:9a:2b:8c:9c:c0:77:17:7c:c5:2d:62:5f:5a:68:20:
45:88:c5:a9:5a:97:4a:6f:07:0e:85:f1:d7:a9:e9:4c:24:51:
ff:6c:ea:6b:46:76:aa:58:9e:2b:29:e6:47:81:93:1f:5e:17:
01:77:6d:5b:e3:85:69:6a:4c:c4:ae:7d:18:4d:80:8e:4d:d1:
ea:2c:92:86:8f:71:82:b2:ef:55:1c:40:6c:1e:ad:9d:1b:d9:
ce:fa:8a:e5:ad:12:ac:60:02:77:03:64:3f:9f:e6:27:df:11:
ab:61:27:53:24:25:e3:2c:70:31:7e:84:ee:3e:36:9d:0f:5c:
71:ea:2f:1c:01:8b:a2:34:a5:0b:28:8b:e3:a1:d9:06:4f:9c:
b0:7c:c3:e5:9e:fd:b1:51:db:d5:fb:c0:7f:c2:ce:8a:16:ca:
36:2c:cf:eb:cf:26:d7:36:7d:64:e6:52:0d:54:98:95:45:7f:
b1:f1:79:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5adklCD21jfmrlfCb2M9hgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMDYwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzdmOWNiMTkzOGExNzYyMWJkODY2MmIzMDNiZTMwYTVhZTE1ZjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk513KM9Fx1Sv7R13qv6d5Rth8uw
77DZgi+VSqBDEk0RBsG5Qm2iYxk/+4sS0ELG67+xjgsSHeRmn1imvUaWVhzf13j+
UsKiTBdsa0n2lvuXL6W5uBV50BtVeWsTR38NYdxRfy+C+X2AbkY9oxQhNExlYh9R
KZO1RDwBeO27RP23XfCbzIAzvIDPz5+3/z+ZlFc5nauJjfOXegfhyDlfvPLa3IXm
kgm2S0FN9lxddU24n14I+YNdU4mRr396JDxgj2WOwhQCpMXiBkQMVN+it3bPqowW
xLrTnK9+T0R2k1s9gKRXcbIW5q/VQjdGD/v5ttrEr6QA2dTQBkOOSHFWgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEd/nLGTihdiG9hmKzA74wpa4V9LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUjMtY3NaT0tGMkliMkdZck1EdmpDbHJoWDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAChhZwSZgpIgUvKvbj12
aCp/8kjDmAp4f86SD03uE+FcNwF9Ls8Ei0r4dwLOFeI5hAKRFIqFi9DPt91XAOLf
JV6/+TdZyyn7aGG6cZorjJzAdxd8xS1iX1poIEWIxalal0pvBw6F8dep6UwkUf9s
6mtGdqpYnisp5keBkx9eFwF3bVvjhWlqTMSufRhNgI5N0eoskoaPcYKy71UcQGwe
rZ0b2c76iuWtEqxgAncDZD+f5iffEathJ1MkJeMscDF+hO4+Np0PXHHqLxwBi6I0
pQsoi+Oh2QZPnLB8w+We/bFR29X7wH/CzooWyjYsz+vPJtc2fWTmUg1UmJVFf7Hx
efM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:16:11 2025 by rpki-client