Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RA2TqwzDMEm55vNKGpYJLNL3_fM.roa
File: RA2TqwzDMEm55vNKGpYJLNL3_fM.roa (raw, json)
Hash identifier: fzjSunMY95PsCf1k8e4D6kKNXwdU8RoD5vcjSz04TUk=
Subject key identifier: 44:0D:93:AB:0C:C3:30:49:B9:E6:F3:4A:1A:96:09:2C:D2:F7:FD:F3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E377C6DE0075C3A7106EC51FE57D38306
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RA2TqwzDMEm55vNKGpYJLNL3_fM.roa
Signing time: Wed 13 Mar 2024 11:04:45 +0000
ROA not before: Wed 13 Mar 2024 11:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:377b:dc68/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:37:7c:6d:e0:07:5c:3a:71:06:ec:51:fe:57:d3:83:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 13 11:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=440d93ab0cc33049b9e6f34a1a96092cd2f7fdf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d1:88:66:6c:37:16:13:f2:c9:ad:c2:18:5e:
9f:8e:0f:3c:85:b6:70:0e:83:68:1b:3b:14:e8:f1:
b8:60:73:e5:82:c0:74:0d:59:fe:6b:c1:9d:61:d7:
2b:18:8f:e6:b1:e0:70:b6:b9:83:8e:c4:74:27:f1:
7e:8e:4d:7e:c8:19:e1:0e:ca:65:e4:13:26:c8:98:
e5:dc:28:20:05:8a:6b:e4:00:ac:70:ec:82:e2:bc:
27:34:43:65:6c:84:7d:71:0a:e4:bb:36:e8:f8:aa:
57:68:e7:b0:41:0d:18:57:05:65:55:97:29:a9:77:
23:cf:f4:7e:0c:e9:38:fb:07:d1:a3:77:39:02:65:
e9:01:ee:23:99:1f:c5:af:6e:49:3d:f0:91:40:de:
99:14:8f:5d:e3:b6:c6:59:88:69:2f:a1:ab:c3:a5:
4e:19:16:22:54:81:2b:60:76:3f:b8:de:d9:b7:4a:
20:6d:c9:19:df:ba:ec:ea:fd:e5:d6:6b:b2:33:46:
00:b5:e7:0a:ae:1c:4d:fe:cf:fe:49:72:88:e0:9e:
fe:62:e9:da:07:40:12:f1:f5:9f:66:18:3e:18:54:
eb:8a:ff:58:82:8a:28:be:83:72:6d:95:6e:df:cf:
a5:d2:2d:4d:69:f4:60:0e:d1:e0:a4:12:ae:da:d1:
2a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0D:93:AB:0C:C3:30:49:B9:E6:F3:4A:1A:96:09:2C:D2:F7:FD:F3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RA2TqwzDMEm55vNKGpYJLNL3_fM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
32:51:45:ac:cd:d6:4c:f2:a3:4c:bc:c2:f1:85:58:1c:98:67:
b7:30:f5:d6:00:34:2b:12:76:ae:52:2f:52:59:8d:91:bc:12:
bf:7c:35:53:0e:b6:8d:fd:ef:16:3d:cd:d3:f7:9d:74:b4:f9:
e5:0e:ac:69:a1:10:71:cf:ef:cf:2d:ad:e1:53:ea:5f:c2:e9:
bc:6f:dd:54:d8:f4:a7:a3:bc:33:99:62:d8:1f:cf:89:33:66:
b6:61:ab:93:22:4a:8c:cc:a8:95:c6:74:b5:2b:5a:f6:f3:b1:
97:dd:68:c6:b0:84:5e:33:36:7e:a5:f7:e2:49:61:bc:a0:a8:
0b:29:9c:1a:08:22:f9:f2:80:fe:6f:41:8f:46:11:70:b6:fd:
3d:2a:02:25:e1:f8:51:a0:23:0b:4a:7a:ab:50:f2:49:cd:98:
20:b3:d0:af:6c:fd:7f:0e:65:e9:51:e0:98:03:68:1d:c0:13:
7c:47:a5:8e:ed:90:5d:ac:5b:48:4b:6c:64:fe:38:95:b4:59:
46:32:23:c8:57:58:76:2f:26:3e:56:e1:5a:bf:9b:e1:ef:b3:
c9:b3:d5:17:41:a1:2d:5f:f2:cd:32:37:eb:10:ac:b9:e9:e8:
ea:dc:65:ca:fa:6b:06:80:1d:15:da:f6:29:fa:80:cf:db:8d:
97:e9:b2:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY43fG3gB1w6cQbsUf5X04MGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEzMTEwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDBkOTNhYjBjYzMzMDQ5YjllNmYzNGExYTk2MDkyY2QyZjdmZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdGIZmw3FhPyya3CGF6fjg88hbZw
DoNoGzsU6PG4YHPlgsB0DVn+a8GdYdcrGI/mseBwtrmDjsR0J/F+jk1+yBnhDspl
5BMmyJjl3CggBYpr5ACscOyC4rwnNENlbIR9cQrkuzbo+KpXaOewQQ0YVwVlVZcp
qXcjz/R+DOk4+wfRo3c5AmXpAe4jmR/Fr25JPfCRQN6ZFI9d47bGWYhpL6Grw6VO
GRYiVIErYHY/uN7Zt0ogbckZ37rs6v3l1muyM0YAtecKrhxN/s/+SXKI4J7+Yuna
B0AS8fWfZhg+GFTriv9YgooovoNybZVu38+l0i1NafRgDtHgpBKu2tEqIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEQNk6sMwzBJuebzShqWCSzS9/3zMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUkEyVHF3ekRNRW01NXZOS0dwWUpMTkwzX2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADJRRazN1kzyo0y8wvGF
WByYZ7cw9dYANCsSdq5SL1JZjZG8Er98NVMOto397xY9zdP3nXS0+eUOrGmhEHHP
788treFT6l/C6bxv3VTY9KejvDOZYtgfz4kzZrZhq5MiSozMqJXGdLUrWvbzsZfd
aMawhF4zNn6l9+JJYbygqAspnBoIIvnygP5vQY9GEXC2/T0qAiXh+FGgIwtKeqtQ
8knNmCCz0K9s/X8OZelR4JgDaB3AE3xHpY7tkF2sW0hLbGT+OJW0WUYyI8hXWHYv
Jj5W4Vq/m+Hvs8mz1RdBoS1f8s0yN+sQrLnp6OrcZcr6awaAHRXa9in6gM/bjZfp
sss=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:40 2025 by rpki-client