Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RIaEcNNsdwbpO0wB0kBBeN2MFZg.roa
File: RIaEcNNsdwbpO0wB0kBBeN2MFZg.roa (raw, json)
Hash identifier: 43P6XQeRF4xWKBtDTsNfAYYMn25tVIUHMhgftrbXCAQ=
Subject key identifier: 44:86:84:70:D3:6C:77:06:E9:3B:4C:01:D2:40:41:78:DD:8C:15:98
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD1936A6F7C91D786896359B8EC7A9866
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RIaEcNNsdwbpO0wB0kBBeN2MFZg.roa
Signing time: Wed 03 Jan 2024 23:05:48 +0000
ROA not before: Wed 03 Jan 2024 23:05:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:d192:b4ca/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d1:93:6a:6f:7c:91:d7:86:89:63:59:b8:ec:7a:98:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 23:05:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44868470d36c7706e93b4c01d2404178dd8c1598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ff:8b:2b:98:00:42:cf:d1:25:f5:48:0e:e0:
81:fd:4e:fc:d3:f4:5c:03:b2:54:ee:99:a5:f1:9a:
bb:d3:19:e4:fa:c2:3b:a7:88:89:6f:54:4b:7b:93:
28:d7:92:22:e5:60:e1:dc:09:52:38:a5:c6:e7:83:
a8:24:13:b3:a4:99:ae:42:98:44:f5:8b:7c:46:23:
f1:87:cb:7b:7d:57:81:23:8e:51:8d:38:38:da:26:
2b:3b:53:72:28:24:55:12:bc:b7:1d:d9:1e:dd:ed:
a7:c7:08:ea:a1:80:13:17:d8:b0:53:67:b0:af:14:
d2:25:fa:8b:33:64:8f:f3:9a:9a:77:70:e8:28:b4:
c2:4d:fc:33:b0:a9:36:6b:e4:75:e7:f9:9e:21:92:
6e:77:11:aa:be:b5:1c:d1:13:bb:6f:46:1a:22:9d:
f5:aa:37:11:e2:e7:cf:d4:93:ef:64:aa:a2:e2:6d:
8e:69:fc:e3:6f:de:d3:98:bb:43:17:04:b6:6a:e9:
64:14:46:8d:15:e1:0e:f1:3f:e3:00:6b:02:98:f2:
59:e6:9f:a8:b7:b1:c9:21:50:df:c1:24:b6:67:93:
a4:1b:43:a5:8c:13:df:9b:d0:2b:ad:44:5f:18:32:
56:d3:60:6e:a5:0c:3b:cc:9c:a7:c5:7c:19:15:4d:
3f:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:86:84:70:D3:6C:77:06:E9:3B:4C:01:D2:40:41:78:DD:8C:15:98
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RIaEcNNsdwbpO0wB0kBBeN2MFZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:1e:2e:80:eb:f3:9c:ef:09:48:75:ea:eb:a6:ff:c5:de:1f:
8f:d5:6f:bc:41:5d:3f:03:c7:37:ba:7c:9f:03:bc:70:45:47:
d6:c0:86:e3:7d:02:bc:b3:ad:6e:91:65:63:1c:70:15:be:dd:
f4:cc:a6:47:fd:98:cb:d7:da:e0:6a:85:0d:0d:c2:42:92:5d:
04:0e:1f:71:c1:89:78:e5:2a:05:ad:01:3d:ae:81:a6:33:88:
b9:b6:f7:3d:4d:2f:c6:20:57:ce:e8:08:98:d5:f1:ff:55:75:
69:c5:ec:9c:94:47:9b:46:b9:8d:be:18:ed:41:64:0b:b8:50:
9a:69:d3:45:92:15:4c:84:03:a2:59:50:9a:7d:70:bf:e2:6f:
db:e5:fb:a8:bb:78:b1:01:f5:66:ba:a7:1e:e1:06:8d:74:7e:
18:1a:6c:62:d3:30:0b:0d:55:4d:f7:5a:b9:73:9a:3e:ef:15:
ac:8e:18:e6:ad:76:7c:e4:fe:a7:e6:0c:87:c8:1f:88:0d:5a:
65:3d:38:bf:24:34:a1:16:f1:2a:7f:47:57:26:1c:af:ea:f8:
27:2b:54:3c:18:b5:4c:c8:11:b8:63:ba:b5:31:4b:22:00:7a:
68:f8:88:aa:2a:f4:73:53:ac:b9:30:24:77:5b:0e:11:8e:fe:
d8:6a:3d:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzRk2pvfJHXholjWbjsephmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMjMwNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg2ODQ3MGQzNmM3NzA2ZTkzYjRjMDFkMjQwNDE3OGRkOGMxNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP+LK5gAQs/RJfVIDuCB/U780/Rc
A7JU7pml8Zq70xnk+sI7p4iJb1RLe5Mo15Ii5WDh3AlSOKXG54OoJBOzpJmuQphE
9Yt8RiPxh8t7fVeBI45RjTg42iYrO1NyKCRVEry3Hdke3e2nxwjqoYATF9iwU2ew
rxTSJfqLM2SP85qad3DoKLTCTfwzsKk2a+R15/meIZJudxGqvrUc0RO7b0YaIp31
qjcR4ufP1JPvZKqi4m2Oafzjb97TmLtDFwS2aulkFEaNFeEO8T/jAGsCmPJZ5p+o
t7HJIVDfwSS2Z5OkG0OljBPfm9ArrURfGDJW02BupQw7zJynxXwZFU0/nwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFESGhHDTbHcG6TtMAdJAQXjdjBWYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUklhRWNOTnNkd2JwTzB3QjBrQkJlTjJNRlpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH8eLoDr85zvCUh16uum
/8XeH4/Vb7xBXT8Dxze6fJ8DvHBFR9bAhuN9AryzrW6RZWMccBW+3fTMpkf9mMvX
2uBqhQ0NwkKSXQQOH3HBiXjlKgWtAT2ugaYziLm29z1NL8YgV87oCJjV8f9VdWnF
7JyUR5tGuY2+GO1BZAu4UJpp00WSFUyEA6JZUJp9cL/ib9vl+6i7eLEB9Wa6px7h
Bo10fhgabGLTMAsNVU33Wrlzmj7vFayOGOatdnzk/qfmDIfIH4gNWmU9OL8kNKEW
8Sp/R1cmHK/q+CcrVDwYtUzIEbhjurUxSyIAemj4iKoq9HNTrLkwJHdbDhGO/thq
PS8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:45:31 2025 by rpki-client