Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Rez_hh4GzryJcoEBsNnReL-jSZQ.roa
File: Rez_hh4GzryJcoEBsNnReL-jSZQ.roa (raw, json)
Hash identifier: WDCS5yt/9aYhg76wZuEbZGQAynklVsnXBcOuGEFSkgo=
Subject key identifier: 45:EC:FF:86:1E:06:CE:BC:89:72:81:01:B0:D9:D1:78:BF:A3:49:94
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9A732B2DF98306C78CB2043C7F31B530
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Rez_hh4GzryJcoEBsNnReL-jSZQ.roa
Signing time: Sun 11 Feb 2024 23:14:15 +0000
ROA not before: Sun 11 Feb 2024 23:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9a:73:2b:2d:f9:83:06:c7:8c:b2:04:3c:7f:31:b5:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 23:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45ecff861e06cebc89728101b0d9d178bfa34994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cd:e6:7d:9b:37:ed:e6:04:1d:18:a9:05:66:
63:e3:1d:2e:61:58:64:d7:5c:1b:b9:ad:4a:95:c7:
22:e4:8e:f1:4b:94:50:22:21:9b:e6:bb:cb:c2:2c:
52:c0:22:74:c3:da:95:d1:57:0d:90:6a:ec:73:2b:
e6:e7:0c:ea:90:bf:f1:8a:05:98:ff:48:68:a4:30:
a3:f9:30:7d:22:ee:93:0f:e1:4a:94:63:ca:d8:9c:
9c:56:9b:f5:bc:3b:f3:6c:05:7f:70:ac:ce:df:c4:
b1:c6:30:30:fb:2f:f2:8e:41:6c:eb:8f:85:5b:3d:
5d:65:31:58:3a:55:b6:08:80:0c:d5:f9:df:9c:57:
45:a0:e7:21:7c:67:f7:87:cd:11:ef:25:25:6c:07:
75:af:3d:1a:20:e2:d4:97:2d:e7:44:cb:7a:12:39:
e8:ed:c5:dd:c9:59:b5:ac:4c:6d:a2:53:df:68:ec:
6c:75:cd:eb:86:db:07:60:90:b6:b9:31:09:be:04:
58:6a:da:d0:b7:0f:b2:9c:ef:68:1f:04:9a:ab:81:
90:5d:0e:a2:3b:52:17:9d:c8:30:f9:ef:14:87:41:
8b:60:52:a0:93:fb:8d:f0:30:59:c2:66:dc:79:b3:
a2:ad:7e:93:99:63:a7:74:6f:d9:d9:83:99:95:c1:
e8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EC:FF:86:1E:06:CE:BC:89:72:81:01:B0:D9:D1:78:BF:A3:49:94
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Rez_hh4GzryJcoEBsNnReL-jSZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:a6:79:92:a0:16:d3:d5:b3:3a:41:ed:86:06:22:28:6c:14:
85:ae:eb:e5:19:d8:82:09:80:4d:36:42:36:ee:85:65:26:d8:
95:47:4b:8d:14:bb:11:7f:6a:c6:d0:6a:ff:22:9a:94:34:da:
aa:8d:f4:8f:26:16:eb:40:a9:7e:51:46:ae:3b:f4:21:2f:bf:
53:cc:d6:5c:9a:db:9c:f7:88:04:32:2a:17:f5:c6:63:6a:59:
37:e0:06:b3:95:66:3a:13:17:a4:f3:da:70:90:a3:4e:5a:f9:
b0:43:89:27:9a:e9:c7:df:69:e3:a9:f0:f0:5d:39:44:f3:41:
be:53:1d:2b:bb:b2:7a:ba:c1:4d:e8:7f:6e:50:50:51:b0:1b:
0b:08:27:96:60:74:b2:48:73:42:d0:8b:39:71:c2:a2:69:6e:
3e:84:00:36:4f:c6:0f:f8:b5:9b:a5:40:4d:de:db:f3:0c:94:
11:43:ac:01:b2:1a:9a:1f:cf:da:75:11:b3:e4:ea:0b:de:ab:
92:2a:33:42:08:11:33:1d:a1:ba:53:4a:23:9c:8e:96:52:3e:
8e:18:6a:8e:e5:e2:64:52:1f:d5:7f:09:ac:45:26:dd:54:2f:
7d:03:91:d5:a1:60:a9:54:7f:23:f0:aa:2f:d2:f4:47:a4:cf:
f7:1b:ad:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2acyst+YMGx4yyBDx/MbUwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMjMxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWVjZmY4NjFlMDZjZWJjODk3MjgxMDFiMGQ5ZDE3OGJmYTM0OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsM3mfZs37eYEHRipBWZj4x0uYVhk
11wbua1Klcci5I7xS5RQIiGb5rvLwixSwCJ0w9qV0VcNkGrscyvm5wzqkL/xigWY
/0hopDCj+TB9Iu6TD+FKlGPK2JycVpv1vDvzbAV/cKzO38SxxjAw+y/yjkFs64+F
Wz1dZTFYOlW2CIAM1fnfnFdFoOchfGf3h80R7yUlbAd1rz0aIOLUly3nRMt6Ejno
7cXdyVm1rExtolPfaOxsdc3rhtsHYJC2uTEJvgRYatrQtw+ynO9oHwSaq4GQXQ6i
O1IXncgw+e8Uh0GLYFKgk/uN8DBZwmbcebOirX6TmWOndG/Z2YOZlcHo7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEXs/4YeBs68iXKBAbDZ0Xi/o0mUMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUmV6X2hoNEd6cnlKY29FQnNOblJlTC1qU1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABKmeZKgFtPVszpB7YYG
IihsFIWu6+UZ2IIJgE02QjbuhWUm2JVHS40UuxF/asbQav8impQ02qqN9I8mFutA
qX5RRq479CEvv1PM1lya25z3iAQyKhf1xmNqWTfgBrOVZjoTF6Tz2nCQo05a+bBD
iSea6cffaeOp8PBdOUTzQb5THSu7snq6wU3of25QUFGwGwsIJ5ZgdLJIc0LQizlx
wqJpbj6EADZPxg/4tZulQE3e2/MMlBFDrAGyGpofz9p1EbPk6gveq5IqM0IIETMd
obpTSiOcjpZSPo4Yao7l4mRSH9V/CaxFJt1UL30DkdWhYKlUfyPwqi/S9Eekz/cb
rcA=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:13:34 2025 by rpki-client