Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RvPpu3D7vfoy922TV-xV9MAU6v4.roa
File: RvPpu3D7vfoy922TV-xV9MAU6v4.roa (raw, json)
Hash identifier: RS5mIGDiGrDU9ebQ5+x2Xxg/KFiUZFu3RHOyoz7HLFc=
Subject key identifier: 46:F3:E9:BB:70:FB:BD:FA:32:F7:6D:93:57:EC:55:F4:C0:14:EA:FE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD9FAE773D04D1CB2FD27425C6FF911E7
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RvPpu3D7vfoy922TV-xV9MAU6v4.roa
Signing time: Fri 05 Jan 2024 14:15:48 +0000
ROA not before: Fri 05 Jan 2024 14:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:fa:e7:73:d0:4d:1c:b2:fd:27:42:5c:6f:f9:11:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 5 14:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46f3e9bb70fbbdfa32f76d9357ec55f4c014eafe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:95:2e:3d:56:e4:dc:bb:36:ac:13:5e:9a:b9:
90:46:5b:d6:2b:9f:c9:9c:07:ed:cc:48:69:e4:ad:
9e:53:c1:5f:f7:8d:dc:e4:32:ce:0e:b7:8b:b7:a4:
52:24:39:4b:2b:e7:a5:d0:b4:5d:f2:99:34:64:8f:
10:33:b4:32:62:2a:01:c3:61:65:ab:55:7a:e8:95:
e8:6c:33:36:60:10:c3:eb:c4:4d:33:e2:8a:2f:08:
7b:9c:87:32:83:07:f1:6d:5e:ff:6f:e8:f3:e2:5c:
2a:a2:57:c2:3a:08:61:59:c6:f7:91:fc:e4:d3:85:
fb:86:a3:f6:2c:6d:43:55:2a:99:39:7e:29:41:ba:
79:e5:f8:24:68:a8:68:01:d6:42:1a:e0:e5:2a:42:
db:cf:dc:31:68:26:e2:13:9b:28:6e:93:6d:c1:81:
e9:ef:01:f3:29:01:dc:28:b3:f4:cd:e9:04:a5:28:
f3:58:be:b9:b3:c2:e1:37:64:c8:9f:ce:e3:1c:cd:
fd:a6:e9:ed:2d:5a:8a:39:ea:13:20:4a:39:74:2d:
20:ca:ec:d6:33:a3:76:af:db:8a:91:72:c5:7e:18:
a3:d7:cd:7c:9c:0f:33:17:86:8f:31:b6:0e:97:e5:
c8:01:7b:49:bb:8f:ef:73:cb:98:f9:e8:fa:7e:09:
c2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:F3:E9:BB:70:FB:BD:FA:32:F7:6D:93:57:EC:55:F4:C0:14:EA:FE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/RvPpu3D7vfoy922TV-xV9MAU6v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
63:6e:3b:9f:8d:11:f1:d0:3d:bb:cc:e0:17:06:c8:b1:85:57:
51:29:7b:ee:fa:3b:7c:39:df:84:29:18:1c:ae:18:09:cf:21:
5f:9e:a8:a5:7d:2b:a4:c1:6a:69:5a:89:c0:3c:9c:5d:f3:3f:
b9:01:a6:24:3a:b5:91:b9:82:cc:72:d2:8d:46:6d:b2:b8:c8:
31:27:30:f4:c4:7b:d1:62:e6:ca:08:4b:7b:83:3d:73:83:60:
a8:36:77:ec:d6:2d:ea:3e:21:d7:d5:e9:98:66:a2:91:73:f5:
e1:bb:1b:9a:a4:4d:55:3d:b4:0b:bc:57:21:4d:23:c1:7d:fd:
81:3d:40:4f:3e:ab:b3:78:8b:4f:43:b4:6c:d4:32:03:98:e2:
7a:eb:b4:0d:9d:ce:db:06:fa:37:bf:21:2a:28:49:f4:10:2e:
89:6a:21:b8:80:33:d1:98:e9:7c:4e:f3:cc:5c:af:25:5c:e7:
f8:05:8a:a9:fc:f6:60:39:df:1c:24:74:c8:91:aa:c4:87:12:
60:49:7d:18:85:ca:b5:86:fc:e5:12:38:6c:d3:b3:a8:63:5d:
88:cf:3c:b8:41:67:60:5b:3a:37:67:eb:92:55:9c:70:a6:7b:
8e:b8:90:f9:44:fe:89:4b:da:c0:26:31:39:fa:0b:01:9c:26:
98:23:02:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzZ+udz0E0csv0nQlxv+RHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA1MTQxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmYzZTliYjcwZmJiZGZhMzJmNzZkOTM1N2VjNTVmNGMwMTRlYWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JUuPVbk3Ls2rBNemrmQRlvWK5/J
nAftzEhp5K2eU8Ff943c5DLODreLt6RSJDlLK+el0LRd8pk0ZI8QM7QyYioBw2Fl
q1V66JXobDM2YBDD68RNM+KKLwh7nIcygwfxbV7/b+jz4lwqolfCOghhWcb3kfzk
04X7hqP2LG1DVSqZOX4pQbp55fgkaKhoAdZCGuDlKkLbz9wxaCbiE5sobpNtwYHp
7wHzKQHcKLP0zekEpSjzWL65s8LhN2TIn87jHM39puntLVqKOeoTIEo5dC0gyuzW
M6N2r9uKkXLFfhij1818nA8zF4aPMbYOl+XIAXtJu4/vc8uY+ej6fgnCwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEbz6btw+736Mvdtk1fsVfTAFOr+MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUnZQcHUzRDd2Zm95OTIyVFYteFY5TUFVNnY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGNuO5+NEfHQPbvM4BcG
yLGFV1Epe+76O3w534QpGByuGAnPIV+eqKV9K6TBamlaicA8nF3zP7kBpiQ6tZG5
gsxy0o1GbbK4yDEnMPTEe9Fi5soIS3uDPXODYKg2d+zWLeo+IdfV6ZhmopFz9eG7
G5qkTVU9tAu8VyFNI8F9/YE9QE8+q7N4i09DtGzUMgOY4nrrtA2dztsG+je/ISoo
SfQQLolqIbiAM9GY6XxO88xcryVc5/gFiqn89mA53xwkdMiRqsSHEmBJfRiFyrWG
/OUSOGzTs6hjXYjPPLhBZ2BbOjdn65JVnHCme464kPlE/olL2sAmMTn6CwGcJpgj
Amk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:32 2025 by rpki-client