Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/S7GzxvzUHYCADZWdJLtaX1iB5Vk.roa
File: S7GzxvzUHYCADZWdJLtaX1iB5Vk.roa (raw, json)
Hash identifier: R+WsymYLqUdgIKw4zOfhxVBFfIeMVy4bMv4EVYRx2E8=
Subject key identifier: 4B:B1:B3:C6:FC:D4:1D:80:80:0D:95:9D:24:BB:5A:5F:58:81:E5:59
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ED1254F9DA5C1D11A89B9310120FE4CB8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/S7GzxvzUHYCADZWdJLtaX1iB5Vk.roa
Signing time: Fri 12 Apr 2024 07:11:06 +0000
ROA not before: Fri 12 Apr 2024 07:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d1:25:4f:9d:a5:c1:d1:1a:89:b9:31:01:20:fe:4c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 12 07:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bb1b3c6fcd41d80800d959d24bb5a5f5881e559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e0:cb:72:48:db:a4:ba:83:29:7e:38:68:1f:
34:4f:f7:1a:50:3c:ee:4b:31:1d:1f:ed:ec:f5:34:
d5:41:06:37:22:99:bc:62:d5:f0:2c:51:a8:7c:37:
f6:61:9d:e2:75:dd:9c:af:10:97:0f:7b:18:a6:e7:
4f:b9:ac:f3:31:d1:ed:89:dc:e8:15:56:59:94:b7:
b1:5d:64:2b:c4:45:08:46:16:c5:64:3d:a3:aa:98:
f5:49:66:6a:4e:05:58:54:fb:50:8b:0a:7d:d7:42:
b9:3a:00:e4:17:ad:fe:de:fa:ef:95:8a:76:54:b6:
61:96:70:34:e7:ec:6a:f1:e7:00:85:73:30:36:f0:
db:83:0d:8a:73:38:71:4d:e6:32:16:79:0f:c7:d6:
00:fb:6f:ea:e7:e7:09:03:0a:37:e0:e7:d1:2a:85:
4d:f5:77:9f:90:4c:ee:7e:cb:be:ff:bf:2c:2f:03:
f9:d0:00:3e:15:52:57:47:82:e3:a8:55:82:ab:81:
25:a0:96:a6:47:f0:10:e1:2e:4f:06:40:88:34:4e:
fe:d6:13:a8:31:e1:21:a5:57:03:32:d2:ba:ff:d6:
21:d6:70:27:fc:10:99:11:27:46:49:3c:88:89:bf:
4f:39:18:1a:53:9e:b0:21:0e:b3:58:a0:ae:1f:b3:
41:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B1:B3:C6:FC:D4:1D:80:80:0D:95:9D:24:BB:5A:5F:58:81:E5:59
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/S7GzxvzUHYCADZWdJLtaX1iB5Vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a8:0e:2b:d2:c5:54:9f:50:44:bd:20:f1:7f:d5:7f:e5:fb:8e:
77:dd:03:65:a2:f5:f4:b8:8a:02:eb:cd:7f:ff:2b:be:50:76:
c8:dd:03:47:1e:da:99:64:3b:c4:fc:b4:19:9d:1e:ab:be:93:
67:88:dc:6e:13:c4:e2:75:06:a9:2d:6a:7e:14:99:2e:24:1e:
ed:49:04:40:5a:f9:af:93:48:93:fa:fc:15:b3:e1:86:7d:0f:
4d:e1:35:35:db:2b:fc:2d:91:8b:10:8e:03:c3:19:ff:0d:db:
9f:bd:67:b7:d8:0b:46:9a:12:43:2d:42:2a:ea:c1:65:11:72:
4e:36:18:b1:9b:4d:10:78:7c:fd:c1:c8:dc:f5:88:1f:a8:45:
99:d6:37:65:2f:f7:a3:66:29:2e:d4:9e:7d:4d:33:89:f0:ce:
51:97:af:0c:94:06:23:ce:92:65:f4:3f:b1:6e:e0:9d:d4:98:
46:ba:65:49:d7:d8:30:61:30:a1:16:14:89:b2:c0:4d:55:76:
34:ba:64:19:d2:43:f5:95:8f:f5:e2:f6:87:41:34:50:a6:f5:
47:7c:d4:de:6d:c0:b3:0d:ce:17:26:63:76:98:1d:44:3d:a6:
24:b9:43:e9:c7:a0:62:f8:22:b9:8c:9d:32:79:ed:07:fa:42:
64:23:7e:6f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7RJU+dpcHRGom5MQEg/ky4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEyMDcxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmIxYjNjNmZjZDQxZDgwODAwZDk1OWQyNGJiNWE1ZjU4ODFlNTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlODLckjbpLqDKX44aB80T/caUDzu
SzEdH+3s9TTVQQY3Ipm8YtXwLFGofDf2YZ3idd2crxCXD3sYpudPuazzMdHtidzo
FVZZlLexXWQrxEUIRhbFZD2jqpj1SWZqTgVYVPtQiwp910K5OgDkF63+3vrvlYp2
VLZhlnA05+xq8ecAhXMwNvDbgw2KczhxTeYyFnkPx9YA+2/q5+cJAwo34OfRKoVN
9XefkEzufsu+/78sLwP50AA+FVJXR4LjqFWCq4EloJamR/AQ4S5PBkCINE7+1hOo
MeEhpVcDMtK6/9Yh1nAn/BCZESdGSTyIib9PORgaU56wIQ6zWKCuH7NBUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEuxs8b81B2AgA2VnSS7Wl9YgeVZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvUzdHenh2elVIWUNBRFpXZEpMdGFYMWlCNVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKgOK9LFVJ9QRL0g8X/V
f+X7jnfdA2Wi9fS4igLrzX//K75QdsjdA0ce2plkO8T8tBmdHqu+k2eI3G4TxOJ1
Bqktan4UmS4kHu1JBEBa+a+TSJP6/BWz4YZ9D03hNTXbK/wtkYsQjgPDGf8N25+9
Z7fYC0aaEkMtQirqwWURck42GLGbTRB4fP3ByNz1iB+oRZnWN2Uv96NmKS7Unn1N
M4nwzlGXrwyUBiPOkmX0P7Fu4J3UmEa6ZUnX2DBhMKEWFImywE1VdjS6ZBnSQ/WV
j/Xi9odBNFCm9Ud81N5twLMNzhcmY3aYHUQ9piS5Q+nHoGL4IrmMnTJ57Qf6QmQj
fm8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:12 2025 by rpki-client