Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SA5Dka6qSBpBfWdmRMNgiGKQX9k.roa
File: SA5Dka6qSBpBfWdmRMNgiGKQX9k.roa (raw, json)
Hash identifier: iNLwq50m2d+K4nRZ/KNdsVMznofLQTXhofDvKp5WUf4=
Subject key identifier: 48:0E:43:91:AE:AA:48:1A:41:7D:67:66:44:C3:60:88:62:90:5F:D9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ED3BA51C4CAE694E96669E8085A254ADC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SA5Dka6qSBpBfWdmRMNgiGKQX9k.roa
Signing time: Fri 12 Apr 2024 19:13:06 +0000
ROA not before: Fri 12 Apr 2024 19:13:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:ba:51:c4:ca:e6:94:e9:66:69:e8:08:5a:25:4a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 12 19:13:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=480e4391aeaa481a417d676644c3608862905fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b8:8e:29:43:fc:13:07:91:04:a8:3d:bd:5b:
55:84:30:d2:33:d4:99:7d:ff:fd:ca:84:02:22:47:
52:45:29:63:69:e8:a3:7a:0e:ec:fa:4a:df:a5:8f:
52:d8:9f:08:c8:ed:3d:47:e5:2c:d7:eb:f2:d8:f8:
b0:5d:8f:dc:15:7a:04:19:d1:07:83:87:e9:b6:4f:
55:b7:de:33:01:6b:cf:8a:a4:99:f8:c2:31:74:56:
1d:2d:8c:48:87:f5:7d:23:21:65:7b:71:84:f8:b6:
a4:61:aa:e8:7b:f7:fe:2d:2a:d1:59:44:c5:07:69:
38:9d:d5:32:57:fc:d0:3c:cf:30:a1:04:82:69:4f:
00:fe:16:b6:b2:32:23:e2:3a:0e:b7:96:17:ed:7b:
24:b3:aa:65:93:99:7d:84:8d:b0:81:e0:96:23:4e:
91:b7:6e:11:99:67:a8:11:ab:30:44:b0:fd:74:d6:
da:c5:86:b2:6d:1c:95:54:6d:34:3f:80:22:25:da:
8f:01:a0:62:c2:c2:58:5c:15:1c:32:68:f9:5e:20:
f9:f2:7e:cb:78:dc:7c:05:b0:0a:24:cb:e9:f6:72:
1f:f1:f5:ec:20:c0:0e:6e:83:93:49:e9:f9:12:84:
19:73:e4:d9:b4:1a:30:e1:2e:fb:ae:52:1f:fd:de:
47:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0E:43:91:AE:AA:48:1A:41:7D:67:66:44:C3:60:88:62:90:5F:D9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SA5Dka6qSBpBfWdmRMNgiGKQX9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
37:59:04:4c:ac:6d:37:53:96:52:62:47:21:da:0f:e0:75:c9:
44:c8:c4:12:6d:8f:5c:2a:ed:d2:d3:d2:cc:5f:81:79:7d:4c:
fd:76:96:71:2f:16:b0:50:27:22:96:96:73:73:1b:12:82:22:
65:a1:75:6f:14:17:ab:20:12:ef:a8:1c:b6:e3:3f:5f:3e:38:
87:80:8f:3a:36:3e:34:87:70:99:d2:1d:83:25:17:c3:96:8f:
2c:51:1a:96:e3:14:70:2e:c6:42:53:20:46:22:c7:8d:1a:b5:
5b:ea:3b:a9:ae:8d:ea:5e:91:58:c9:cd:73:55:4d:fe:c0:aa:
02:64:fc:79:75:d9:fd:76:b5:0d:dd:42:77:10:c3:41:4d:ef:
2b:1c:76:8f:7d:c8:2f:b5:f6:19:1a:07:17:c2:7d:23:7d:c8:
0e:95:f9:6e:36:da:9b:25:71:8b:7f:30:4f:bf:2d:30:f6:f2:
9c:b1:53:9c:18:1b:3b:ca:2e:46:5a:59:8d:de:42:dc:7e:85:
96:27:91:42:6d:b8:66:20:ac:86:49:bf:e4:86:5d:a6:dc:f8:
20:46:e3:ff:a7:8a:8b:32:f2:f5:6f:81:58:42:0c:b8:00:81:
d4:6a:1f:64:b9:31:82:b8:92:cb:19:8c:06:dc:22:aa:f0:d9:
d1:5d:b3:96
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7TulHEyuaU6WZp6AhaJUrcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEyMTkxMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODBlNDM5MWFlYWE0ODFhNDE3ZDY3NjY0NGMzNjA4ODYyOTA1ZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7iOKUP8EweRBKg9vVtVhDDSM9SZ
ff/9yoQCIkdSRSljaeijeg7s+krfpY9S2J8IyO09R+Us1+vy2PiwXY/cFXoEGdEH
g4fptk9Vt94zAWvPiqSZ+MIxdFYdLYxIh/V9IyFle3GE+LakYaroe/f+LSrRWUTF
B2k4ndUyV/zQPM8woQSCaU8A/ha2sjIj4joOt5YX7Xsks6plk5l9hI2wgeCWI06R
t24RmWeoEaswRLD9dNbaxYaybRyVVG00P4AiJdqPAaBiwsJYXBUcMmj5XiD58n7L
eNx8BbAKJMvp9nIf8fXsIMAOboOTSen5EoQZc+TZtBow4S77rlIf/d5HOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEgOQ5GuqkgaQX1nZkTDYIhikF/ZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvU0E1RGthNnFTQnBCZldkbVJNTmdpR0tRWDlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADdZBEysbTdTllJiRyHa
D+B1yUTIxBJtj1wq7dLT0sxfgXl9TP12lnEvFrBQJyKWlnNzGxKCImWhdW8UF6sg
Eu+oHLbjP18+OIeAjzo2PjSHcJnSHYMlF8OWjyxRGpbjFHAuxkJTIEYix40atVvq
O6mujepekVjJzXNVTf7AqgJk/Hl12f12tQ3dQncQw0FN7yscdo99yC+19hkaBxfC
fSN9yA6V+W422pslcYt/ME+/LTD28pyxU5wYGzvKLkZaWY3eQtx+hZYnkUJtuGYg
rIZJv+SGXabc+CBG4/+niosy8vVvgVhCDLgAgdRqH2S5MYK4kssZjAbcIqrw2dFd
s5Y=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:11:03 2025 by rpki-client