Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SOSq8mKHrfXlb_RCsqZSI0HHK-A.roa
File: SOSq8mKHrfXlb_RCsqZSI0HHK-A.roa (raw, json)
Hash identifier: YnK9lKoZXCALPWgq0LCaF3695ovGG5SNVLRigu/kbOs=
Subject key identifier: 48:E4:AA:F2:62:87:AD:F5:E5:6F:F4:42:B2:A6:52:23:41:C7:2B:E0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB91DAF729ED1451594B4CC38A9E029E0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SOSq8mKHrfXlb_RCsqZSI0HHK-A.roa
Signing time: Sun 07 Apr 2024 15:11:54 +0000
ROA not before: Sun 07 Apr 2024 15:11:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b9:1d:af:72:9e:d1:45:15:94:b4:cc:38:a9:e0:29:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 7 15:11:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48e4aaf26287adf5e56ff442b2a6522341c72be0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6d:3d:12:a5:76:bf:b7:e4:b2:1b:4f:64:21:
f1:a6:5e:e4:20:7d:26:a1:ca:32:8b:bb:81:12:9e:
bd:ae:72:41:6b:18:57:f3:62:7f:b9:b9:97:e5:cd:
1b:3b:0e:61:86:f9:93:ad:5a:73:56:2c:30:77:f6:
2e:44:c8:ba:2a:13:2e:8e:f7:ac:13:83:2e:3e:08:
f4:13:21:1d:9e:f5:fc:55:3e:31:1b:6a:6a:73:27:
24:21:08:ec:21:63:a2:34:c3:f9:68:d1:2d:cc:6a:
95:f9:4a:2b:2e:1a:ec:7a:d8:88:bd:d2:9b:b9:36:
d0:d4:dd:6f:c3:3a:ae:ae:f7:c5:1e:f7:a5:e6:07:
43:b5:fe:a7:bd:13:86:b6:7c:ca:52:a2:71:68:bf:
96:6b:8d:5f:dd:70:59:2f:fb:f1:53:f5:29:bb:10:
96:ed:4d:f9:e0:03:f7:35:1e:f5:64:c8:92:4b:bf:
86:c1:a9:c9:f3:d7:1d:16:5c:fc:c2:47:8c:a7:8a:
3c:46:34:9b:f4:50:77:3d:a8:32:1d:c0:9a:28:b0:
4a:3b:64:68:90:e1:17:ef:1a:af:54:92:6c:38:0d:
de:ec:aa:fc:8b:63:65:54:b5:a7:92:5f:5f:a3:14:
1d:c8:9c:9b:e6:d8:86:e9:52:a9:83:77:94:bb:fc:
12:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E4:AA:F2:62:87:AD:F5:E5:6F:F4:42:B2:A6:52:23:41:C7:2B:E0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/SOSq8mKHrfXlb_RCsqZSI0HHK-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:39:c2:2a:15:69:a7:c5:50:65:7a:72:bd:46:bf:44:ec:d5:
34:f5:e7:85:fc:06:d9:e8:e2:63:99:a6:57:79:cd:a1:ed:9c:
53:82:15:eb:8d:d6:0f:f1:3c:3e:25:2c:22:ed:59:88:ca:54:
27:70:dc:6d:4e:f6:23:1e:bd:e3:2a:2c:f1:ad:c3:1b:9b:1a:
52:06:c9:e0:da:c3:7f:42:6b:69:f4:4f:c9:f8:da:49:56:36:
58:f9:97:e5:3b:cb:de:c5:c5:1c:2c:12:11:7d:fb:8a:8e:eb:
e4:13:89:6f:9e:2a:42:a0:e0:50:6f:6e:f7:58:c8:49:cd:0a:
d7:e1:11:d1:f2:19:90:4f:b4:ed:35:0e:4f:81:2f:63:4e:24:
b4:d4:f1:02:97:73:1b:ec:b8:c9:89:d3:7e:75:59:99:7c:0d:
73:ec:ad:44:1c:ec:7b:c8:e9:c5:36:93:71:24:f3:95:d3:d9:
bd:32:bd:8c:9a:d7:9d:4a:69:77:dd:71:e1:f2:e7:e0:68:06:
7c:35:d1:d8:c0:8c:77:1c:ec:72:13:a8:ca:9a:5e:4b:2d:59:
2e:c1:38:1f:1f:d1:21:99:6b:ab:69:b5:46:f5:17:59:95:3e:
38:c2:b4:c9:b7:ac:f6:83:1e:49:f6:a5:8a:4f:43:bb:36:05:
43:6b:95:ac
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY65Ha9yntFFFZS0zDip4CngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA3MTUxMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGU0YWFmMjYyODdhZGY1ZTU2ZmY0NDJiMmE2NTIyMzQxYzcyYmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG09EqV2v7fkshtPZCHxpl7kIH0m
ocoyi7uBEp69rnJBaxhX82J/ubmX5c0bOw5hhvmTrVpzViwwd/YuRMi6KhMujves
E4MuPgj0EyEdnvX8VT4xG2pqcyckIQjsIWOiNMP5aNEtzGqV+UorLhrsetiIvdKb
uTbQ1N1vwzqurvfFHvel5gdDtf6nvROGtnzKUqJxaL+Wa41f3XBZL/vxU/UpuxCW
7U354AP3NR71ZMiSS7+GwanJ89cdFlz8wkeMp4o8RjSb9FB3PagyHcCaKLBKO2Ro
kOEX7xqvVJJsOA3e7Kr8i2NlVLWnkl9foxQdyJyb5tiG6VKpg3eUu/wSVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEjkqvJih6315W/0QrKmUiNBxyvgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvU09TcThtS0hyZlhsYl9SQ3NxWlNJMEhISy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHw5wioVaafFUGV6cr1G
v0Ts1TT154X8Btno4mOZpld5zaHtnFOCFeuN1g/xPD4lLCLtWYjKVCdw3G1O9iMe
veMqLPGtwxubGlIGyeDaw39Ca2n0T8n42klWNlj5l+U7y97FxRwsEhF9+4qO6+QT
iW+eKkKg4FBvbvdYyEnNCtfhEdHyGZBPtO01Dk+BL2NOJLTU8QKXcxvsuMmJ0351
WZl8DXPsrUQc7HvI6cU2k3Ek85XT2b0yvYya151KaXfdceHy5+BoBnw10djAjHcc
7HITqMqaXkstWS7BOB8f0SGZa6tptUb1F1mVPjjCtMm3rPaDHkn2pYpPQ7s2BUNr
law=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:51 2025 by rpki-client