Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/T9HJic2IuEQ4Ms-N7QocqUQvOE4.roa
File: T9HJic2IuEQ4Ms-N7QocqUQvOE4.roa (raw, json)
Hash identifier: ZJ3HVjdB5ftxIlgH3ioENNyEjFvgC0qt1xt/hsUAlWY=
Subject key identifier: 4F:D1:C9:89:CD:88:B8:44:38:32:CF:8D:ED:0A:1C:A9:44:2F:38:4E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D4E0EF54C3200B810654C26B140D4F3AF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/T9HJic2IuEQ4Ms-N7QocqUQvOE4.roa
Signing time: Sun 28 Jan 2024 03:13:39 +0000
ROA not before: Sun 28 Jan 2024 03:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4e:0e:f5:4c:32:00:b8:10:65:4c:26:b1:40:d4:f3:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 28 03:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4fd1c989cd88b8443832cf8ded0a1ca9442f384e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:7e:8e:f2:e6:c7:a3:12:a7:c9:ff:ac:14:a8:
cb:c6:8c:66:7f:7f:51:95:bf:2e:6e:08:f2:91:06:
bf:cd:28:53:e7:8b:75:6b:85:a2:45:57:6b:a6:91:
ea:b2:ce:6d:4a:df:ae:7c:bb:72:0f:e7:79:9a:79:
98:61:e7:52:4d:d6:2c:95:27:de:fd:95:ba:c6:71:
45:79:b9:ae:c1:d4:84:ce:80:fa:e0:8b:3f:8b:c8:
7e:1f:68:5c:ba:74:2e:7a:17:d9:f7:15:4f:77:6c:
02:2f:84:40:a3:41:e4:c2:5d:cb:9a:21:f1:26:97:
55:01:e6:ab:2a:2e:6a:0b:af:22:64:5a:4b:ac:3c:
bd:61:c8:a7:64:6f:df:57:68:29:b3:c3:99:ba:51:
da:ad:e5:91:13:7e:3f:5c:7a:e2:a4:db:1b:1a:a5:
f1:25:0e:54:8a:b3:43:c2:1e:61:ae:38:e0:9f:bf:
c7:ac:c4:01:ba:e4:ff:9d:4a:e0:ea:c8:11:5d:4e:
0e:e9:26:c7:26:8d:95:bc:10:41:a6:fd:d7:1d:45:
ea:42:36:fe:3b:3b:e9:ad:d4:a1:7c:94:74:5e:f9:
7b:bd:90:e4:3a:01:ec:02:0b:c3:57:9c:01:b5:d4:
6d:e7:93:fd:b2:14:ce:9b:9e:90:cc:73:c0:de:08:
02:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D1:C9:89:CD:88:B8:44:38:32:CF:8D:ED:0A:1C:A9:44:2F:38:4E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/T9HJic2IuEQ4Ms-N7QocqUQvOE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:90:ae:84:5e:61:88:63:d2:3f:39:60:61:e8:dd:3b:14:68:
41:fd:e5:51:2f:f1:40:86:04:f3:d7:8a:f0:7d:b3:53:3c:59:
ec:0b:fe:bd:2b:a7:ae:6c:47:6d:ea:fc:32:c9:ff:a9:e4:88:
41:e0:3b:b3:e6:e6:7f:e0:5e:33:3e:c8:9d:e3:be:5e:5b:c2:
06:e7:2a:ee:4c:19:2f:8f:62:29:e6:47:67:4a:2b:2e:db:de:
32:65:63:10:5c:30:c6:c2:55:cf:d5:81:94:f1:67:33:f2:17:
7a:ab:15:1a:34:d7:7e:c1:fa:04:42:92:8a:42:1a:1a:29:3c:
e6:a9:4e:2c:e6:6b:4e:54:ce:99:4f:e5:ba:5d:7f:3b:39:fe:
78:c7:3a:e4:e6:84:9f:99:5e:fd:87:b3:22:f6:f6:48:2f:73:
bb:06:62:58:b8:ef:45:b2:a4:26:ba:75:af:27:0f:51:ac:67:
9b:10:52:e3:de:11:90:e1:72:57:42:22:13:38:98:73:ce:f8:
e4:61:1c:ab:6c:c6:d3:08:cc:4c:73:02:74:db:4c:0c:2a:cd:
66:f4:37:fa:55:0a:bf:0b:bb:e7:16:00:d6:2f:e8:4a:12:c4:
67:8a:df:28:11:07:8b:a1:82:7d:1d:89:91:6e:28:c0:99:e6:
41:87:1f:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1ODvVMMgC4EGVMJrFA1POvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI4MDMxMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmQxYzk4OWNkODhiODQ0MzgzMmNmOGRlZDBhMWNhOTQ0MmYzODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA736O8ubHoxKnyf+sFKjLxoxmf39R
lb8ubgjykQa/zShT54t1a4WiRVdrppHqss5tSt+ufLtyD+d5mnmYYedSTdYslSfe
/ZW6xnFFebmuwdSEzoD64Is/i8h+H2hcunQuehfZ9xVPd2wCL4RAo0Hkwl3LmiHx
JpdVAearKi5qC68iZFpLrDy9YcinZG/fV2gps8OZulHareWRE34/XHripNsbGqXx
JQ5UirNDwh5hrjjgn7/HrMQBuuT/nUrg6sgRXU4O6SbHJo2VvBBBpv3XHUXqQjb+
OzvprdShfJR0Xvl7vZDkOgHsAgvDV5wBtdRt55P9shTOm56QzHPA3ggCrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE/RyYnNiLhEODLPje0KHKlELzhOMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVDlISmljMkl1RVE0TXMtTjdRb2NxVVF2T0U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFyQroReYYhj0j85YGHo
3TsUaEH95VEv8UCGBPPXivB9s1M8WewL/r0rp65sR23q/DLJ/6nkiEHgO7Pm5n/g
XjM+yJ3jvl5bwgbnKu5MGS+PYinmR2dKKy7b3jJlYxBcMMbCVc/VgZTxZzPyF3qr
FRo0137B+gRCkopCGhopPOapTizma05UzplP5bpdfzs5/njHOuTmhJ+ZXv2HsyL2
9kgvc7sGYli470WypCa6da8nD1GsZ5sQUuPeEZDhcldCIhM4mHPO+ORhHKtsxtMI
zExzAnTbTAwqzWb0N/pVCr8Lu+cWANYv6EoSxGeK3ygRB4uhgn0diZFuKMCZ5kGH
H2A=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:13:52 2025 by rpki-client