Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TChr7ZRvMoaDhEffeeMU1d38V-4.roa
File: TChr7ZRvMoaDhEffeeMU1d38V-4.roa (raw, json)
Hash identifier: loS0CvrThtQKeI88uowwybQdR9FkChXiegLXbJY/ay8=
Subject key identifier: 4C:28:6B:ED:94:6F:32:86:83:84:47:DF:79:E3:14:D5:DD:FC:57:EE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D7D0C9E562A42A68ACE9BCC088708B3FE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TChr7ZRvMoaDhEffeeMU1d38V-4.roa
Signing time: Tue 06 Feb 2024 06:13:15 +0000
ROA not before: Tue 06 Feb 2024 06:13:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:0c:9e:56:2a:42:a6:8a:ce:9b:cc:08:87:08:b3:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 6 06:13:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c286bed946f3286838447df79e314d5ddfc57ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:20:a7:20:e3:be:55:d4:60:eb:fa:ba:4d:83:
aa:0d:72:0b:67:9a:90:3a:9c:b3:1e:78:63:09:68:
7e:aa:6f:8a:9c:8e:29:26:20:83:02:ab:cf:5e:34:
3d:b4:e4:86:7a:cc:3a:42:06:cb:27:7a:32:26:04:
58:8b:c7:85:8b:92:8c:7f:c5:b1:d5:a8:51:d8:55:
ce:10:42:17:88:33:4c:0f:6d:0c:03:a1:e9:58:80:
3a:ba:7d:de:96:c8:f8:c0:09:5c:2e:ef:43:00:20:
c7:41:d0:09:c7:90:4d:f7:68:31:69:67:91:07:69:
6b:54:e8:56:f1:12:b7:22:2a:be:92:bc:dc:2a:99:
dc:24:a2:07:36:6f:a1:59:c4:0d:76:5c:a0:f9:49:
3d:46:f3:27:4c:63:42:14:ac:b8:ef:d6:d1:87:f5:
29:ac:9d:8c:9a:49:6b:02:c3:5d:e3:37:1f:80:67:
35:8b:56:80:9f:36:62:e7:21:45:21:00:d3:8c:53:
87:ab:bc:35:5e:46:a6:42:ae:40:59:74:35:a6:a0:
73:d7:63:02:4e:f4:1f:25:2b:14:88:3a:ac:41:3c:
0e:d2:4e:82:b0:24:9c:4c:37:7e:ef:ca:aa:75:64:
53:6e:63:8b:3b:56:6e:75:b1:00:ae:c6:dc:5d:2c:
01:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:28:6B:ED:94:6F:32:86:83:84:47:DF:79:E3:14:D5:DD:FC:57:EE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TChr7ZRvMoaDhEffeeMU1d38V-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:41:d9:e0:38:95:9d:73:aa:03:29:2f:09:47:9e:b2:f6:95:
8d:ab:59:d9:d4:e6:5d:89:76:ac:5e:13:83:7b:10:cf:9c:2d:
80:75:d4:f3:15:92:9c:d7:49:a5:65:ed:ad:64:2b:7a:29:19:
89:78:96:2e:35:16:3f:06:d9:b1:f8:3c:aa:9e:0f:ad:95:43:
79:5c:a9:f7:f9:a2:5d:f7:e1:be:b4:7f:39:9b:ed:ae:9d:45:
3a:2c:6f:91:ad:8e:41:01:a6:ec:47:9d:41:7e:2f:8f:9b:90:
e5:ea:5e:22:42:a9:fc:b3:17:61:b4:79:2d:0d:89:17:e8:e9:
fe:31:02:25:9a:85:2a:d3:62:e4:13:26:9c:df:9a:6d:1f:ac:
2f:4f:49:f6:0c:61:c3:46:ea:92:84:91:91:eb:90:a5:14:95:
b6:42:c3:a8:eb:48:bf:3e:d8:94:c2:d4:c0:89:bf:a3:5a:dd:
d6:97:d5:83:a4:ed:d1:7f:6a:6b:02:9f:4c:4e:0d:9f:15:12:
21:72:20:74:da:21:5d:b2:a7:75:44:20:6c:23:b5:63:ae:05:
3b:f3:77:68:25:d4:a7:49:64:ff:58:b9:db:e1:84:3b:e3:c9:
d8:96:00:77:f0:51:fe:26:66:69:61:6c:57:14:02:7d:eb:47:
64:b1:bd:40
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY19DJ5WKkKmis6bzAiHCLP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA2MDYxMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI4NmJlZDk0NmYzMjg2ODM4NDQ3ZGY3OWUzMTRkNWRkZmM1N2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyCnIOO+VdRg6/q6TYOqDXILZ5qQ
OpyzHnhjCWh+qm+KnI4pJiCDAqvPXjQ9tOSGesw6QgbLJ3oyJgRYi8eFi5KMf8Wx
1ahR2FXOEEIXiDNMD20MA6HpWIA6un3elsj4wAlcLu9DACDHQdAJx5BN92gxaWeR
B2lrVOhW8RK3Iiq+krzcKpncJKIHNm+hWcQNdlyg+Uk9RvMnTGNCFKy479bRh/Up
rJ2MmklrAsNd4zcfgGc1i1aAnzZi5yFFIQDTjFOHq7w1XkamQq5AWXQ1pqBz12MC
TvQfJSsUiDqsQTwO0k6CsCScTDd+78qqdWRTbmOLO1ZudbEArsbcXSwBUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEwoa+2UbzKGg4RH33njFNXd/FfuMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVENocjdaUnZNb2FEaEVmZmVlTVUxZDM4Vi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKJB2eA4lZ1zqgMpLwlH
nrL2lY2rWdnU5l2JdqxeE4N7EM+cLYB11PMVkpzXSaVl7a1kK3opGYl4li41Fj8G
2bH4PKqeD62VQ3lcqff5ol334b60fzmb7a6dRTosb5GtjkEBpuxHnUF+L4+bkOXq
XiJCqfyzF2G0eS0NiRfo6f4xAiWahSrTYuQTJpzfmm0frC9PSfYMYcNG6pKEkZHr
kKUUlbZCw6jrSL8+2JTC1MCJv6Na3daX1YOk7dF/amsCn0xODZ8VEiFyIHTaIV2y
p3VEIGwjtWOuBTvzd2gl1KdJZP9YudvhhDvjydiWAHfwUf4mZmlhbFcUAn3rR2Sx
vUA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:11 2025 by rpki-client