Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TIjAR1XRgrSkp9T11HsJ6WzCWOE.roa
File: TIjAR1XRgrSkp9T11HsJ6WzCWOE.roa (raw, json)
Hash identifier: UU81zr0Y+v2H02bXeujwReaxKY0zyOpnfNcLU4b4/fI=
Subject key identifier: 4C:88:C0:47:55:D1:82:B4:A4:A7:D4:F5:D4:7B:09:E9:6C:C2:58:E1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DE9615BFC4E44FF6D682522105E3CD361
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TIjAR1XRgrSkp9T11HsJ6WzCWOE.roa
Signing time: Tue 27 Feb 2024 07:04:48 +0000
ROA not before: Tue 27 Feb 2024 07:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:e961:93a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:61:5b:fc:4e:44:ff:6d:68:25:22:10:5e:3c:d3:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 27 07:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c88c04755d182b4a4a7d4f5d47b09e96cc258e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:19:c2:a9:02:25:58:b1:40:2c:15:e3:24:ae:
8b:72:4e:a7:3d:fe:56:a1:e5:17:88:6f:2e:4e:22:
7f:c1:3d:a2:1f:7e:ec:df:0a:05:c3:cf:89:57:b6:
e4:aa:b5:65:4d:bf:23:b6:5b:f9:ba:f8:9d:0b:49:
a3:d4:05:c8:b2:e5:a9:66:4b:67:b6:fd:38:44:d5:
bb:8d:8e:50:80:86:97:85:3e:ca:58:3d:f8:aa:06:
e7:0b:f1:08:b5:c5:44:10:4a:e0:e6:59:39:cc:02:
3f:19:76:58:30:fb:0a:19:90:ab:2c:0f:88:98:e1:
14:d4:e3:b4:18:53:cf:50:8b:7f:fb:7a:ae:3a:bf:
c2:d5:90:ed:0e:d7:6c:90:44:7f:10:df:cf:55:c3:
64:d6:e5:a4:77:fe:a7:b0:33:bc:b6:14:96:8a:0e:
a9:a3:81:a3:a4:9e:f2:01:34:05:94:ae:41:1e:fe:
e7:14:6c:21:34:7b:b9:36:56:1e:c0:67:ae:79:f7:
62:2f:5a:55:f9:97:df:64:f8:96:c9:23:33:51:17:
37:b9:7d:d4:fa:7a:39:13:15:f7:6e:df:63:5c:7b:
88:95:e2:52:1d:97:e9:a7:6f:20:a2:da:7b:83:bb:
83:f9:c3:66:70:9c:49:e4:99:f3:dd:ff:8b:a4:d1:
d9:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:88:C0:47:55:D1:82:B4:A4:A7:D4:F5:D4:7B:09:E9:6C:C2:58:E1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TIjAR1XRgrSkp9T11HsJ6WzCWOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
20:78:a1:4f:c2:ab:2d:ce:b9:76:53:e3:1a:70:8a:ca:0b:5f:
16:70:10:22:d5:b0:55:84:b9:c1:54:50:44:83:1e:88:cd:e2:
b8:8b:1f:7f:c8:0a:73:c1:79:3d:0e:ad:3a:61:49:3f:42:28:
ed:42:3d:06:d9:01:34:bc:32:74:a3:8a:27:75:8b:ae:69:84:
1d:fa:f0:40:15:31:03:5b:9c:9f:b8:89:b2:be:a6:95:8e:81:
4e:6c:09:c9:6b:06:71:b3:e1:4b:58:8f:03:51:88:77:f9:be:
ec:ea:24:50:95:cc:2c:78:e3:97:26:68:41:1c:6a:ed:49:cb:
50:41:b8:f8:44:88:24:f6:52:c7:bf:57:5b:57:61:ad:df:e2:
a1:d5:63:05:7d:26:15:b4:52:1d:a7:a4:c6:17:57:e1:3d:15:
8f:eb:c1:33:51:9b:08:10:7f:b5:0a:33:11:60:06:fc:8e:9b:
44:4b:e6:fc:01:82:41:da:7d:3e:95:b6:ba:77:20:06:fc:1a:
a2:84:e2:98:f2:05:a9:e7:c4:c0:ab:f8:51:de:fe:0b:8d:a0:
92:5b:71:44:87:04:44:78:c1:e4:9c:a0:ab:4a:9b:c7:56:2d:
a2:35:00:3c:d4:3b:2a:a5:bb:44:69:7e:80:03:22:62:78:04:
be:35:ab:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3pYVv8TkT/bWglIhBePNNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI3MDcwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzg4YzA0NzU1ZDE4MmI0YTRhN2Q0ZjVkNDdiMDllOTZjYzI1OGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhnCqQIlWLFALBXjJK6Lck6nPf5W
oeUXiG8uTiJ/wT2iH37s3woFw8+JV7bkqrVlTb8jtlv5uvidC0mj1AXIsuWpZktn
tv04RNW7jY5QgIaXhT7KWD34qgbnC/EItcVEEErg5lk5zAI/GXZYMPsKGZCrLA+I
mOEU1OO0GFPPUIt/+3quOr/C1ZDtDtdskER/EN/PVcNk1uWkd/6nsDO8thSWig6p
o4GjpJ7yATQFlK5BHv7nFGwhNHu5NlYewGeuefdiL1pV+ZffZPiWySMzURc3uX3U
+no5ExX3bt9jXHuIleJSHZfpp28gotp7g7uD+cNmcJxJ5Jnz3f+LpNHZdwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEyIwEdV0YK0pKfU9dR7CelswljhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVElqQVIxWFJnclNrcDlUMTFIc0o2V3pDV09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACB4oU/Cqy3OuXZT4xpw
isoLXxZwECLVsFWEucFUUESDHojN4riLH3/ICnPBeT0OrTphST9CKO1CPQbZATS8
MnSjiid1i65phB368EAVMQNbnJ+4ibK+ppWOgU5sCclrBnGz4UtYjwNRiHf5vuzq
JFCVzCx445cmaEEcau1Jy1BBuPhEiCT2Use/V1tXYa3f4qHVYwV9JhW0Uh2npMYX
V+E9FY/rwTNRmwgQf7UKMxFgBvyOm0RL5vwBgkHafT6Vtrp3IAb8GqKE4pjyBann
xMCr+FHe/guNoJJbcUSHBER4weScoKtKm8dWLaI1ADzUOyqlu0RpfoADImJ4BL41
qwA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:03 2025 by rpki-client