Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TOcGXm-LuPrGblmKMwZKGkIxvCM.roa
File: TOcGXm-LuPrGblmKMwZKGkIxvCM.roa (raw, json)
Hash identifier: 2IsdpPnxovBOyQ946UepuLIRm6EKGQJiVm3fbzG8kig=
Subject key identifier: 4C:E7:06:5E:6F:8B:B8:FA:C6:6E:59:8A:33:06:4A:1A:42:31:BC:23
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E49C0F0B7392C372E7DFE8DFD0E555D26
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TOcGXm-LuPrGblmKMwZKGkIxvCM.roa
Signing time: Sun 17 Mar 2024 00:12:45 +0000
ROA not before: Sun 17 Mar 2024 00:12:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:49:c0:f0:b7:39:2c:37:2e:7d:fe:8d:fd:0e:55:5d:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 17 00:12:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ce7065e6f8bb8fac66e598a33064a1a4231bc23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d3:60:04:1a:77:79:95:5f:87:bb:42:5a:fc:
fb:50:fd:3c:2d:c7:1c:3a:8c:e5:8d:88:50:85:ab:
e7:5b:04:fa:df:57:d6:9c:7f:48:76:86:78:83:bf:
ee:9d:49:57:fc:ee:f0:74:65:6c:d2:d3:0a:15:c9:
38:e7:c7:dc:4b:19:7c:a2:63:9b:31:2d:2f:a0:9b:
ad:99:a7:e0:ac:d3:fd:a0:c7:d9:f8:03:f1:ab:3a:
a1:64:be:8f:77:77:80:6d:87:8c:65:ff:3f:70:65:
34:41:58:48:85:27:32:84:0b:ef:4f:33:ef:e7:d5:
a5:ff:23:08:4a:d1:0b:e0:20:ce:4c:94:4b:ef:33:
2f:92:b5:43:8e:99:7d:4c:cb:28:01:5d:cb:d4:77:
c5:1e:5d:16:c3:4d:00:c1:1a:df:96:e3:46:86:75:
52:b1:a9:6a:cc:13:82:eb:5e:82:a5:63:01:51:28:
95:34:ff:5c:53:51:09:93:1a:8f:bf:b9:d8:d9:50:
15:cb:1e:0c:8c:fe:09:a5:fc:40:68:83:ed:f0:e7:
c9:1a:9b:a3:db:5c:1b:e2:d3:fd:57:4d:74:74:9c:
c5:99:56:1a:1c:60:03:98:3e:7a:21:ee:ef:b3:96:
c3:8e:66:15:e6:f4:80:71:76:51:73:fb:0c:4b:0c:
3c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:E7:06:5E:6F:8B:B8:FA:C6:6E:59:8A:33:06:4A:1A:42:31:BC:23
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TOcGXm-LuPrGblmKMwZKGkIxvCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
35:e6:08:8c:8c:d3:02:ec:30:81:4a:3c:4d:a5:64:d6:19:bf:
72:3e:56:c5:9c:f1:0e:35:61:84:24:cc:64:89:e6:8f:da:0c:
ce:31:bc:e9:32:31:10:e5:53:ad:2b:cb:97:e7:20:3e:81:31:
3a:e3:7a:15:98:da:91:9e:29:33:34:43:a2:8e:7e:35:6e:18:
b9:a3:0d:c5:72:5f:c6:bb:7e:bb:09:4d:4f:e4:4c:fd:0f:85:
5f:d8:16:3f:06:10:ff:d3:aa:d2:20:17:a0:4f:88:76:5d:72:
c2:08:01:27:87:a5:7b:a0:b6:9c:87:0a:da:33:ba:61:92:8a:
5e:d2:46:f8:88:82:05:26:8d:4b:b9:26:86:b0:89:c7:0f:79:
44:64:50:db:86:1d:aa:51:8d:07:12:30:34:fe:24:82:4b:bf:
56:28:bb:3d:2b:27:96:7a:fa:19:b3:d9:0d:9b:00:d7:95:7d:
f2:c1:d4:5a:f3:df:3d:f8:f1:44:f8:7b:64:a7:5f:26:fc:3b:
1b:cc:17:3d:3c:41:7e:14:d5:a2:0b:90:c6:ae:27:2f:dd:c8:
68:7b:21:09:24:88:fa:cb:b2:35:1b:20:74:f3:89:24:6e:23:
7c:6a:2c:f0:20:b0:f5:b8:b6:ef:b7:7d:6b:0d:b9:e2:43:ce:
87:b5:e9:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5JwPC3OSw3Ln3+jf0OVV0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE3MDAxMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2U3MDY1ZTZmOGJiOGZhYzY2ZTU5OGEzMzA2NGExYTQyMzFiYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtNgBBp3eZVfh7tCWvz7UP08Lccc
OozljYhQhavnWwT631fWnH9IdoZ4g7/unUlX/O7wdGVs0tMKFck458fcSxl8omOb
MS0voJutmafgrNP9oMfZ+APxqzqhZL6Pd3eAbYeMZf8/cGU0QVhIhScyhAvvTzPv
59Wl/yMIStEL4CDOTJRL7zMvkrVDjpl9TMsoAV3L1HfFHl0Ww00AwRrfluNGhnVS
salqzBOC616CpWMBUSiVNP9cU1EJkxqPv7nY2VAVyx4MjP4JpfxAaIPt8OfJGpuj
21wb4tP9V010dJzFmVYaHGADmD56Ie7vs5bDjmYV5vSAcXZRc/sMSww81wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEznBl5vi7j6xm5ZijMGShpCMbwjMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVE9jR1htLUx1UHJHYmxtS013WktHa0l4dkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADXmCIyM0wLsMIFKPE2l
ZNYZv3I+VsWc8Q41YYQkzGSJ5o/aDM4xvOkyMRDlU60ry5fnID6BMTrjehWY2pGe
KTM0Q6KOfjVuGLmjDcVyX8a7frsJTU/kTP0PhV/YFj8GEP/TqtIgF6BPiHZdcsII
ASeHpXugtpyHCtozumGSil7SRviIggUmjUu5JoawiccPeURkUNuGHapRjQcSMDT+
JIJLv1Youz0rJ5Z6+hmz2Q2bANeVffLB1Frz3z348UT4e2SnXyb8OxvMFz08QX4U
1aILkMauJy/dyGh7IQkkiPrLsjUbIHTziSRuI3xqLPAgsPW4tu+3fWsNueJDzoe1
6Vw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:05 2025 by rpki-client