Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TSeXyQdufs3aLCF3OLEP1htPgeQ.roa
File: TSeXyQdufs3aLCF3OLEP1htPgeQ.roa (raw, json)
Hash identifier: YzqUQVIE+K72joI6F5I5JAqfP3RyQuPVOgtjKdm2Kis=
Subject key identifier: 4D:27:97:C9:07:6E:7E:CD:DA:2C:21:77:38:B1:0F:D6:1B:4F:81:E4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D09D1CC9AAE6F0018E0C2C50499A6EA6A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TSeXyQdufs3aLCF3OLEP1htPgeQ.roa
Signing time: Sun 14 Jan 2024 21:12:40 +0000
ROA not before: Sun 14 Jan 2024 21:12:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:09:d1:cc:9a:ae:6f:00:18:e0:c2:c5:04:99:a6:ea:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 14 21:12:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d2797c9076e7ecdda2c217738b10fd61b4f81e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8d:93:21:80:58:49:93:d9:11:d4:cc:89:40:
46:38:81:3c:48:4b:87:82:18:0f:76:41:52:5a:59:
27:a1:94:38:8c:15:06:39:b1:77:d1:7e:f0:ca:62:
60:1f:2a:f1:ed:be:02:c2:68:b5:80:e8:36:c4:af:
81:9b:6f:db:05:25:ae:f8:2d:c2:ba:cd:36:fa:d6:
f0:bc:ac:43:b9:1e:ca:d1:0a:71:88:23:c1:04:e0:
db:70:07:df:a1:c1:50:04:8e:58:18:f9:21:58:13:
98:16:60:31:17:1e:b3:e9:34:49:2a:a8:d7:8c:b8:
3e:8a:16:71:fd:97:ae:c5:82:8c:86:85:74:90:3d:
9b:a2:17:e2:28:f2:1f:39:ce:72:bd:a7:6d:ba:24:
ba:43:b7:c3:e9:56:1f:4b:b7:04:6d:a1:41:04:cd:
a6:c4:33:3d:ba:b0:94:b0:f7:a3:34:bb:97:32:5d:
43:fb:8c:d4:bc:c0:33:57:ba:c1:3e:7e:00:12:c1:
94:40:c6:74:8d:14:91:ff:9a:4d:30:98:a8:a1:68:
cf:85:e1:48:c7:33:bf:3f:df:92:70:05:e6:af:a2:
82:7b:f9:4e:54:06:eb:a2:fd:e5:50:4f:a2:5a:9c:
d2:7a:21:be:15:43:7a:7a:e2:92:3e:21:3a:88:0f:
41:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:27:97:C9:07:6E:7E:CD:DA:2C:21:77:38:B1:0F:D6:1B:4F:81:E4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TSeXyQdufs3aLCF3OLEP1htPgeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3d:48:8b:cb:7e:62:0e:35:c3:69:a0:31:94:dc:88:05:61:e3:
c5:7c:09:c6:98:e8:20:30:23:60:6c:83:b4:d4:4b:94:de:3a:
c5:c4:98:ce:9b:63:37:60:70:45:f5:41:f4:0b:6e:1c:e0:df:
22:69:55:f8:b3:78:f3:d5:96:5e:10:be:d5:52:6b:74:5d:fa:
34:fa:26:1b:ca:77:23:89:8a:45:66:ba:25:92:a5:47:9c:3c:
97:d5:ac:91:af:55:85:09:c2:5b:07:24:55:e7:88:1f:cd:28:
08:e6:e6:9c:e7:b8:89:68:a2:bf:4f:e2:95:97:91:fd:7f:85:
db:7b:01:af:e9:fe:fb:a4:0b:1b:cb:4b:43:f7:8b:d7:ab:57:
5b:2f:0f:24:2e:7e:90:73:84:44:db:a6:d9:fe:ea:5f:cc:4a:
d4:2b:0f:ef:55:80:65:a5:db:8b:0c:30:87:4c:1e:03:c7:cf:
9c:f2:96:6b:31:28:45:1f:30:4d:85:41:1e:1a:fa:fa:c0:d4:
77:26:c8:b3:d3:07:ec:ab:24:59:a3:52:a4:86:f5:94:a6:da:
e5:1d:6c:56:ac:89:c1:ab:3d:8a:1a:52:a4:56:02:58:86:2f:
3b:5b:89:8d:17:08:43:0a:27:dd:94:6f:22:31:48:c7:18:2b:
5c:60:0f:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0J0cyarm8AGODCxQSZpupqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE0MjExMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDI3OTdjOTA3NmU3ZWNkZGEyYzIxNzczOGIxMGZkNjFiNGY4MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro2TIYBYSZPZEdTMiUBGOIE8SEuH
ghgPdkFSWlknoZQ4jBUGObF30X7wymJgHyrx7b4Cwmi1gOg2xK+Bm2/bBSWu+C3C
us02+tbwvKxDuR7K0QpxiCPBBODbcAffocFQBI5YGPkhWBOYFmAxFx6z6TRJKqjX
jLg+ihZx/ZeuxYKMhoV0kD2bohfiKPIfOc5yvadtuiS6Q7fD6VYfS7cEbaFBBM2m
xDM9urCUsPejNLuXMl1D+4zUvMAzV7rBPn4AEsGUQMZ0jRSR/5pNMJiooWjPheFI
xzO/P9+ScAXmr6KCe/lOVAbrov3lUE+iWpzSeiG+FUN6euKSPiE6iA9BJwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE0nl8kHbn7N2iwhdzixD9YbT4HkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVFNlWHlRZHVmczNhTENGM09MRVAxaHRQZ2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD1Ii8t+Yg41w2mgMZTc
iAVh48V8CcaY6CAwI2Bsg7TUS5TeOsXEmM6bYzdgcEX1QfQLbhzg3yJpVfizePPV
ll4QvtVSa3Rd+jT6JhvKdyOJikVmuiWSpUecPJfVrJGvVYUJwlsHJFXniB/NKAjm
5pznuIloor9P4pWXkf1/hdt7Aa/p/vukCxvLS0P3i9erV1svDyQufpBzhETbptn+
6l/MStQrD+9VgGWl24sMMIdMHgPHz5zylmsxKEUfME2FQR4a+vrA1HcmyLPTB+yr
JFmjUqSG9ZSm2uUdbFasicGrPYoaUqRWAliGLztbiY0XCEMKJ92UbyIxSMcYK1xg
D4E=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:52 2025 by rpki-client