Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TUeJ8wknt3z_zf9vo56COGyjM9k.roa
File: TUeJ8wknt3z_zf9vo56COGyjM9k.roa (raw, json)
Hash identifier: gxBxKPJypIpx0H1AtQjnoDGRQkJnWExKtXqqMNXjvnQ=
Subject key identifier: 4D:47:89:F3:09:27:B7:7C:FF:CD:FF:6F:A3:9E:82:38:6C:A3:33:D9
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DFE0134AFA23482DFD7077B794D37B094
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TUeJ8wknt3z_zf9vo56COGyjM9k.roa
Signing time: Sat 02 Mar 2024 07:11:48 +0000
ROA not before: Sat 02 Mar 2024 07:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fe:01:34:af:a2:34:82:df:d7:07:7b:79:4d:37:b0:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 07:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d4789f30927b77cffcdff6fa39e82386ca333d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9d:52:84:01:45:93:8c:05:bd:9c:51:e0:ca:
c5:aa:72:ee:9e:02:1a:53:45:81:e0:4d:3a:c2:47:
b6:03:29:d2:27:7f:b2:f1:31:0d:28:03:46:64:b0:
f8:b8:02:a6:49:21:b3:4b:84:b0:c9:90:51:3f:77:
42:06:c4:4b:cd:8c:2f:68:55:25:ee:14:a9:42:8b:
e4:64:01:a0:90:1d:7c:f6:95:21:b3:dc:69:36:7d:
51:dd:cc:b2:0a:ca:be:d2:2d:59:9b:a3:8c:ff:49:
52:47:0b:bf:6c:99:48:d7:39:b3:99:cb:f2:34:cd:
4a:66:41:f0:74:a6:6a:65:21:11:8b:dc:2f:0c:b1:
7e:6c:37:19:4b:30:28:9f:47:93:58:e9:b5:77:05:
85:e8:fa:58:32:18:57:98:2f:1b:c6:ab:eb:bc:c8:
6d:fd:05:35:3e:43:31:4a:a8:2f:c5:19:e4:3a:bd:
93:91:3f:1a:13:d7:b8:e7:57:98:e2:85:cf:89:7d:
5c:ba:c4:58:09:a0:13:4e:5e:bc:55:3e:23:7f:31:
72:f5:fc:d4:4f:6e:15:46:60:51:39:16:eb:b8:9f:
60:c8:4c:1a:98:f7:96:31:2b:98:9c:9f:9b:a6:7e:
80:4a:7a:d3:92:39:be:e1:f4:94:d2:0c:78:ef:d2:
86:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:47:89:F3:09:27:B7:7C:FF:CD:FF:6F:A3:9E:82:38:6C:A3:33:D9
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TUeJ8wknt3z_zf9vo56COGyjM9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:de:91:17:a9:a7:77:d8:29:ad:b1:6d:0b:83:31:16:35:95:
cc:9d:4d:9c:a9:c9:b6:6d:31:6b:7d:7b:84:a3:4c:45:d1:d0:
07:88:15:29:61:33:be:30:bc:96:d5:ba:aa:fe:49:f0:72:71:
23:f6:9d:b5:d9:0d:81:21:6d:5a:b9:89:d0:e9:f2:aa:fd:88:
b1:51:eb:1a:42:39:e5:c2:01:6f:64:c5:4e:f2:69:1d:a6:b7:
b9:8c:4d:51:ba:ed:4f:bc:0d:3d:a8:f6:7d:04:11:c8:53:4c:
df:b1:f8:99:e5:ec:ee:af:ef:5b:c4:c1:4c:ff:45:b0:ab:de:
fc:55:db:0a:42:bb:7f:f5:7a:a1:43:b6:cf:32:fb:2f:63:40:
e6:71:bd:c9:6d:31:bc:0a:19:3f:f3:04:b4:f3:4c:1c:af:2c:
91:e4:a6:87:ce:65:0a:72:18:91:f9:52:09:67:e2:ba:05:bb:
c0:68:66:1e:37:2a:ea:1d:1c:0b:a2:83:a0:ec:86:68:40:6b:
3b:5e:c0:70:00:78:f3:fc:c6:38:0b:c2:f0:d1:c5:9c:93:a4:
8c:0f:f8:f1:c6:0b:3e:74:6a:a5:72:93:96:2b:d2:9a:4a:4d:
0a:0c:75:5c:1f:b8:d3:da:21:1c:c0:e9:12:d6:27:6c:75:7d:
3f:f7:24:e8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3+ATSvojSC39cHe3lNN7CUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMDcxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDQ3ODlmMzA5MjdiNzdjZmZjZGZmNmZhMzllODIzODZjYTMzM2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo51ShAFFk4wFvZxR4MrFqnLungIa
U0WB4E06wke2AynSJ3+y8TENKANGZLD4uAKmSSGzS4SwyZBRP3dCBsRLzYwvaFUl
7hSpQovkZAGgkB189pUhs9xpNn1R3cyyCsq+0i1Zm6OM/0lSRwu/bJlI1zmzmcvy
NM1KZkHwdKZqZSERi9wvDLF+bDcZSzAon0eTWOm1dwWF6PpYMhhXmC8bxqvrvMht
/QU1PkMxSqgvxRnkOr2TkT8aE9e451eY4oXPiX1cusRYCaATTl68VT4jfzFy9fzU
T24VRmBRORbruJ9gyEwamPeWMSuYnJ+bpn6ASnrTkjm+4fSU0gx479KGxQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE1HifMJJ7d8/83/b6OegjhsozPZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVFVlSjh3a250M3pfemY5dm81NkNPR3lqTTlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEnekRepp3fYKa2xbQuD
MRY1lcydTZypybZtMWt9e4SjTEXR0AeIFSlhM74wvJbVuqr+SfBycSP2nbXZDYEh
bVq5idDp8qr9iLFR6xpCOeXCAW9kxU7yaR2mt7mMTVG67U+8DT2o9n0EEchTTN+x
+Jnl7O6v71vEwUz/RbCr3vxV2wpCu3/1eqFDts8y+y9jQOZxvcltMbwKGT/zBLTz
TByvLJHkpofOZQpyGJH5Ugln4roFu8BoZh43KuodHAuig6DshmhAaztewHAAePP8
xjgLwvDRxZyTpIwP+PHGCz50aqVyk5Yr0ppKTQoMdVwfuNPaIRzA6RLWJ2x1fT/3
JOg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:47 2025 by rpki-client