Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TdiI-rKCbV_ogeTpyEeuj365tog.roa
File: TdiI-rKCbV_ogeTpyEeuj365tog.roa (raw, json)
Hash identifier: qO+bk3vPqvaGHQvgRajYwTEaHYswxZA2I3I70M1NgBs=
Subject key identifier: 4D:D8:88:FA:B2:82:6D:5F:E8:81:E4:E9:C8:47:AE:8F:7E:B9:B6:88
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C935FCCDB5A1A0A995DB57F2734667317
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TdiI-rKCbV_ogeTpyEeuj365tog.roa
Signing time: Fri 22 Dec 2023 21:12:58 +0000
ROA not before: Fri 22 Dec 2023 21:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:93:5f:cc:db:5a:1a:0a:99:5d:b5:7f:27:34:66:73:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 21:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4dd888fab2826d5fe881e4e9c847ae8f7eb9b688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f1:d9:1c:50:20:32:92:27:37:f8:42:38:6a:
f5:67:86:d4:19:f6:05:e3:d9:be:b3:23:a6:79:64:
70:d2:89:7a:f3:95:b9:eb:c0:0d:aa:5d:f8:5f:0b:
23:e5:38:f1:09:17:82:06:2f:55:86:47:c1:a8:e3:
c4:d1:99:9c:cf:78:9e:c2:92:f0:27:4c:8a:00:b5:
95:e1:91:b0:b4:b9:56:53:06:26:ed:80:23:0c:af:
b1:6b:ff:ea:ed:7c:f6:a4:aa:2a:12:26:ea:ef:e4:
0d:2f:2c:0a:8a:6b:b4:d3:18:e2:58:52:49:73:24:
8c:7e:80:7c:45:f3:b2:f8:53:0d:0d:9e:d0:c2:43:
d0:8f:45:a5:8a:ac:8d:e4:03:eb:54:d7:77:cb:c3:
1e:41:be:d1:e1:bb:03:34:61:32:e5:47:f6:7d:50:
9c:23:cd:6a:22:26:69:97:78:12:33:df:eb:c7:ea:
22:3f:77:8a:30:3c:23:4d:f3:b2:6f:62:26:9e:0a:
97:df:3e:ed:ff:e5:55:68:9d:f2:a2:ea:a7:15:62:
29:d5:32:73:f4:fa:e0:e6:1f:f4:79:cb:c8:78:39:
4a:87:d8:18:0e:40:2b:43:59:b8:21:08:d5:a4:b5:
cd:fc:57:c2:69:15:ca:30:2d:6f:06:2b:8b:ca:b6:
29:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D8:88:FA:B2:82:6D:5F:E8:81:E4:E9:C8:47:AE:8F:7E:B9:B6:88
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TdiI-rKCbV_ogeTpyEeuj365tog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:b9:db:27:79:ee:b9:98:ce:d3:82:ef:1c:04:4c:2d:81:e1:
a9:b1:92:da:45:4f:3e:95:c6:e9:aa:b4:55:45:35:34:8a:1a:
e8:70:16:fa:17:10:25:a3:8b:96:d0:0a:db:0a:a6:68:0f:be:
a5:ec:8a:a4:f2:e3:5a:ed:56:bd:bf:e0:16:ec:01:cf:e7:10:
83:ce:6d:33:56:a3:d1:00:98:81:a2:80:9f:df:5c:9a:75:94:
8b:c7:32:38:73:32:83:29:08:2c:1f:c3:43:22:d9:73:b4:0a:
a4:eb:f6:f3:f7:e6:c1:d3:97:38:26:76:a7:92:7e:23:15:71:
02:49:b1:a6:fc:82:61:39:5e:46:b2:a7:a0:01:9b:8e:56:5a:
80:c0:a6:d8:9d:64:40:df:c2:1c:cc:27:d2:89:c7:7e:6f:83:
49:1a:38:54:41:a3:e6:0d:06:ba:8f:66:ea:c8:2a:ec:59:91:
66:88:9f:c4:31:fa:eb:b9:4c:3f:c0:24:1d:04:c5:2f:9b:11:
5c:fe:76:b2:12:c3:46:a2:5e:28:11:5c:ff:4f:65:21:be:3e:
21:44:ff:03:3e:16:c7:15:9e:b6:1f:01:b6:73:d1:b5:5c:51:
47:8f:c8:57:40:f5:d3:0f:8c:21:99:44:46:b3:4d:28:9d:31:
88:81:61:31
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyTX8zbWhoKmV21fyc0ZnMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMjExMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGQ4ODhmYWIyODI2ZDVmZTg4MWU0ZTljODQ3YWU4ZjdlYjliNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/HZHFAgMpInN/hCOGr1Z4bUGfYF
49m+syOmeWRw0ol685W568ANql34Xwsj5TjxCReCBi9VhkfBqOPE0Zmcz3iewpLw
J0yKALWV4ZGwtLlWUwYm7YAjDK+xa//q7Xz2pKoqEibq7+QNLywKimu00xjiWFJJ
cySMfoB8RfOy+FMNDZ7QwkPQj0WliqyN5APrVNd3y8MeQb7R4bsDNGEy5Uf2fVCc
I81qIiZpl3gSM9/rx+oiP3eKMDwjTfOyb2ImngqX3z7t/+VVaJ3youqnFWIp1TJz
9Prg5h/0ecvIeDlKh9gYDkArQ1m4IQjVpLXN/FfCaRXKMC1vBiuLyrYpmwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE3YiPqygm1f6IHk6chHro9+ubaIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVGRpSS1yS0NiVl9vZ2VUcHlFZXVqMzY1dG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADS52yd57rmYztOC7xwE
TC2B4amxktpFTz6VxumqtFVFNTSKGuhwFvoXECWji5bQCtsKpmgPvqXsiqTy41rt
Vr2/4BbsAc/nEIPObTNWo9EAmIGigJ/fXJp1lIvHMjhzMoMpCCwfw0Mi2XO0CqTr
9vP35sHTlzgmdqeSfiMVcQJJsab8gmE5Xkayp6ABm45WWoDAptidZEDfwhzMJ9KJ
x35vg0kaOFRBo+YNBrqPZurIKuxZkWaIn8Qx+uu5TD/AJB0ExS+bEVz+drISw0ai
XigRXP9PZSG+PiFE/wM+FscVnrYfAbZz0bVcUUePyFdA9dMPjCGZREazTSidMYiB
YTE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:47 2025 by rpki-client