Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TogPJC2RS8pi--QZz4gzlKGh6EA.roa
File: TogPJC2RS8pi--QZz4gzlKGh6EA.roa (raw, json)
Hash identifier: G/cYmevjqsEKdpspG4vaTK/zVzii6NFkxpuia6Q2rQA=
Subject key identifier: 4E:88:0F:24:2D:91:4B:CA:62:FB:E4:19:CF:88:33:94:A1:A1:E8:40
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D35985361A9334D3A3B7EFC0DCAAB3A4E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TogPJC2RS8pi--QZz4gzlKGh6EA.roa
Signing time: Tue 23 Jan 2024 09:13:11 +0000
ROA not before: Tue 23 Jan 2024 09:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:98:53:61:a9:33:4d:3a:3b:7e:fc:0d:ca:ab:3a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 23 09:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e880f242d914bca62fbe419cf883394a1a1e840
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b5:3a:53:d9:50:50:63:86:4a:85:bd:81:63:
09:40:03:fa:51:c4:a4:9d:42:fa:8a:00:57:7d:4d:
32:9b:91:5d:b4:80:5b:d9:8c:ce:62:8b:20:5b:b1:
da:2d:6a:40:cb:14:d6:03:4f:d4:62:e6:64:2d:e5:
10:48:5d:44:b4:9c:68:c0:28:51:f2:81:bf:20:68:
25:83:67:ee:4e:80:94:c8:3b:14:7d:28:fe:68:6c:
1c:55:d6:6a:7f:35:43:25:f8:37:17:8a:21:79:a2:
b5:b1:f6:1d:1b:8f:8b:69:97:c6:a0:a5:a6:ef:53:
83:2d:6c:c7:67:e6:97:f4:9b:e2:7a:6d:d2:c3:ff:
3b:6c:b4:77:3b:df:9a:de:0a:fd:b2:41:7d:4a:9a:
cf:74:7f:85:21:7e:a1:7c:02:dd:13:77:fb:0e:ee:
24:c0:32:4f:64:53:cd:3a:92:9a:1a:28:6e:db:3d:
dc:6b:3a:9c:a9:8c:a7:4b:17:a3:40:9c:0f:de:35:
77:a4:a3:23:36:c1:f9:5a:e9:e6:2a:32:02:44:e7:
cf:24:c5:1c:05:51:ab:f0:08:8b:49:6e:62:08:5e:
36:60:12:b9:36:cf:28:03:2f:90:f4:b3:39:96:a4:
af:12:78:83:1e:48:fe:21:3a:49:c0:a3:dc:fb:5b:
eb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:88:0F:24:2D:91:4B:CA:62:FB:E4:19:CF:88:33:94:A1:A1:E8:40
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TogPJC2RS8pi--QZz4gzlKGh6EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:d6:70:ab:5d:15:7c:b7:bd:54:71:29:5b:57:9e:d7:61:f5:
92:45:26:87:3d:0c:5e:97:b5:21:fc:40:b8:ac:a3:ab:40:3a:
50:9c:e6:7a:db:fc:12:3b:9a:08:91:aa:a5:e6:a8:d9:92:0e:
ce:ac:9b:46:4e:ae:8b:87:26:60:d5:4c:77:57:3c:69:db:d3:
9f:c3:e0:1d:39:6f:7b:cb:26:e0:3c:38:ce:5b:b1:8c:c8:77:
68:22:8f:05:0f:a6:d4:99:d1:88:64:c7:5e:8e:a2:f4:28:01:
47:73:8e:dd:1e:e2:33:8f:cc:10:4e:5e:30:8f:57:a3:13:1f:
5f:62:63:b2:f7:62:75:4e:a1:b8:cc:cf:08:15:c6:18:54:2b:
2a:85:71:34:46:bc:8f:78:b6:29:e7:1b:40:aa:97:e5:69:44:
2c:f5:ea:70:f5:b1:25:c1:01:4f:aa:80:25:91:6a:2d:ea:e4:
48:ee:56:55:21:04:c3:83:51:b9:03:c0:14:8c:77:80:8f:f8:
e2:d6:bc:90:e2:33:ac:c5:d8:4d:41:34:a9:a8:e3:5d:fa:03:
3e:6d:01:b0:14:bb:d5:87:6f:d1:f8:01:5f:5c:c5:c8:04:51:
1c:51:fb:2a:32:b1:21:e6:6f:fb:a9:4d:f9:26:bd:c9:a0:c3:
fc:43:1d:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY01mFNhqTNNOjt+/A3KqzpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIzMDkxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTg4MGYyNDJkOTE0YmNhNjJmYmU0MTljZjg4MzM5NGExYTFlODQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7U6U9lQUGOGSoW9gWMJQAP6UcSk
nUL6igBXfU0ym5FdtIBb2YzOYosgW7HaLWpAyxTWA0/UYuZkLeUQSF1EtJxowChR
8oG/IGglg2fuToCUyDsUfSj+aGwcVdZqfzVDJfg3F4oheaK1sfYdG4+LaZfGoKWm
71ODLWzHZ+aX9Jviem3Sw/87bLR3O9+a3gr9skF9SprPdH+FIX6hfALdE3f7Du4k
wDJPZFPNOpKaGihu2z3cazqcqYynSxejQJwP3jV3pKMjNsH5WunmKjICROfPJMUc
BVGr8AiLSW5iCF42YBK5Ns8oAy+Q9LM5lqSvEniDHkj+ITpJwKPc+1vrRQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE6IDyQtkUvKYvvkGc+IM5ShoehAMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVG9nUEpDMlJTOHBpLS1RWno0Z3psS0doNkVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEnWcKtdFXy3vVRxKVtX
ntdh9ZJFJoc9DF6XtSH8QLiso6tAOlCc5nrb/BI7mgiRqqXmqNmSDs6sm0ZOrouH
JmDVTHdXPGnb05/D4B05b3vLJuA8OM5bsYzId2gijwUPptSZ0Yhkx16OovQoAUdz
jt0e4jOPzBBOXjCPV6MTH19iY7L3YnVOobjMzwgVxhhUKyqFcTRGvI94tinnG0Cq
l+VpRCz16nD1sSXBAU+qgCWRai3q5EjuVlUhBMODUbkDwBSMd4CP+OLWvJDiM6zF
2E1BNKmo4136Az5tAbAUu9WHb9H4AV9cxcgEURxR+yoysSHmb/upTfkmvcmgw/xD
HXg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:05 2025 by rpki-client