Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TzQ7bMWBKs4Y-Se9Z3tBJdQmaWQ.roa
File: TzQ7bMWBKs4Y-Se9Z3tBJdQmaWQ.roa (raw, json)
Hash identifier: Gx+kkYDTBmqIBbzVHWZhH3YRs7Z05Bz1Yl+yLFP3if8=
Subject key identifier: 4F:34:3B:6C:C5:81:2A:CE:18:F9:27:BD:67:7B:41:25:D4:26:69:64
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D07E195C789E798DB09E4A71A54D49A9F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TzQ7bMWBKs4Y-Se9Z3tBJdQmaWQ.roa
Signing time: Sun 14 Jan 2024 12:10:40 +0000
ROA not before: Sun 14 Jan 2024 12:10:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:07:e1:95:c7:89:e7:98:db:09:e4:a7:1a:54:d4:9a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 14 12:10:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f343b6cc5812ace18f927bd677b4125d4266964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ab:9f:5d:71:1f:8f:68:da:8c:ac:7a:4d:c4:
98:97:29:75:07:5b:ac:b1:ce:e9:4d:81:d2:fd:c9:
94:59:0f:f6:4e:6e:43:ba:69:15:8e:c5:3d:3c:2d:
fe:02:1b:67:28:16:28:63:04:1b:00:5f:ab:88:be:
1c:14:50:b0:75:3a:88:ae:b2:07:0c:f4:bc:b2:99:
0a:dc:4a:45:c1:d1:aa:4a:d1:27:1b:7f:24:fa:1c:
34:8c:99:d4:20:e1:a3:23:a6:26:37:f3:0b:44:af:
ec:f9:4b:8f:ab:bc:67:29:24:44:29:f8:05:ac:f9:
51:e7:a2:a9:80:76:7b:1d:3e:f4:ff:b4:9a:39:3c:
bb:65:d2:cc:7a:18:6f:50:2d:eb:ce:05:dc:e9:b0:
2d:e7:e4:52:17:3e:77:4a:d7:27:f1:ae:38:f7:ff:
0c:53:69:7e:af:ac:be:58:88:c9:d7:9a:7f:a4:ac:
16:01:80:ee:34:b8:e7:53:87:46:cb:97:ee:d3:33:
7d:ad:dd:fe:8a:dd:ea:58:1a:32:04:f3:01:52:d0:
ca:40:0f:88:1c:33:be:10:0c:59:58:00:d9:fa:82:
e6:bb:3f:db:a2:84:d8:cc:c1:02:7a:4a:a4:ac:f7:
97:a6:9f:47:0a:1f:0a:3b:d7:5b:8c:25:62:38:74:
96:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:34:3B:6C:C5:81:2A:CE:18:F9:27:BD:67:7B:41:25:D4:26:69:64
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/TzQ7bMWBKs4Y-Se9Z3tBJdQmaWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
58:f3:50:5f:d5:01:45:f8:19:b5:58:e7:87:d9:11:68:06:4e:
91:d7:7b:44:a8:f4:23:73:23:65:00:cb:c6:3f:7c:1c:9a:c2:
d1:84:4e:64:cc:68:fe:56:d2:1e:37:8f:f7:09:49:7e:00:41:
91:2b:b4:28:67:61:8c:a6:49:db:c8:19:c2:37:f4:16:ff:ef:
51:bb:f1:01:cc:42:eb:c3:fd:b4:fc:54:47:46:3e:9c:20:8d:
06:9f:e0:3c:c7:a7:cf:cd:25:3f:cc:fc:b5:02:6f:6c:6e:7e:
89:de:c6:a6:ad:c1:cf:bf:4a:f5:99:72:70:29:8b:73:b8:6c:
7f:7f:85:f8:fa:5a:e1:e0:58:a6:0d:bb:ad:1e:fa:91:50:3e:
03:59:aa:2c:86:05:fe:30:bf:ed:ce:30:2f:e6:c3:97:f1:cc:
da:1d:cb:47:31:d6:5d:18:bc:d3:c6:56:02:95:f3:b5:a9:a1:
a9:93:03:f1:53:3f:2c:e5:ea:35:41:de:32:7f:0e:f9:33:ad:
c2:3a:97:ee:a0:60:fd:b0:b9:4f:50:36:a5:7b:22:6c:23:fc:
62:1d:a4:03:8a:a0:fd:81:ae:14:21:0a:cc:c9:a2:c1:2c:5a:
a0:c3:9e:9b:d1:01:fb:f3:05:f0:44:30:55:bb:93:a0:0b:d5:
9b:d1:2d:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0H4ZXHieeY2wnkpxpU1JqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE0MTIxMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM0M2I2Y2M1ODEyYWNlMThmOTI3YmQ2NzdiNDEyNWQ0MjY2OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKufXXEfj2jajKx6TcSYlyl1B1us
sc7pTYHS/cmUWQ/2Tm5DumkVjsU9PC3+AhtnKBYoYwQbAF+riL4cFFCwdTqIrrIH
DPS8spkK3EpFwdGqStEnG38k+hw0jJnUIOGjI6YmN/MLRK/s+UuPq7xnKSREKfgF
rPlR56KpgHZ7HT70/7SaOTy7ZdLMehhvUC3rzgXc6bAt5+RSFz53Stcn8a449/8M
U2l+r6y+WIjJ15p/pKwWAYDuNLjnU4dGy5fu0zN9rd3+it3qWBoyBPMBUtDKQA+I
HDO+EAxZWADZ+oLmuz/booTYzMECekqkrPeXpp9HCh8KO9dbjCViOHSWKwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE80O2zFgSrOGPknvWd7QSXUJmlkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVHpRN2JNV0JLczRZLVNlOVozdEJKZFFtYVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFjzUF/VAUX4GbVY54fZ
EWgGTpHXe0So9CNzI2UAy8Y/fByawtGETmTMaP5W0h43j/cJSX4AQZErtChnYYym
SdvIGcI39Bb/71G78QHMQuvD/bT8VEdGPpwgjQaf4DzHp8/NJT/M/LUCb2xufone
xqatwc+/SvWZcnApi3O4bH9/hfj6WuHgWKYNu60e+pFQPgNZqiyGBf4wv+3OMC/m
w5fxzNody0cx1l0YvNPGVgKV87WpoamTA/FTPyzl6jVB3jJ/DvkzrcI6l+6gYP2w
uU9QNqV7Imwj/GIdpAOKoP2BrhQhCszJosEsWqDDnpvRAfvzBfBEMFW7k6AL1ZvR
LfY=
-----END CERTIFICATE-----
Generated at Mon Apr 21 07:35:40 2025 by rpki-client