Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/U8kJ3PNJnLnSxrVcTYT1GCmGD74.roa
File: U8kJ3PNJnLnSxrVcTYT1GCmGD74.roa (raw, json)
Hash identifier: NdVHs3cDeybs5G91pkO+Sx4xOtkqJ5wYOAgsSoBgfUk=
Subject key identifier: 53:C9:09:DC:F3:49:9C:B9:D2:C6:B5:5C:4D:84:F5:18:29:86:0F:BE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9FD2C073F2AAB6214674CEDF1B84808E
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/U8kJ3PNJnLnSxrVcTYT1GCmGD74.roa
Signing time: Mon 25 Dec 2023 07:13:58 +0000
ROA not before: Mon 25 Dec 2023 07:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9f:d2:c0:73:f2:aa:b6:21:46:74:ce:df:1b:84:80:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 07:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53c909dcf3499cb9d2c6b55c4d84f51829860fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2a:e6:07:a5:74:7d:b1:3b:7d:11:8b:93:64:
fb:8a:e7:ab:7c:d8:cd:01:bc:a5:e7:8f:74:f0:ff:
36:91:2b:e6:19:f3:ae:df:c9:5e:8f:50:8a:c7:cb:
c3:8b:79:99:05:1b:01:66:93:95:fc:9a:61:36:6a:
e9:2c:89:64:d5:da:d5:1c:44:ca:a2:60:99:f8:61:
92:77:50:3c:35:65:2d:75:cc:81:c4:8b:8c:a0:20:
75:82:8f:e9:d0:fb:b5:c9:3e:50:bf:06:f1:36:68:
4a:98:4f:40:19:e6:86:03:62:89:2f:ca:8e:7a:cf:
70:2c:a4:5e:15:fd:3a:f1:f0:a4:04:a7:13:a6:a6:
84:fe:8b:51:6c:a2:5d:f4:2b:12:10:fc:cc:4c:a3:
ea:60:37:4d:1a:4e:75:60:58:db:7a:2e:f1:ee:24:
71:2c:85:1e:1f:7c:d7:54:c9:61:d1:8d:f7:e3:3c:
11:7a:84:93:a7:b9:57:ed:30:b1:f9:40:22:b9:15:
6a:85:67:01:6c:1d:e7:eb:4a:ab:c2:1c:93:fa:58:
61:5d:4d:75:7c:25:d5:62:e4:7a:70:03:0b:45:4d:
e3:21:2b:f2:ca:72:59:10:48:f4:ab:66:11:c3:04:
69:cd:f9:7f:c5:1e:97:37:b5:64:27:a5:ee:8c:68:
d3:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C9:09:DC:F3:49:9C:B9:D2:C6:B5:5C:4D:84:F5:18:29:86:0F:BE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/U8kJ3PNJnLnSxrVcTYT1GCmGD74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:64:4c:e8:20:18:65:dc:a7:cb:22:fd:2e:bc:08:31:dd:14:
d3:b7:dd:35:bf:c7:93:9f:fb:1d:2e:13:ec:83:16:43:1c:2d:
26:0d:2b:d0:48:bd:e8:dc:a9:8e:d5:ef:21:83:51:4b:12:40:
f9:c9:a4:c6:2e:97:e9:c9:42:a3:bd:8a:2e:a0:54:05:d8:9b:
e0:d5:2b:dc:9c:80:6a:3c:c1:19:29:6d:78:b2:46:d0:d2:d4:
c9:1b:41:7a:d1:a3:48:df:3e:6e:b2:3b:74:60:2a:35:2f:21:
82:13:a7:3e:76:0d:38:4e:36:63:ca:91:04:6c:97:b0:5c:15:
28:81:06:81:74:51:fd:f1:16:9a:25:74:59:37:52:96:cb:01:
85:b2:ca:86:91:78:52:06:84:85:50:cd:84:df:b1:4e:f6:69:
72:68:e1:2a:9a:77:c7:fe:c9:50:c1:34:56:ba:62:9d:01:58:
46:fa:4c:f6:45:fd:37:4c:5b:8a:77:a5:30:e1:6b:fd:2a:f2:
61:49:5a:5f:5b:5c:76:98:61:5e:da:e2:e7:c1:b7:90:71:bd:
05:d5:c3:54:68:21:99:ab:34:74:20:1c:5c:5a:fb:4a:eb:97:
fb:fe:5d:b1:c8:31:7d:b6:0b:73:17:52:ea:ea:74:9b:a5:a7:
a6:90:37:a3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyf0sBz8qq2IUZ0zt8bhICOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MDcxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2M5MDlkY2YzNDk5Y2I5ZDJjNmI1NWM0ZDg0ZjUxODI5ODYwZmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyrmB6V0fbE7fRGLk2T7iuerfNjN
Abyl54908P82kSvmGfOu38lej1CKx8vDi3mZBRsBZpOV/JphNmrpLIlk1drVHETK
omCZ+GGSd1A8NWUtdcyBxIuMoCB1go/p0Pu1yT5QvwbxNmhKmE9AGeaGA2KJL8qO
es9wLKReFf068fCkBKcTpqaE/otRbKJd9CsSEPzMTKPqYDdNGk51YFjbei7x7iRx
LIUeH3zXVMlh0Y334zwReoSTp7lX7TCx+UAiuRVqhWcBbB3n60qrwhyT+lhhXU11
fCXVYuR6cAMLRU3jISvyynJZEEj0q2YRwwRpzfl/xR6XN7VkJ6XujGjTrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFPJCdzzSZy50sa1XE2E9Rgphg++MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVThrSjNQTkpuTG5TeHJWY1RZVDFHQ21HRDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIVkTOggGGXcp8si/S68
CDHdFNO33TW/x5Of+x0uE+yDFkMcLSYNK9BIvejcqY7V7yGDUUsSQPnJpMYul+nJ
QqO9ii6gVAXYm+DVK9ycgGo8wRkpbXiyRtDS1MkbQXrRo0jfPm6yO3RgKjUvIYIT
pz52DThONmPKkQRsl7BcFSiBBoF0Uf3xFpoldFk3UpbLAYWyyoaReFIGhIVQzYTf
sU72aXJo4Sqad8f+yVDBNFa6Yp0BWEb6TPZF/TdMW4p3pTDha/0q8mFJWl9bXHaY
YV7a4ufBt5BxvQXVw1RoIZmrNHQgHFxa+0rrl/v+XbHIMX22C3MXUurqdJulp6aQ
N6M=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:09 2025 by rpki-client