Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UVFqtWfWQviHuKvlXNx2CJgFEiE.roa
File: UVFqtWfWQviHuKvlXNx2CJgFEiE.roa (raw, json)
Hash identifier: 7FUT3a6/UEh3C963TPlNtBU1e4CZF4YM4UDdr4nTomw=
Subject key identifier: 51:51:6A:B5:67:D6:42:F8:87:B8:AB:E5:5C:DC:76:08:98:05:12:21
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9BB6D06816A4F51D901972F926961713
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UVFqtWfWQviHuKvlXNx2CJgFEiE.roa
Signing time: Sun 24 Dec 2023 12:04:58 +0000
ROA not before: Sun 24 Dec 2023 12:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18c:9bb6:2425/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9b:b6:d0:68:16:a4:f5:1d:90:19:72:f9:26:96:17:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 12:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=51516ab567d642f887b8abe55cdc760898051221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4f:e0:8b:b6:e3:7b:5a:9a:f1:14:d4:ab:51:
6b:b4:dd:22:75:4b:36:92:f4:b1:85:f9:29:da:bf:
48:f8:76:82:9a:47:36:56:e5:48:b6:87:02:3f:ad:
13:a4:92:d5:fc:c1:89:b1:ab:02:1c:c3:c8:ed:21:
34:db:3a:48:df:9c:5e:19:37:85:35:a3:01:e2:78:
55:7c:ff:2d:0d:4c:c7:4f:5e:5f:2e:e0:7d:dc:3a:
4c:ed:51:89:e5:d4:44:39:cd:71:b7:32:0a:6a:2f:
ee:ea:0b:53:53:63:5f:fb:dc:7c:30:25:ea:12:46:
83:c5:d5:2d:fa:7b:0f:34:7b:54:58:e8:8e:20:d9:
8e:e9:5f:08:b1:0b:80:f8:06:4b:d7:ad:b9:7a:38:
cb:5f:5d:39:b0:5c:92:71:07:b0:5a:ca:22:0c:fc:
65:2b:c5:6a:19:3c:81:1e:68:77:c9:90:49:5e:36:
09:30:80:af:4e:31:4d:92:56:d3:f3:c3:28:9e:62:
81:e5:b2:28:82:c8:8c:dc:ec:b0:0a:3b:a6:13:66:
78:00:6e:b7:d5:4c:51:b2:a8:85:4f:95:69:a0:80:
40:f8:7c:6f:86:31:ee:16:59:7c:00:da:f4:39:1a:
27:d1:b2:b9:e4:08:18:73:54:86:ee:b7:79:4a:36:
98:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:51:6A:B5:67:D6:42:F8:87:B8:AB:E5:5C:DC:76:08:98:05:12:21
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UVFqtWfWQviHuKvlXNx2CJgFEiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:4c:57:9e:99:e4:e9:c2:5e:9a:d4:43:d4:c8:b6:41:f3:24:
36:db:e1:04:51:de:e0:68:8d:f8:32:2a:06:00:45:45:67:ca:
e3:34:37:6f:db:44:b6:56:18:7e:63:43:ad:cb:99:4a:b3:fa:
4b:fd:24:5a:76:09:ed:5f:6e:a3:94:4d:8d:04:65:73:d7:61:
cb:32:6a:05:2c:fa:d5:52:81:96:02:19:48:e6:f9:e6:a8:73:
f4:4e:cc:56:01:cc:1a:54:0e:4e:7e:df:ac:20:b2:1a:a8:f7:
49:99:66:f9:9b:76:64:ee:85:6b:a4:83:0f:70:71:a8:1f:e6:
58:1d:47:c9:08:35:e0:6b:50:49:41:00:33:99:fd:97:dc:a1:
6e:e7:eb:82:da:19:40:1d:26:39:c4:26:09:f7:d2:b7:8f:8a:
c0:92:62:77:14:be:b0:6c:14:fd:4b:c8:9a:a0:b7:18:f2:40:
55:87:e6:1f:98:d0:58:f7:69:4f:a2:d9:c3:9c:68:9a:a4:7d:
2b:86:6e:82:2f:3e:5c:20:36:4d:31:82:e3:f2:e1:5f:de:8b:
f8:66:a5:8c:15:1b:ce:75:10:73:19:d4:b8:57:87:6d:a5:5d:
b7:46:30:06:ca:cd:17:39:d0:04:ea:d7:7f:64:d1:45:f2:24:
b6:4a:eb:b0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYybttBoFqT1HZAZcvkmlhcTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MTIwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTUxNmFiNTY3ZDY0MmY4ODdiOGFiZTU1Y2RjNzYwODk4MDUxMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0/gi7bje1qa8RTUq1FrtN0idUs2
kvSxhfkp2r9I+HaCmkc2VuVItocCP60TpJLV/MGJsasCHMPI7SE02zpI35xeGTeF
NaMB4nhVfP8tDUzHT15fLuB93DpM7VGJ5dREOc1xtzIKai/u6gtTU2Nf+9x8MCXq
EkaDxdUt+nsPNHtUWOiOINmO6V8IsQuA+AZL1625ejjLX105sFyScQewWsoiDPxl
K8VqGTyBHmh3yZBJXjYJMICvTjFNklbT88MonmKB5bIogsiM3OywCjumE2Z4AG63
1UxRsqiFT5VpoIBA+HxvhjHuFll8ANr0ORon0bK55AgYc1SG7rd5SjaYrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFFRarVn1kL4h7ir5VzcdgiYBRIhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVVZGcXRXZldRdmlIdUt2bFhOeDJDSmdGRWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACxMV56Z5OnCXprUQ9TI
tkHzJDbb4QRR3uBojfgyKgYARUVnyuM0N2/bRLZWGH5jQ63LmUqz+kv9JFp2Ce1f
bqOUTY0EZXPXYcsyagUs+tVSgZYCGUjm+eaoc/ROzFYBzBpUDk5+36wgshqo90mZ
ZvmbdmTuhWukgw9wcagf5lgdR8kINeBrUElBADOZ/ZfcoW7n64LaGUAdJjnEJgn3
0rePisCSYncUvrBsFP1LyJqgtxjyQFWH5h+Y0Fj3aU+i2cOcaJqkfSuGboIvPlwg
Nk0xguPy4V/ei/hmpYwVG851EHMZ1LhXh22lXbdGMAbKzRc50ATq139k0UXyJLZK
67A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:54 2025 by rpki-client