Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UbXAfqhh2BnJFlyMkhk3BH5YeyQ.roa
File: UbXAfqhh2BnJFlyMkhk3BH5YeyQ.roa (raw, json)
Hash identifier: RawqKWl5FzZsw29ck8rNZ/QROUYoIQUugEp2asxNAY0=
Subject key identifier: 51:B5:C0:7E:A8:61:D8:19:C9:16:5C:8C:92:19:37:04:7E:58:7B:24
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DF3AE411D3A77FE7F45322E0D3F92D0D5
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UbXAfqhh2BnJFlyMkhk3BH5YeyQ.roa
Signing time: Thu 29 Feb 2024 07:04:59 +0000
ROA not before: Thu 29 Feb 2024 07:04:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18d:f3ad:9ba4/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f3:ae:41:1d:3a:77:fe:7f:45:32:2e:0d:3f:92:d0:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 29 07:04:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=51b5c07ea861d819c9165c8c921937047e587b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:3a:50:31:b5:dc:9e:9e:81:80:3c:1c:f8:99:
ab:f5:03:2f:d8:1d:ae:6e:3d:ec:04:71:02:18:99:
8a:33:64:d8:68:b6:4c:13:fa:bd:6d:85:57:20:e6:
c3:f4:15:01:d6:e2:b1:a6:8b:36:ce:bd:0e:bd:3a:
a4:65:8e:ed:79:9f:2d:f7:81:ae:d3:dc:44:dd:8d:
56:dd:52:48:04:14:f7:60:57:da:11:e1:a2:46:f3:
67:60:14:f4:47:78:17:05:89:e3:b0:5f:65:42:f4:
55:d1:81:be:91:ad:ad:d8:ff:cd:4a:27:1b:ef:01:
bf:78:8c:a7:f2:75:88:de:56:6a:3d:1e:22:34:ad:
b2:6b:a0:e5:3f:2c:6f:4b:a5:fc:83:52:0b:e8:1e:
9f:df:9f:38:94:ab:08:01:8c:73:f9:04:89:ae:74:
76:df:9a:a5:cd:57:a9:eb:96:fd:0a:93:bf:49:a5:
f1:cf:bc:74:7b:bf:9b:60:8d:cb:25:4d:cd:6e:5c:
17:1d:f6:a7:e3:c8:fb:43:8c:d1:e0:38:c3:9b:e2:
4b:b2:b6:92:a6:ab:16:0a:d8:4b:31:b2:1d:96:aa:
fe:05:22:b0:96:0e:6c:ad:68:4b:72:84:6e:66:78:
c7:24:c6:cf:42:3e:48:8f:5d:90:ed:df:6b:44:b7:
49:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B5:C0:7E:A8:61:D8:19:C9:16:5C:8C:92:19:37:04:7E:58:7B:24
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/UbXAfqhh2BnJFlyMkhk3BH5YeyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a0:f6:a9:b0:6e:c7:c0:d6:dc:59:85:7f:10:99:d0:8c:0b:a1:
27:48:9c:5a:65:14:c3:fe:9f:4f:70:25:8c:dd:39:06:fb:42:
94:5f:1e:62:b2:57:a1:39:b4:3d:fa:73:8b:7c:37:c6:0e:f0:
d8:bf:bb:7b:7f:b0:7e:82:3b:d1:5a:02:28:c0:f1:27:6b:16:
a8:f1:3e:86:1a:7a:68:8d:e7:ec:70:9e:63:9d:93:b0:5f:d6:
0d:fc:f5:01:ca:9e:b2:ac:b6:47:b9:59:0c:44:35:9a:56:7a:
05:38:91:76:dd:37:d8:bf:21:da:1a:32:3e:5d:69:6d:f7:22:
9d:b7:af:f5:ed:f9:d7:26:86:1d:cd:2b:6c:27:7e:99:55:00:
0c:19:2b:93:9a:af:86:37:b2:03:f0:87:c0:5b:76:91:57:cc:
b4:84:50:00:0a:88:5f:2d:16:00:ab:4e:19:50:b5:b8:e1:97:
bc:d7:18:67:a7:93:9a:9d:9e:e1:46:ce:0e:e7:ed:f6:df:a2:
f8:50:66:d9:5f:f3:52:6c:d3:8d:e7:cf:c5:61:5f:0c:a2:51:
07:28:da:cc:1b:8c:ff:80:93:b0:71:aa:70:05:82:3b:64:3f:
2e:e5:db:9b:fd:b4:41:3a:13:d7:ca:25:5d:21:fa:7a:da:d1:
ae:3f:29:d9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3zrkEdOnf+f0UyLg0/ktDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI5MDcwNDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWI1YzA3ZWE4NjFkODE5YzkxNjVjOGM5MjE5MzcwNDdlNTg3YjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzpQMbXcnp6BgDwc+Jmr9QMv2B2u
bj3sBHECGJmKM2TYaLZME/q9bYVXIObD9BUB1uKxpos2zr0OvTqkZY7teZ8t94Gu
09xE3Y1W3VJIBBT3YFfaEeGiRvNnYBT0R3gXBYnjsF9lQvRV0YG+ka2t2P/NSicb
7wG/eIyn8nWI3lZqPR4iNK2ya6DlPyxvS6X8g1IL6B6f3584lKsIAYxz+QSJrnR2
35qlzVep65b9CpO/SaXxz7x0e7+bYI3LJU3NblwXHfan48j7Q4zR4DjDm+JLsraS
pqsWCthLMbIdlqr+BSKwlg5srWhLcoRuZnjHJMbPQj5Ij12Q7d9rRLdJ/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFG1wH6oYdgZyRZcjJIZNwR+WHskMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVWJYQWZxaGgyQm5KRmx5TWtoazNCSDVZZXlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKD2qbBux8DW3FmFfxCZ
0IwLoSdInFplFMP+n09wJYzdOQb7QpRfHmKyV6E5tD36c4t8N8YO8Ni/u3t/sH6C
O9FaAijA8SdrFqjxPoYaemiN5+xwnmOdk7Bf1g389QHKnrKstke5WQxENZpWegU4
kXbdN9i/IdoaMj5daW33Ip23r/Xt+dcmhh3NK2wnfplVAAwZK5Oar4Y3sgPwh8Bb
dpFXzLSEUAAKiF8tFgCrThlQtbjhl7zXGGenk5qdnuFGzg7n7fbfovhQZtlf81Js
043nz8VhXwyiUQco2swbjP+Ak7BxqnAFgjtkPy7l25v9tEE6E9fKJV0h+nra0a4/
Kdk=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:12 2025 by rpki-client