Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uk0wNR9OUXCCBsjgsJ8l5BE2pxc.roa
File: Uk0wNR9OUXCCBsjgsJ8l5BE2pxc.roa (raw, json)
Hash identifier: Aoddmq/YItbFzJv154FYigtep07kF5wofFn8ldY3U1s=
Subject key identifier: 52:4D:30:35:1F:4E:51:70:82:06:C8:E0:B0:9F:25:E4:11:36:A7:17
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D9B86BE5B1EA930EFA05F796846C1FD3D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uk0wNR9OUXCCBsjgsJ8l5BE2pxc.roa
Signing time: Mon 12 Feb 2024 04:15:15 +0000
ROA not before: Mon 12 Feb 2024 04:15:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:9b:86:be:5b:1e:a9:30:ef:a0:5f:79:68:46:c1:fd:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 12 04:15:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=524d30351f4e51708206c8e0b09f25e41136a717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d9:e6:29:73:5d:e6:62:15:2b:1a:99:e0:a4:
45:74:6e:9a:f8:41:8c:9e:b0:f9:5e:c5:38:89:f3:
54:ea:f4:3b:28:2e:61:7f:a5:25:01:ad:c4:5e:dc:
99:86:33:36:f0:d7:66:0c:fa:80:94:c3:f8:a5:bd:
d4:4b:5b:eb:4a:96:fb:2d:b3:8f:6c:16:7a:d4:92:
ba:75:40:d0:b8:ea:e2:89:07:d9:3d:58:d9:8b:7d:
94:3f:78:44:6d:78:ff:d5:d4:f3:a9:ba:97:d8:a2:
0d:6c:1e:b4:1a:aa:d7:cd:e5:d6:64:f3:d5:1c:6d:
d3:80:6f:2b:a3:0f:2c:48:66:ff:15:1a:06:50:24:
2c:32:0e:c2:85:84:8c:5a:44:fd:82:15:3e:55:60:
f5:27:17:10:99:7b:64:c1:05:0d:ca:97:a2:99:bc:
fb:c8:bf:21:22:69:c5:ac:e3:9d:90:8c:71:52:e0:
58:9d:31:a8:bf:34:99:52:5e:45:cc:03:a6:63:09:
e4:2d:8c:af:b9:6d:f6:a9:7c:68:73:30:c6:9b:c2:
8f:4d:a4:07:79:06:1e:78:c4:a0:bc:ff:25:02:e3:
03:c8:e0:54:af:3b:36:20:6b:59:76:c5:c7:30:e2:
21:ee:93:23:b3:f1:1a:bc:73:fb:4b:29:e4:51:44:
a0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:4D:30:35:1F:4E:51:70:82:06:C8:E0:B0:9F:25:E4:11:36:A7:17
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/Uk0wNR9OUXCCBsjgsJ8l5BE2pxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
95:76:0b:da:c1:89:b5:47:88:92:2d:a4:29:21:37:37:13:60:
55:46:13:05:bb:4f:3c:5a:12:52:d9:ea:f9:a0:09:8a:5d:56:
a2:6f:da:4d:36:5a:df:fa:0d:e9:d0:fb:e4:c2:0f:f6:e5:53:
0d:11:22:87:9b:80:1f:2e:69:cb:ad:17:a3:cd:9e:e3:fc:46:
e7:a4:81:c5:37:bc:4f:0e:96:6c:29:6e:88:49:ff:9e:ff:37:
89:bb:dc:3f:1f:85:c0:39:39:9c:b9:16:ed:e5:95:e8:48:a9:
dc:4d:e4:e0:c3:8c:d1:bf:ac:c0:29:6d:f2:6f:4d:ea:c0:16:
4e:e5:95:bf:24:e6:35:58:97:69:ac:59:76:b2:8e:de:2a:13:
c4:bd:81:34:2b:98:22:a5:df:82:d6:06:2c:30:9d:68:5c:12:
e7:8e:a4:b3:75:0e:e4:8c:53:43:d5:2c:d6:4f:0f:c4:6d:24:
a6:65:dd:1c:51:9f:d8:84:1f:7a:7d:3e:ce:bd:87:a6:16:8e:
e1:64:13:e3:84:01:34:a7:b4:5c:76:97:fb:99:17:ab:b2:a8:
9f:cd:c8:56:0e:3d:83:f7:25:78:74:a9:8a:74:e4:16:37:4f:
d9:3d:94:78:75:57:7a:55:f8:4f:4c:47:b8:ce:98:ad:8f:a7:
4f:f4:fd:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2bhr5bHqkw76BfeWhGwf09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEyMDQxNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjRkMzAzNTFmNGU1MTcwODIwNmM4ZTBiMDlmMjVlNDExMzZhNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldnmKXNd5mIVKxqZ4KRFdG6a+EGM
nrD5XsU4ifNU6vQ7KC5hf6UlAa3EXtyZhjM28NdmDPqAlMP4pb3US1vrSpb7LbOP
bBZ61JK6dUDQuOriiQfZPVjZi32UP3hEbXj/1dTzqbqX2KINbB60GqrXzeXWZPPV
HG3TgG8row8sSGb/FRoGUCQsMg7ChYSMWkT9ghU+VWD1JxcQmXtkwQUNypeimbz7
yL8hImnFrOOdkIxxUuBYnTGovzSZUl5FzAOmYwnkLYyvuW32qXxoczDGm8KPTaQH
eQYeeMSgvP8lAuMDyOBUrzs2IGtZdsXHMOIh7pMjs/EavHP7SynkUUSgVQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFJNMDUfTlFwggbI4LCfJeQRNqcXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVWswd05SOU9VWENDQnNqZ3NKOGw1QkUycHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJV2C9rBibVHiJItpCkh
NzcTYFVGEwW7TzxaElLZ6vmgCYpdVqJv2k02Wt/6DenQ++TCD/blUw0RIoebgB8u
acutF6PNnuP8RuekgcU3vE8OlmwpbohJ/57/N4m73D8fhcA5OZy5Fu3llehIqdxN
5ODDjNG/rMApbfJvTerAFk7llb8k5jVYl2msWXayjt4qE8S9gTQrmCKl34LWBiww
nWhcEueOpLN1DuSMU0PVLNZPD8RtJKZl3RxRn9iEH3p9Ps69h6YWjuFkE+OEATSn
tFx2l/uZF6uyqJ/NyFYOPYP3JXh0qYp05BY3T9k9lHh1V3pV+E9MR7jOmK2Pp0/0
/RY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:52 2025 by rpki-client