Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VzEyCyl0u72vkLUb__PsY1-s38A.roa
File: VzEyCyl0u72vkLUb__PsY1-s38A.roa (raw, json)
Hash identifier: 7K+PwSh8Pjn1issi/UB2QVdim3ZkaouXyUOl0AIanIk=
Subject key identifier: 57:31:32:0B:29:74:BB:BD:AF:90:B5:1B:FF:F3:EC:63:5F:AC:DF:C0
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D769D98F315401168D53E73FB63DF7D4B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VzEyCyl0u72vkLUb__PsY1-s38A.roa
Signing time: Mon 05 Feb 2024 00:14:16 +0000
ROA not before: Mon 05 Feb 2024 00:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:76:9d:98:f3:15:40:11:68:d5:3e:73:fb:63:df:7d:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 5 00:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5731320b2974bbbdaf90b51bfff3ec635facdfc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:db:8a:95:b0:15:c1:ca:f5:45:a3:89:a2:13:
fa:52:b4:0e:94:80:c8:1b:f4:dd:7f:f1:a4:c0:bc:
05:bd:63:80:7b:f8:41:f7:62:84:8f:ce:e0:af:4d:
a2:9c:34:34:0d:02:4f:e7:45:d6:f1:c1:a4:e5:1d:
12:3b:5f:71:7a:eb:c2:2e:87:27:56:2d:89:87:4a:
cf:86:e7:7a:ec:78:80:b4:08:af:bb:30:cc:9c:b7:
08:6a:49:74:42:f5:d8:29:db:1d:09:a2:da:d7:e9:
1a:f3:ea:20:0c:0e:69:aa:65:62:06:df:ae:63:75:
09:35:a7:36:5e:42:5c:0a:b7:29:4a:7a:4f:08:70:
66:71:d9:32:7d:4e:db:ba:52:16:85:34:1b:71:17:
ff:b8:c8:ef:9f:1d:4c:cb:97:a5:0f:a2:2b:63:76:
04:46:be:0e:a8:7a:65:46:dd:33:e3:cd:7d:05:7d:
73:97:3a:2b:46:84:56:0d:05:6e:04:54:a8:11:a2:
2b:8e:a4:d7:7e:f1:76:6d:b1:60:14:24:8a:bf:5c:
8d:35:ab:97:6a:39:d6:ee:0b:9e:4b:1a:2b:3e:5b:
54:f8:1f:b0:9e:cc:fa:54:23:99:74:7b:0d:8e:8d:
ce:b2:aa:fb:47:d1:5f:78:b1:16:3d:d8:12:e0:f5:
06:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:31:32:0B:29:74:BB:BD:AF:90:B5:1B:FF:F3:EC:63:5F:AC:DF:C0
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/VzEyCyl0u72vkLUb__PsY1-s38A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a4:a0:1e:af:e4:57:19:9f:e2:df:14:72:bb:d5:3b:3f:fb:ac:
c8:83:8e:45:7c:86:8f:c8:af:1c:f1:9b:7d:14:e0:d2:d6:e5:
45:0b:13:8e:49:32:1d:8e:ba:87:13:d1:2f:58:ae:9c:ea:37:
4c:d3:b4:07:c5:8a:65:33:1d:41:e9:12:38:d6:94:c7:de:77:
8b:44:9c:5b:12:70:6c:e0:20:2f:02:25:6f:d5:59:d4:a1:65:
0f:54:ad:05:d4:1f:df:80:35:62:cb:63:04:1a:95:17:eb:b0:
40:0e:55:63:1a:ca:5b:e8:82:55:56:c6:65:dd:6b:61:13:dc:
f1:db:aa:cb:8f:9e:ca:b5:b5:b9:aa:f4:49:cf:6e:5e:63:13:
b1:b1:77:4d:1c:f9:30:e5:20:c3:4b:dd:6f:d0:39:66:71:6e:
f3:27:d6:d2:08:69:41:9e:f0:03:bb:7e:0e:d0:b4:b8:70:e3:
ff:42:a8:2e:2f:d9:c8:b7:d9:35:9a:e9:d9:e1:b0:14:7c:25:
d4:93:22:7f:1b:3c:c1:50:f7:47:f6:34:d2:24:2c:ab:e3:68:
c1:4c:84:bf:68:c9:33:2f:58:07:7f:59:fd:d0:d6:75:0a:da:
19:a2:67:c6:19:89:c9:2b:b2:54:68:f0:80:03:1f:cc:b2:e5:
84:19:04:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY12nZjzFUARaNU+c/tj331LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA1MDAxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzMxMzIwYjI5NzRiYmJkYWY5MGI1MWJmZmYzZWM2MzVmYWNkZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNuKlbAVwcr1RaOJohP6UrQOlIDI
G/Tdf/GkwLwFvWOAe/hB92KEj87gr02inDQ0DQJP50XW8cGk5R0SO19xeuvCLocn
Vi2Jh0rPhud67HiAtAivuzDMnLcIakl0QvXYKdsdCaLa1+ka8+ogDA5pqmViBt+u
Y3UJNac2XkJcCrcpSnpPCHBmcdkyfU7bulIWhTQbcRf/uMjvnx1My5elD6IrY3YE
Rr4OqHplRt0z4819BX1zlzorRoRWDQVuBFSoEaIrjqTXfvF2bbFgFCSKv1yNNauX
ajnW7gueSxorPltU+B+wnsz6VCOZdHsNjo3Osqr7R9FfeLEWPdgS4PUGjwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFcxMgspdLu9r5C1G//z7GNfrN/AMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVnpFeUN5bDB1NzJ2a0xVYl9fUHNZMS1zMzhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKSgHq/kVxmf4t8UcrvV
Oz/7rMiDjkV8ho/Irxzxm30U4NLW5UULE45JMh2OuocT0S9YrpzqN0zTtAfFimUz
HUHpEjjWlMfed4tEnFsScGzgIC8CJW/VWdShZQ9UrQXUH9+ANWLLYwQalRfrsEAO
VWMaylvoglVWxmXda2ET3PHbqsuPnsq1tbmq9EnPbl5jE7Gxd00c+TDlIMNL3W/Q
OWZxbvMn1tIIaUGe8AO7fg7QtLhw4/9CqC4v2ci32TWa6dnhsBR8JdSTIn8bPMFQ
90f2NNIkLKvjaMFMhL9oyTMvWAd/Wf3Q1nUK2hmiZ8YZickrslRo8IADH8yy5YQZ
BK8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:59 2025 by rpki-client