Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/W9QAWrRcJYU5A0AbGAvmpzvxFV0.roa
File: W9QAWrRcJYU5A0AbGAvmpzvxFV0.roa (raw, json)
Hash identifier: H+XkH8INyigCyf5wgaGC/cJlSYhbfAubGNwL92kHjzc=
Subject key identifier: 5B:D4:00:5A:B4:5C:25:85:39:03:40:1B:18:0B:E6:A7:3B:F1:15:5D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD3147419489EB8EE523C2AC9ECC7675B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/W9QAWrRcJYU5A0AbGAvmpzvxFV0.roa
Signing time: Thu 04 Jan 2024 06:06:22 +0000
ROA not before: Thu 04 Jan 2024 06:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:d312:ddf9/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:14:74:19:48:9e:b8:ee:52:3c:2a:c9:ec:c7:67:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 4 06:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5bd4005ab45c25853903401b180be6a73bf1155d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:17:1c:4a:e1:7c:82:54:e7:49:cb:49:18:96:
3a:68:51:4a:19:90:8d:7d:5e:cd:52:2b:60:48:6f:
7d:c0:6a:58:ff:4d:e3:a2:a9:c1:8a:1a:63:8b:b2:
2f:46:34:be:1b:ba:09:55:14:ff:5f:18:3e:c7:7c:
5a:d7:0d:39:73:c9:81:53:68:2d:25:f1:61:1f:ee:
7f:24:5c:73:6e:7e:7b:02:9c:e9:0d:61:ec:0a:39:
8a:ec:41:ab:eb:00:21:d4:3b:7f:bd:ec:60:8c:fd:
f2:f8:a7:43:c0:ed:ee:61:79:01:63:27:b7:bd:ce:
3a:79:41:cf:82:74:31:cf:31:22:d9:24:f3:e2:98:
9f:e2:92:61:f3:09:12:44:f2:81:37:5a:ca:10:b9:
55:18:ad:b3:b5:2d:4a:08:4f:1a:db:0f:74:78:07:
86:54:d4:ab:2a:41:92:83:ba:fa:c1:a9:69:6d:da:
98:e8:96:0e:9d:a8:85:61:60:a6:74:fe:ce:92:93:
e4:3d:19:93:3c:5f:05:00:01:ce:9f:9c:56:47:d8:
a7:07:e6:83:5f:35:c7:2c:4a:ee:4f:ec:e3:f3:ac:
5c:5b:e6:69:cc:d3:ad:3e:8f:54:76:35:a2:ec:d6:
9d:b1:bf:98:3e:0f:10:d5:1f:97:e4:49:44:60:ac:
53:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D4:00:5A:B4:5C:25:85:39:03:40:1B:18:0B:E6:A7:3B:F1:15:5D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/W9QAWrRcJYU5A0AbGAvmpzvxFV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8a:7b:1c:18:99:16:e6:cd:a5:59:85:29:42:ed:7d:7b:80:8a:
aa:88:8c:04:06:69:d1:c8:62:94:ed:92:75:6d:2c:ad:82:4d:
41:4b:fc:f2:76:a8:25:bb:48:88:7b:18:22:91:02:bc:d7:25:
2b:1b:11:82:3c:53:5a:44:36:f5:8d:38:45:80:0d:b9:7c:cc:
5e:d5:ab:84:74:13:3e:58:a4:c8:38:84:12:83:32:7a:96:3b:
e7:d5:12:76:0f:a7:41:d5:78:ee:f8:9a:1e:c4:41:f7:2d:b3:
c6:e4:0d:4b:15:88:bd:98:c7:ec:81:8d:da:42:e5:b4:39:5c:
82:40:d9:7c:f7:56:e4:49:b7:4e:28:82:01:3f:71:69:f0:f9:
2e:e4:a2:0d:21:4d:6d:c4:fb:d6:f6:6b:07:eb:b2:93:ac:6f:
c0:f2:99:46:0f:29:12:92:17:d1:89:06:01:ad:c5:02:80:5a:
1b:eb:23:5f:3c:d1:ac:70:91:e3:ea:db:3d:6d:41:9c:10:1c:
e4:61:ab:7d:2b:99:ee:af:b2:f4:d4:1e:7c:3c:b8:98:d1:bf:
ce:15:35:bc:bb:46:f1:29:26:01:0a:fb:b9:a4:9c:ea:c1:28:
9b:32:0e:ca:b7:e6:56:fa:92:e0:e8:40:84:0b:d5:15:2b:88:
6c:cc:bf:ec
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzTFHQZSJ647lI8Ksnsx2dbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA0MDYwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmQ0MDA1YWI0NWMyNTg1MzkwMzQwMWIxODBiZTZhNzNiZjExNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxccSuF8glTnSctJGJY6aFFKGZCN
fV7NUitgSG99wGpY/03joqnBihpji7IvRjS+G7oJVRT/Xxg+x3xa1w05c8mBU2gt
JfFhH+5/JFxzbn57ApzpDWHsCjmK7EGr6wAh1Dt/vexgjP3y+KdDwO3uYXkBYye3
vc46eUHPgnQxzzEi2STz4pif4pJh8wkSRPKBN1rKELlVGK2ztS1KCE8a2w90eAeG
VNSrKkGSg7r6walpbdqY6JYOnaiFYWCmdP7OkpPkPRmTPF8FAAHOn5xWR9inB+aD
XzXHLEruT+zj86xcW+ZpzNOtPo9UdjWi7Nadsb+YPg8Q1R+X5ElEYKxTNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFvUAFq0XCWFOQNAGxgL5qc78RVdMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvVzlRQVdyUmNKWVU1QTBBYkdBdm1wenZ4RlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIp7HBiZFubNpVmFKULt
fXuAiqqIjAQGadHIYpTtknVtLK2CTUFL/PJ2qCW7SIh7GCKRArzXJSsbEYI8U1pE
NvWNOEWADbl8zF7Vq4R0Ez5YpMg4hBKDMnqWO+fVEnYPp0HVeO74mh7EQfcts8bk
DUsViL2Yx+yBjdpC5bQ5XIJA2Xz3VuRJt04oggE/cWnw+S7kog0hTW3E+9b2awfr
spOsb8DymUYPKRKSF9GJBgGtxQKAWhvrI1880axwkePq2z1tQZwQHORhq30rme6v
svTUHnw8uJjRv84VNby7RvEpJgEK+7mknOrBKJsyDsq35lb6kuDoQIQL1RUriGzM
v+w=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:28:52 2025 by rpki-client