Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WiI1hKl7hId9m2nxf-13bMgNJkk.roa
File: WiI1hKl7hId9m2nxf-13bMgNJkk.roa (raw, json)
Hash identifier: s9UWRH/tVcrRh7FRul1hnRPtXbJiwMrp9vS9dwr2suk=
Subject key identifier: 5A:22:35:84:A9:7B:84:87:7D:9B:69:F1:7F:ED:77:6C:C8:0D:26:49
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9CD1B586BA05E411FE3E32E190D14C45
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WiI1hKl7hId9m2nxf-13bMgNJkk.roa
Signing time: Sun 24 Dec 2023 17:13:58 +0000
ROA not before: Sun 24 Dec 2023 17:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9c:d1:b5:86:ba:05:e4:11:fe:3e:32:e1:90:d1:4c:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 17:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a223584a97b84877d9b69f17fed776cc80d2649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c2:12:d5:eb:09:7b:5b:8b:61:96:25:b0:b1:
23:a9:cd:7b:9c:d3:82:df:70:8a:b4:0f:0d:0a:78:
39:ea:3c:f8:2f:29:7b:00:20:5f:7c:b3:5b:0d:99:
97:91:a2:f7:6a:b0:71:b4:c2:62:1e:19:f3:67:aa:
3c:d9:d7:da:22:94:b5:e5:62:f8:8e:f0:e6:3b:e4:
c6:ed:2f:6a:53:eb:cd:0c:12:16:68:0f:05:95:f5:
44:97:43:2e:e0:69:bc:6d:80:f5:b0:3e:b3:49:93:
f2:d9:03:7d:8f:06:0f:e7:39:5f:91:6b:04:ad:f4:
44:91:e3:4b:a1:19:f6:2f:4c:d8:e5:cb:83:06:6f:
67:5c:c2:82:e0:90:a0:8e:dd:50:91:f3:83:34:c0:
5b:94:b8:51:8b:41:0f:7d:00:ae:56:60:b9:02:48:
83:4f:84:09:f8:13:fe:64:99:42:af:43:40:8f:fa:
90:7e:38:48:81:18:d6:57:bb:bf:25:93:27:31:51:
88:a5:f7:1f:2c:2f:f8:33:e0:5f:dd:19:c9:20:46:
7a:2f:27:2d:70:5c:40:de:b0:10:f0:10:13:07:3d:
70:a8:7b:8a:72:a4:7c:db:a8:93:1e:cc:8c:f7:6f:
46:57:6c:f7:85:b4:b9:e9:16:3c:ac:da:49:38:e7:
01:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:22:35:84:A9:7B:84:87:7D:9B:69:F1:7F:ED:77:6C:C8:0D:26:49
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/WiI1hKl7hId9m2nxf-13bMgNJkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
29:3b:c9:62:0d:30:fd:5d:19:e6:f5:97:29:31:54:64:72:a9:
1d:f8:3f:67:3f:e4:f8:bb:6c:17:b0:7c:5e:2c:f2:06:23:ab:
0e:f7:b9:73:5f:e8:d7:e8:04:7e:10:31:74:90:7e:91:50:e0:
f4:59:fb:bf:7d:72:7f:7d:88:02:a7:e7:6f:4e:ab:8d:ac:e8:
ed:9d:e6:4b:58:98:f1:50:ec:95:9c:25:ca:cc:b4:84:e7:2d:
1b:2e:6d:14:d4:1b:33:87:bd:3a:59:07:34:66:a2:ca:5e:4b:
b8:46:a6:13:9a:ae:cc:84:eb:ec:29:e2:d0:12:0d:5e:5f:6f:
73:b8:b1:da:ee:a8:39:69:d3:62:3c:f6:43:18:64:89:8e:42:
90:9b:6c:44:d9:45:05:07:33:3b:1f:5b:96:43:21:df:5b:4e:
f1:a0:c8:2c:a7:27:25:c3:bf:39:14:14:3e:96:ae:97:c7:1e:
66:33:17:af:5f:c9:3d:a1:73:fd:9d:fb:19:2b:50:4a:a9:a0:
a6:38:d2:a4:10:e7:57:93:e6:59:c5:8a:45:9b:ff:d6:9d:ab:
79:1b:27:93:9f:3a:1f:a7:14:7d:9e:a4:c0:48:0d:37:0e:4d:
78:ce:40:d5:b1:08:e0:30:48:be:10:fb:ef:db:29:b9:d0:bc:
6b:d9:84:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyc0bWGugXkEf4+MuGQ0UxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MTcxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTIyMzU4NGE5N2I4NDg3N2Q5YjY5ZjE3ZmVkNzc2Y2M4MGQyNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcIS1esJe1uLYZYlsLEjqc17nNOC
33CKtA8NCng56jz4Lyl7ACBffLNbDZmXkaL3arBxtMJiHhnzZ6o82dfaIpS15WL4
jvDmO+TG7S9qU+vNDBIWaA8FlfVEl0Mu4Gm8bYD1sD6zSZPy2QN9jwYP5zlfkWsE
rfREkeNLoRn2L0zY5cuDBm9nXMKC4JCgjt1QkfODNMBblLhRi0EPfQCuVmC5AkiD
T4QJ+BP+ZJlCr0NAj/qQfjhIgRjWV7u/JZMnMVGIpfcfLC/4M+Bf3RnJIEZ6Lyct
cFxA3rAQ8BATBz1wqHuKcqR826iTHsyM929GV2z3hbS56RY8rNpJOOcBAQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFoiNYSpe4SHfZtp8X/td2zIDSZJMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvV2lJMWhLbDdoSWQ5bTJueGYtMTNiTWdOSmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACk7yWINMP1dGeb1lykx
VGRyqR34P2c/5Pi7bBewfF4s8gYjqw73uXNf6NfoBH4QMXSQfpFQ4PRZ+799cn99
iAKn529Oq42s6O2d5ktYmPFQ7JWcJcrMtITnLRsubRTUGzOHvTpZBzRmospeS7hG
phOarsyE6+wp4tASDV5fb3O4sdruqDlp02I89kMYZImOQpCbbETZRQUHMzsfW5ZD
Id9bTvGgyCynJyXDvzkUFD6WrpfHHmYzF69fyT2hc/2d+xkrUEqpoKY40qQQ51eT
5lnFikWb/9adq3kbJ5OfOh+nFH2epMBIDTcOTXjOQNWxCOAwSL4Q++/bKbnQvGvZ
hCw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:05 2025 by rpki-client