Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X-hexDvZu1gIqObAGxs3PGj9vMU.roa
File: X-hexDvZu1gIqObAGxs3PGj9vMU.roa (raw, json)
Hash identifier: WgICRh1ZUCyz48xz9vjrR1bZ5FDUqbEQJAQ91QJklBo=
Subject key identifier: 5F:E8:5E:C4:3B:D9:BB:58:08:A8:E6:C0:1B:1B:37:3C:68:FD:BC:C5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDD2642034D6C6BF71C7FD70FDADA5E79
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X-hexDvZu1gIqObAGxs3PGj9vMU.roa
Signing time: Sat 24 Feb 2024 22:04:48 +0000
ROA not before: Sat 24 Feb 2024 22:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:dd25:c901/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:dd:26:42:03:4d:6c:6b:f7:1c:7f:d7:0f:da:da:5e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 24 22:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fe85ec43bd9bb5808a8e6c01b1b373c68fdbcc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:23:58:b0:64:dc:c8:da:25:5d:6c:47:35:51:
17:4f:e3:af:90:4a:7a:9d:82:6d:f5:c7:7f:47:cc:
38:aa:2c:c5:9a:7d:8e:e7:9d:87:22:ca:e4:c8:44:
fb:a6:46:cb:6e:e6:f6:f3:55:6b:cf:1b:73:65:c6:
28:74:3f:b6:02:8f:95:47:e0:ad:08:9b:1a:6f:20:
7f:e2:77:ec:4b:4b:f2:88:1b:ff:2d:ae:2b:b2:c5:
8c:75:81:76:5f:e9:3c:b1:4d:a3:53:2d:bf:be:91:
78:5c:11:1d:db:8c:2d:1f:ac:4c:a4:74:75:8a:70:
a5:9e:c7:dd:54:6d:ba:ea:40:13:74:44:eb:a8:a5:
e6:50:b1:4e:7f:b7:dd:0d:bf:e0:3c:21:28:f3:7e:
e0:03:7d:78:b3:4a:af:de:36:7b:9b:e3:06:03:ab:
94:e0:a0:b7:01:da:14:fe:4c:a7:fa:f9:1e:8f:38:
c7:a0:6f:57:7c:0f:69:4b:5f:ab:21:7a:c2:17:0d:
a4:a4:27:ab:d0:0b:54:ec:7b:be:dc:b6:17:1b:db:
a6:b1:27:61:d2:9a:a7:70:24:63:21:db:64:b6:35:
d6:5f:39:8e:f3:6d:78:a7:f0:4c:df:18:cb:d4:10:
32:9f:51:68:a0:9d:a7:fa:7b:15:84:8b:eb:c9:04:
28:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:E8:5E:C4:3B:D9:BB:58:08:A8:E6:C0:1B:1B:37:3C:68:FD:BC:C5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X-hexDvZu1gIqObAGxs3PGj9vMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
69:27:4b:0a:c6:c4:f8:c5:12:d9:f6:93:00:9a:e5:19:a0:07:
84:fd:4e:90:5d:88:fa:f3:af:56:ab:a4:54:d4:b9:63:a5:96:
4f:3d:84:7d:39:82:71:a4:b0:92:6c:db:c6:42:21:cf:ad:45:
c1:aa:02:48:27:d6:f3:88:3f:47:1c:26:a1:9c:bf:e1:aa:42:
43:75:bc:b9:59:4b:a4:79:f0:8f:08:2f:ab:da:31:cf:5b:69:
37:84:05:cd:b5:01:88:4a:df:4b:53:f4:6f:20:9e:13:f8:ed:
30:68:ea:7d:6e:8e:8a:21:8f:19:82:a0:e0:cb:7f:29:82:90:
3d:e6:c5:50:c0:aa:05:fe:de:fe:16:b9:e8:44:f3:c9:e1:88:
f7:06:ff:a2:30:3a:84:17:c8:9c:13:cb:0d:96:3d:9c:c7:dd:
1d:ee:31:de:e7:0a:63:49:45:ce:4a:95:d9:4b:37:cd:70:9e:
cf:d3:bb:5a:06:d7:c7:77:c7:4e:79:f2:07:cc:c0:c1:ee:24:
e0:b6:ce:b6:e1:25:bb:82:14:d6:75:94:a1:bf:17:81:91:d6:
7a:2b:64:a7:0d:b6:2d:7a:39:b9:92:0a:95:71:74:80:c6:b8:
e3:8e:a5:de:ad:a1:04:46:0a:fb:b1:c8:d4:4d:e7:82:43:35:
f5:28:d6:63
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3dJkIDTWxr9xx/1w/a2l55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI0MjIwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmU4NWVjNDNiZDliYjU4MDhhOGU2YzAxYjFiMzczYzY4ZmRiY2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCNYsGTcyNolXWxHNVEXT+OvkEp6
nYJt9cd/R8w4qizFmn2O552HIsrkyET7pkbLbub281VrzxtzZcYodD+2Ao+VR+Ct
CJsabyB/4nfsS0vyiBv/La4rssWMdYF2X+k8sU2jUy2/vpF4XBEd24wtH6xMpHR1
inClnsfdVG266kATdETrqKXmULFOf7fdDb/gPCEo837gA314s0qv3jZ7m+MGA6uU
4KC3AdoU/kyn+vkejzjHoG9XfA9pS1+rIXrCFw2kpCer0AtU7Hu+3LYXG9umsSdh
0pqncCRjIdtktjXWXzmO8214p/BM3xjL1BAyn1FooJ2n+nsVhIvryQQokQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF/oXsQ72btYCKjmwBsbNzxo/bzFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWC1oZXhEdlp1MWdJcU9iQUd4czNQR2o5dk1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGknSwrGxPjFEtn2kwCa
5RmgB4T9TpBdiPrzr1arpFTUuWOllk89hH05gnGksJJs28ZCIc+tRcGqAkgn1vOI
P0ccJqGcv+GqQkN1vLlZS6R58I8IL6vaMc9baTeEBc21AYhK30tT9G8gnhP47TBo
6n1ujoohjxmCoODLfymCkD3mxVDAqgX+3v4WuehE88nhiPcG/6IwOoQXyJwTyw2W
PZzH3R3uMd7nCmNJRc5KldlLN81wns/Tu1oG18d3x0558gfMwMHuJOC2zrbhJbuC
FNZ1lKG/F4GR1norZKcNti16ObmSCpVxdIDGuOOOpd6toQRGCvuxyNRN54JDNfUo
1mM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:28 2025 by rpki-client