Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X6hnar7wzlL8BOJY4c2uRLwtFJo.roa
File: X6hnar7wzlL8BOJY4c2uRLwtFJo.roa (raw, json)
Hash identifier: 1uVATK5Hy6sUpkIKddy/YUVySCx9AM7qn3ZvEyK7X3o=
Subject key identifier: 5F:A8:67:6A:BE:F0:CE:52:FC:04:E2:58:E1:CD:AE:44:BC:2D:14:9A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D4877FD591B7B51B7A32B3D0B60F19B47
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X6hnar7wzlL8BOJY4c2uRLwtFJo.roa
Signing time: Sat 27 Jan 2024 01:10:39 +0000
ROA not before: Sat 27 Jan 2024 01:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:48:77:fd:59:1b:7b:51:b7:a3:2b:3d:0b:60:f1:9b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 27 01:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fa8676abef0ce52fc04e258e1cdae44bc2d149a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0c:ee:6e:df:75:65:f8:72:b7:44:d4:08:df:
fe:de:1d:b8:52:e8:95:f3:2b:a1:ce:19:5d:17:65:
6c:24:8d:7b:ca:d2:88:87:0e:df:b5:6e:90:83:cc:
63:bc:cc:93:f2:1e:3a:c8:5b:23:a1:71:ad:44:25:
0c:f9:64:97:06:e6:c3:03:95:21:64:dc:d3:ee:68:
fb:62:0b:eb:26:84:dc:47:de:04:6d:3d:11:9b:c2:
77:94:cf:cb:94:06:df:14:3e:99:90:da:6d:25:12:
ee:13:f2:33:64:2d:a9:4c:51:9d:36:2e:9e:10:e2:
16:c7:d2:45:a2:1f:10:3c:04:1c:2f:6a:8f:4d:69:
1f:3a:6f:81:f9:c4:8c:91:b6:58:ff:aa:01:19:45:
f1:68:e3:59:b4:05:9c:1e:15:53:5b:cd:15:04:3d:
6e:d6:29:5f:2e:b4:51:0c:be:4a:46:8e:90:21:24:
be:99:00:d6:e4:cc:ae:37:e2:06:46:f6:5e:f7:91:
13:3c:86:6a:0c:50:0f:31:ef:df:6f:9d:19:08:b4:
aa:3b:e6:2d:04:7f:3d:30:fb:f8:19:e5:78:89:c8:
9d:3c:e4:6b:e8:05:0b:32:73:41:e1:62:c4:cf:75:
ac:72:cc:c2:ca:22:d5:87:0c:1f:44:77:06:f0:e2:
99:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A8:67:6A:BE:F0:CE:52:FC:04:E2:58:E1:CD:AE:44:BC:2D:14:9A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/X6hnar7wzlL8BOJY4c2uRLwtFJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:cd:32:a2:58:b1:27:d7:0b:50:3a:8c:31:cc:9a:3d:c0:c6:
d0:2e:39:af:33:e5:5d:93:b6:79:fb:1b:46:fa:76:cc:b7:1c:
0c:0b:f7:b1:23:9e:c2:17:b7:6b:86:20:c9:9c:75:03:2b:c0:
15:a4:6c:bd:0f:40:df:93:7f:c6:59:1c:11:7f:cf:8e:82:c5:
d4:6f:0c:02:ab:c8:be:58:f8:a5:51:ff:6e:52:fa:04:72:14:
45:a0:28:4b:06:3d:2e:2f:f6:81:d8:42:15:51:86:46:e0:03:
cd:40:b6:a4:3a:09:48:e2:9f:8d:98:b3:bc:1f:4f:b0:08:bd:
9b:ad:c5:9f:0d:99:2c:31:8c:ee:bd:80:33:2a:2b:0d:21:44:
1e:da:c5:38:38:cf:4b:14:af:d0:d8:5e:7d:2c:46:0a:39:f6:
02:b6:2b:a0:a4:1e:96:12:58:86:dc:63:a0:a8:79:24:ce:9d:
9f:fa:8c:54:75:d4:ca:02:b5:21:54:67:ff:79:3b:a8:17:b4:
02:cf:27:10:69:f6:22:3f:9c:50:d9:03:b7:a4:ac:19:12:fe:
39:a5:c1:ab:80:9b:bc:ba:0f:0c:b2:52:9a:ca:78:b2:dd:ee:
2a:ce:35:ed:6f:10:11:f9:f3:bd:7e:bc:e3:92:d5:8b:d3:ea:
87:1c:a0:5a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1Id/1ZG3tRt6MrPQtg8ZtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI3MDExMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE4Njc2YWJlZjBjZTUyZmMwNGUyNThlMWNkYWU0NGJjMmQxNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAzubt91Zfhyt0TUCN/+3h24UuiV
8yuhzhldF2VsJI17ytKIhw7ftW6Qg8xjvMyT8h46yFsjoXGtRCUM+WSXBubDA5Uh
ZNzT7mj7YgvrJoTcR94EbT0Rm8J3lM/LlAbfFD6ZkNptJRLuE/IzZC2pTFGdNi6e
EOIWx9JFoh8QPAQcL2qPTWkfOm+B+cSMkbZY/6oBGUXxaONZtAWcHhVTW80VBD1u
1ilfLrRRDL5KRo6QISS+mQDW5MyuN+IGRvZe95ETPIZqDFAPMe/fb50ZCLSqO+Yt
BH89MPv4GeV4icidPORr6AULMnNB4WLEz3WscszCyiLVhwwfRHcG8OKZWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF+oZ2q+8M5S/ATiWOHNrkS8LRSaMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWDZobmFyN3d6bEw4Qk9KWTRjMnVSTHd0RkpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG7NMqJYsSfXC1A6jDHM
mj3AxtAuOa8z5V2Ttnn7G0b6dsy3HAwL97EjnsIXt2uGIMmcdQMrwBWkbL0PQN+T
f8ZZHBF/z46CxdRvDAKryL5Y+KVR/25S+gRyFEWgKEsGPS4v9oHYQhVRhkbgA81A
tqQ6CUjin42Ys7wfT7AIvZutxZ8NmSwxjO69gDMqKw0hRB7axTg4z0sUr9DYXn0s
Rgo59gK2K6CkHpYSWIbcY6CoeSTOnZ/6jFR11MoCtSFUZ/95O6gXtALPJxBp9iI/
nFDZA7ekrBkS/jmlwauAm7y6DwyyUprKeLLd7irONe1vEBH5871+vOOS1YvT6occ
oFo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:25 2025 by rpki-client