Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XAPaknBEwcKpl59zJDr0_pZShe0.roa
File: XAPaknBEwcKpl59zJDr0_pZShe0.roa (raw, json)
Hash identifier: 8/Vv9Kvavx4MbMX1DFz2AMkqp1pbdY4LCYhnckQ+Ye4=
Subject key identifier: 5C:03:DA:92:70:44:C1:C2:A9:97:9F:73:24:3A:F4:FE:96:52:85:ED
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EB35372807CCE642AFDC857E2931AE052
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XAPaknBEwcKpl59zJDr0_pZShe0.roa
Signing time: Sat 06 Apr 2024 12:12:54 +0000
ROA not before: Sat 06 Apr 2024 12:12:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b3:53:72:80:7c:ce:64:2a:fd:c8:57:e2:93:1a:e0:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 6 12:12:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c03da927044c1c2a9979f73243af4fe965285ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:23:1d:1e:bb:7b:5a:2b:61:67:42:59:44:c2:
a0:dc:2d:ba:17:bd:98:0e:69:48:30:f0:d6:28:84:
c5:88:3e:59:81:2a:64:08:b2:c5:54:01:ec:8f:c3:
e7:28:5b:73:f2:0c:a0:3b:0f:a1:02:e3:53:9f:e4:
f8:4a:85:1d:68:ca:ed:d9:9c:8a:f1:d9:2e:4f:fa:
79:90:32:cc:e6:25:06:f7:c7:c7:2a:1c:f1:4f:f5:
dd:68:8b:7e:ba:5a:16:8c:cf:b8:f7:fd:5e:cd:1c:
eb:46:21:05:b5:ad:60:cd:bc:bd:af:5e:92:da:d2:
b4:8c:1b:5b:04:43:39:d9:86:53:39:76:7d:93:3b:
bd:0c:77:ba:d9:d6:f1:70:46:9f:72:c1:9c:0f:ea:
5c:a3:e1:cb:b6:28:6f:3c:66:9d:86:80:49:84:92:
73:22:c0:7a:e0:8b:8e:b3:89:e9:82:94:94:c3:ee:
df:8a:dc:95:6e:76:84:72:1b:bb:25:41:48:1b:f9:
32:95:99:73:a4:88:dd:9d:35:99:0c:3d:53:82:d2:
de:99:ae:05:5d:c9:0b:36:0c:ac:ca:26:91:04:65:
06:70:f5:c2:e7:be:cb:43:7d:2c:d2:99:8f:74:e2:
02:e2:55:0f:48:3b:db:2c:00:35:65:80:20:a3:96:
38:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:03:DA:92:70:44:C1:C2:A9:97:9F:73:24:3A:F4:FE:96:52:85:ED
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XAPaknBEwcKpl59zJDr0_pZShe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
47:db:77:f5:7d:1d:24:08:79:f7:d9:5b:68:97:df:61:14:7a:
49:ff:b1:47:c6:5e:a4:36:57:3a:f9:ef:e9:23:73:dc:e9:88:
e7:51:e2:8c:df:f0:77:a2:f7:09:39:2d:d2:6b:cc:55:8d:73:
f7:39:4a:24:c7:82:fc:b5:ec:5b:66:aa:c8:9c:eb:c2:dd:ae:
a8:84:51:cf:1a:fd:95:d7:3f:b1:4d:95:48:a8:6e:fd:3e:d2:
10:d4:0d:57:b7:80:a3:8c:b5:4a:d7:31:1d:ae:d1:1c:e2:03:
de:a8:1c:a7:12:b7:15:38:9d:83:c4:cb:26:78:63:75:07:ee:
97:0a:34:40:98:b0:a2:77:bf:7a:17:bb:e6:b9:09:33:0c:d3:
56:06:6b:48:e2:1f:b5:06:36:3d:4f:9d:eb:59:95:2a:b7:75:
74:e0:5b:60:ce:d1:5e:86:a1:83:b5:5f:95:50:46:11:e3:95:
df:56:46:c4:19:07:e3:eb:03:33:13:ca:96:1d:e0:c5:da:54:
0c:15:9f:0e:8b:30:cb:05:90:8e:f7:6d:6e:7e:bc:2b:a8:44:
4f:54:01:97:f8:32:e7:94:37:3d:46:88:f2:da:23:f0:4a:c1:
4d:61:73:6f:87:34:ab:db:88:4f:ff:03:5e:2b:85:e9:ec:18:
94:96:71:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6zU3KAfM5kKv3IV+KTGuBSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA2MTIxMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzAzZGE5MjcwNDRjMWMyYTk5NzlmNzMyNDNhZjRmZTk2NTI4NWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSMdHrt7WithZ0JZRMKg3C26F72Y
DmlIMPDWKITFiD5ZgSpkCLLFVAHsj8PnKFtz8gygOw+hAuNTn+T4SoUdaMrt2ZyK
8dkuT/p5kDLM5iUG98fHKhzxT/XdaIt+uloWjM+49/1ezRzrRiEFta1gzby9r16S
2tK0jBtbBEM52YZTOXZ9kzu9DHe62dbxcEafcsGcD+pco+HLtihvPGadhoBJhJJz
IsB64IuOs4npgpSUw+7fityVbnaEchu7JUFIG/kylZlzpIjdnTWZDD1TgtLema4F
XckLNgysyiaRBGUGcPXC577LQ30s0pmPdOIC4lUPSDvbLAA1ZYAgo5Y4ewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFwD2pJwRMHCqZefcyQ69P6WUoXtMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWEFQYWtuQkV3Y0twbDU5ekpEcjBfcFpTaGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEfbd/V9HSQIeffZW2iX
32EUekn/sUfGXqQ2Vzr57+kjc9zpiOdR4ozf8Hei9wk5LdJrzFWNc/c5SiTHgvy1
7Ftmqsic68LdrqiEUc8a/ZXXP7FNlUiobv0+0hDUDVe3gKOMtUrXMR2u0RziA96o
HKcStxU4nYPEyyZ4Y3UH7pcKNECYsKJ3v3oXu+a5CTMM01YGa0jiH7UGNj1PnetZ
lSq3dXTgW2DO0V6GoYO1X5VQRhHjld9WRsQZB+PrAzMTypYd4MXaVAwVnw6LMMsF
kI73bW5+vCuoRE9UAZf4MueUNz1GiPLaI/BKwU1hc2+HNKvbiE//A14rhensGJSW
ccg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:24 2025 by rpki-client