Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XE7cPSlz9kJX6fcHaO04x7vn0aI.roa
File: XE7cPSlz9kJX6fcHaO04x7vn0aI.roa (raw, json)
Hash identifier: 0PzO+B7DHk/qeu+v0CFK7gCU9qYDgyX98JJ08ZH1GbU=
Subject key identifier: 5C:4E:DC:3D:29:73:F6:42:57:E9:F7:07:68:ED:38:C7:BB:E7:D1:A2
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D536B55572EAF5FC9681B0C878CD9871C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XE7cPSlz9kJX6fcHaO04x7vn0aI.roa
Signing time: Mon 29 Jan 2024 04:12:39 +0000
ROA not before: Mon 29 Jan 2024 04:12:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:53:6b:55:57:2e:af:5f:c9:68:1b:0c:87:8c:d9:87:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 29 04:12:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c4edc3d2973f64257e9f70768ed38c7bbe7d1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:88:b1:8b:e4:aa:a1:02:a6:a0:66:71:b5:1b:
42:1e:62:ee:fa:5c:ab:72:f6:5e:fa:53:9e:34:c4:
1d:6b:e9:6d:75:4d:a2:44:44:cf:95:3d:53:0b:9a:
0e:4c:ce:16:f6:f8:44:04:17:ca:77:f3:23:28:42:
47:f2:a1:bf:93:16:22:de:7b:65:18:d1:d8:c9:65:
d3:d6:0e:ed:a3:0c:33:0b:a4:21:82:6d:b7:3f:e4:
11:05:be:de:fb:60:04:11:87:cb:64:ac:7c:85:a5:
2c:fa:06:82:a4:98:a6:3c:87:1a:bd:89:49:4d:1f:
97:a5:fb:21:88:75:7a:6b:14:47:e2:2c:4a:f1:ef:
69:4b:b4:22:fd:92:5e:39:76:60:0e:58:ed:04:2d:
79:15:51:81:4a:94:e6:8d:22:4d:77:5a:36:55:15:
91:4e:0c:fc:75:65:1b:29:17:f6:8e:b9:5a:d4:b6:
c8:22:7b:08:7a:20:fb:6b:f5:6e:72:23:3c:8c:d5:
59:0c:61:08:05:71:40:65:d4:e3:8f:20:38:84:95:
5f:4d:dc:52:d9:ff:50:98:43:71:d8:1a:15:ae:ae:
aa:df:b2:4f:5b:d9:67:22:f0:dc:ea:24:c7:85:eb:
ee:d5:b7:a8:1f:9d:2e:a0:93:ba:20:45:df:67:f4:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4E:DC:3D:29:73:F6:42:57:E9:F7:07:68:ED:38:C7:BB:E7:D1:A2
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XE7cPSlz9kJX6fcHaO04x7vn0aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
65:45:31:a7:10:0b:28:9a:b8:2f:e8:47:97:7a:65:53:67:4a:
3f:03:39:e3:42:3c:68:77:b3:16:ad:13:01:2f:34:dd:74:06:
c5:be:84:34:93:9f:ec:80:49:63:00:65:1c:51:4d:b1:ec:33:
8d:99:fc:82:7b:1d:1b:90:a1:9b:c9:bd:26:08:09:ba:66:c4:
a4:56:5d:82:eb:e7:05:91:3e:61:c1:54:d1:c1:22:d2:f8:cf:
9a:4e:87:71:ef:4c:12:83:ed:9d:d2:3d:cd:86:23:a2:9a:53:
06:67:3c:ea:ab:14:3f:0e:cf:d3:a8:d8:6e:b4:f8:3d:d4:7c:
46:b5:c2:19:36:b0:f4:d8:4b:c4:8c:69:30:be:c7:c1:98:79:
a7:fd:df:82:5b:72:c4:4d:67:4b:ec:a4:17:0a:35:62:20:ee:
cf:58:d1:0c:50:cb:92:96:96:2f:67:d8:1d:83:4d:c5:a8:69:
71:05:6e:ef:96:8e:41:c6:61:f8:dc:7e:9e:3b:94:c0:8a:b3:
79:66:94:de:bd:b4:e7:4e:37:ad:35:f8:a0:6c:39:53:a7:d6:
a4:ee:56:d3:5b:59:0e:3f:39:8d:e6:f4:79:76:05:20:1d:64:
27:2e:f7:56:6b:a1:cb:a8:18:fc:0c:6f:90:73:91:0a:1f:7c:
6c:3c:66:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1Ta1VXLq9fyWgbDIeM2YccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI5MDQxMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzRlZGMzZDI5NzNmNjQyNTdlOWY3MDc2OGVkMzhjN2JiZTdkMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIixi+SqoQKmoGZxtRtCHmLu+lyr
cvZe+lOeNMQda+ltdU2iRETPlT1TC5oOTM4W9vhEBBfKd/MjKEJH8qG/kxYi3ntl
GNHYyWXT1g7towwzC6Qhgm23P+QRBb7e+2AEEYfLZKx8haUs+gaCpJimPIcavYlJ
TR+XpfshiHV6axRH4ixK8e9pS7Qi/ZJeOXZgDljtBC15FVGBSpTmjSJNd1o2VRWR
Tgz8dWUbKRf2jrla1LbIInsIeiD7a/VuciM8jNVZDGEIBXFAZdTjjyA4hJVfTdxS
2f9QmENx2BoVrq6q37JPW9lnIvDc6iTHhevu1beoH50uoJO6IEXfZ/S15QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFxO3D0pc/ZCV+n3B2jtOMe759GiMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWEU3Y1BTbHo5a0pYNmZjSGFPMDR4N3ZuMGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGVFMacQCyiauC/oR5d6
ZVNnSj8DOeNCPGh3sxatEwEvNN10BsW+hDSTn+yASWMAZRxRTbHsM42Z/IJ7HRuQ
oZvJvSYICbpmxKRWXYLr5wWRPmHBVNHBItL4z5pOh3HvTBKD7Z3SPc2GI6KaUwZn
POqrFD8Oz9Oo2G60+D3UfEa1whk2sPTYS8SMaTC+x8GYeaf934JbcsRNZ0vspBcK
NWIg7s9Y0QxQy5KWli9n2B2DTcWoaXEFbu+WjkHGYfjcfp47lMCKs3lmlN69tOdO
N601+KBsOVOn1qTuVtNbWQ4/OY3m9Hl2BSAdZCcu91ZrocuoGPwMb5BzkQoffGw8
Zhs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:21 2025 by rpki-client