Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XYsQIsOIj9Sf8v9rOWBKzIYCYI0.roa
File: XYsQIsOIj9Sf8v9rOWBKzIYCYI0.roa (raw, json)
Hash identifier: hUo8E+ON/0wnr6mETI2RLtIlqzfbA4lUL3PsPALGZJo=
Subject key identifier: 5D:8B:10:22:C3:88:8F:D4:9F:F2:FF:6B:39:60:4A:CC:86:02:60:8D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CB991A2564FC8129D2C0F0E297C869499
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XYsQIsOIj9Sf8v9rOWBKzIYCYI0.roa
Signing time: Sat 30 Dec 2023 07:12:58 +0000
ROA not before: Sat 30 Dec 2023 07:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b9:91:a2:56:4f:c8:12:9d:2c:0f:0e:29:7c:86:94:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 30 07:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d8b1022c3888fd49ff2ff6b39604acc8602608d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:13:07:c7:d5:1e:e2:56:c6:da:cf:fb:e4:
66:26:4d:31:e3:ab:27:17:8c:17:4d:61:eb:08:75:
14:bb:63:64:c8:a7:69:cc:ee:5d:ff:11:55:54:c7:
72:4f:e2:01:e4:39:90:1f:c3:66:4e:4c:20:87:7f:
a2:d3:1b:72:94:69:a4:d9:2c:a5:29:f2:2a:49:dd:
58:ab:4c:fa:a4:91:9b:b9:0a:8d:82:ab:8b:c5:be:
0f:7f:2b:3e:e0:74:6d:b5:40:cd:65:9b:f0:4c:28:
e9:92:c2:db:48:b6:ab:d1:6e:df:17:3f:8b:33:3e:
22:d5:d6:da:46:0b:3d:af:b6:13:c1:79:32:21:e7:
74:3a:94:37:59:9a:e1:f4:5c:c4:d2:07:79:96:36:
a6:a6:c8:6d:c1:32:43:2d:42:cd:6a:fa:79:3c:6b:
81:59:96:72:e5:61:37:0d:86:59:59:dc:e0:a1:70:
a5:42:53:1d:03:c5:38:24:c3:af:0f:65:35:74:ea:
bf:46:46:60:5c:86:7a:3d:68:b3:d4:ce:c1:e7:40:
dd:99:b1:a9:7c:72:69:07:c5:bf:b8:00:98:ab:1f:
55:fe:06:6e:b9:c3:77:fd:3d:8e:67:f0:66:af:a2:
9f:ae:a9:58:35:62:99:2b:fd:f7:50:58:07:32:2e:
7d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8B:10:22:C3:88:8F:D4:9F:F2:FF:6B:39:60:4A:CC:86:02:60:8D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XYsQIsOIj9Sf8v9rOWBKzIYCYI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
81:bb:d4:ce:05:4f:89:9e:d6:14:d1:1b:84:44:c7:66:fe:da:
b3:7b:f1:0b:3d:f6:9d:fb:48:17:b0:f1:4a:37:10:3e:44:3a:
9b:fd:94:9e:ea:15:ec:9f:45:1d:10:83:86:2f:d0:15:c6:7d:
38:cb:ca:26:a7:99:2d:0c:3b:64:83:56:4c:cb:bd:96:4f:81:
39:81:20:30:85:35:ee:58:9f:99:a1:d8:61:91:36:10:eb:00:
02:79:df:92:53:b0:20:53:07:5d:7e:f4:80:b9:32:6a:ec:e9:
50:9a:20:d9:30:2a:61:93:c1:d3:68:64:90:f7:dc:74:18:e8:
38:cc:e6:ff:df:39:78:3b:37:ab:d9:f1:61:d8:a2:cc:19:38:
e0:54:b0:fe:d4:22:8f:9d:85:6c:45:6b:4b:58:52:08:6c:e3:
6a:1f:64:ea:8e:6a:46:12:cc:f2:b4:47:27:bb:56:be:70:54:
c1:49:3f:c8:3b:58:62:89:92:9a:8d:0e:ba:61:fd:ea:14:1d:
a4:4b:db:67:5f:14:3c:43:8d:c5:31:7c:36:55:a4:df:e1:3b:
63:94:a7:4c:97:eb:2c:0c:ab:c8:e9:58:14:27:d4:8b:46:11:
a4:24:51:99:90:0f:70:b3:e0:dd:e1:c9:bc:49:67:c8:2d:a2:
2d:71:c3:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy5kaJWT8gSnSwPDil8hpSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMwMDcxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhiMTAyMmMzODg4ZmQ0OWZmMmZmNmIzOTYwNGFjYzg2MDI2MDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfETB8fVHuJWxtrP++RmJk0x46sn
F4wXTWHrCHUUu2NkyKdpzO5d/xFVVMdyT+IB5DmQH8NmTkwgh3+i0xtylGmk2Syl
KfIqSd1Yq0z6pJGbuQqNgquLxb4Pfys+4HRttUDNZZvwTCjpksLbSLar0W7fFz+L
Mz4i1dbaRgs9r7YTwXkyIed0OpQ3WZrh9FzE0gd5ljampshtwTJDLULNavp5PGuB
WZZy5WE3DYZZWdzgoXClQlMdA8U4JMOvD2U1dOq/RkZgXIZ6PWiz1M7B50DdmbGp
fHJpB8W/uACYqx9V/gZuucN3/T2OZ/Bmr6KfrqlYNWKZK/33UFgHMi59uQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF2LECLDiI/Un/L/azlgSsyGAmCNMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWFlzUUlzT0lqOVNmOHY5ck9XQkt6SVlDWUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIG71M4FT4me1hTRG4RE
x2b+2rN78Qs99p37SBew8Uo3ED5EOpv9lJ7qFeyfRR0Qg4Yv0BXGfTjLyianmS0M
O2SDVkzLvZZPgTmBIDCFNe5Yn5mh2GGRNhDrAAJ535JTsCBTB11+9IC5Mmrs6VCa
INkwKmGTwdNoZJD33HQY6DjM5v/fOXg7N6vZ8WHYoswZOOBUsP7UIo+dhWxFa0tY
Ughs42ofZOqOakYSzPK0Rye7Vr5wVMFJP8g7WGKJkpqNDrph/eoUHaRL22dfFDxD
jcUxfDZVpN/hO2OUp0yX6ywMq8jpWBQn1ItGEaQkUZmQD3Cz4N3hybxJZ8gtoi1x
w9A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:09 2025 by rpki-client