Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XhP0gkX3NhRzKKNrye7NWrvQfso.roa
File: XhP0gkX3NhRzKKNrye7NWrvQfso.roa (raw, json)
Hash identifier: mfDTcvsRCOfIdjegqKDycp3i39S6/byjE0LVMPv7Zsg=
Subject key identifier: 5E:13:F4:82:45:F7:36:14:73:28:A3:6B:C9:EE:CD:5A:BB:D0:7E:CA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D49C1944C2C9E22B7E514F994BA9C46DC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XhP0gkX3NhRzKKNrye7NWrvQfso.roa
Signing time: Sat 27 Jan 2024 07:10:39 +0000
ROA not before: Sat 27 Jan 2024 07:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:49:c1:94:4c:2c:9e:22:b7:e5:14:f9:94:ba:9c:46:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 27 07:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e13f48245f736147328a36bc9eecd5abbd07eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1e:0a:9e:9d:7e:e5:ea:00:fc:72:33:24:88:
c9:c2:51:61:b8:94:69:ec:d9:9b:11:cd:af:53:6f:
86:46:5e:c0:39:93:d0:0e:a2:e4:42:60:dc:4c:50:
e5:f6:0e:c7:f5:e4:d8:fb:2c:62:9e:00:75:62:cb:
bc:0d:43:10:87:81:8a:2f:98:da:6f:cb:89:13:e8:
a6:62:21:d4:78:dd:17:79:bb:af:92:aa:fa:13:b3:
6b:41:af:22:59:4a:56:5b:22:bb:2a:c0:f1:fa:92:
f9:a7:3c:4b:02:c4:78:cd:9b:69:40:77:c8:5a:2e:
12:4e:57:ff:d2:70:24:2b:78:aa:25:27:2c:a3:d9:
c4:3f:4c:e9:aa:2a:94:39:c0:20:2d:e1:2b:e9:fb:
92:65:5e:9f:0e:38:c9:cb:9c:65:df:c6:69:f2:78:
e6:73:db:ff:3a:b0:bb:5e:21:97:ea:2a:4e:f2:94:
9e:b8:03:09:76:61:55:0a:4e:79:94:be:21:55:ef:
40:d9:e3:98:b8:1c:cf:7a:e7:bc:9a:8f:ca:b1:b6:
ef:c4:9a:f4:9a:58:b3:7c:ed:64:fb:00:34:78:b8:
75:36:70:78:ab:54:82:7f:96:2e:02:63:6c:37:06:
82:a9:68:1d:03:4b:f4:7e:59:58:f4:e8:4a:b0:99:
77:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:13:F4:82:45:F7:36:14:73:28:A3:6B:C9:EE:CD:5A:BB:D0:7E:CA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/XhP0gkX3NhRzKKNrye7NWrvQfso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0c:c6:0a:74:ee:dc:25:7f:c5:98:35:20:51:0d:6e:a9:5c:e3:
14:51:42:d0:1e:2a:13:32:24:38:31:c4:dd:09:73:6f:73:9d:
1b:70:26:7b:67:bd:f4:35:5c:48:08:b7:93:42:41:40:ba:14:
15:ab:7d:08:c9:e4:aa:d6:ae:c7:38:81:fa:ec:0b:9b:5f:9b:
ad:44:94:07:74:68:22:24:e6:e8:6d:93:4f:bc:05:72:37:09:
49:f8:6e:8b:d5:fb:d6:3a:95:f5:88:9c:8e:4b:91:6f:0d:b8:
9f:af:5e:be:02:2d:1a:7a:49:d1:fe:c1:c4:bd:6b:d5:fa:88:
29:93:ad:b6:69:56:c3:c1:78:0b:58:e0:df:62:d9:cd:06:bf:
9b:ae:58:fe:6a:76:b2:40:62:1c:ad:8a:42:b2:47:31:54:d5:
02:b5:7d:69:5d:26:28:49:3f:fe:9f:db:a6:9a:63:df:82:85:
8c:dd:ed:9b:f3:0f:38:07:01:b4:ac:b6:77:7b:ac:92:8b:4f:
c3:93:36:8a:22:b3:c6:9f:64:ca:2e:89:20:a2:cb:9f:fc:86:
22:d6:f9:7e:b9:a1:d6:82:49:7f:96:8c:de:30:19:cb:38:c9:
b5:82:3a:e5:7e:c3:7b:cd:d9:e1:86:e4:ac:30:6a:9e:20:32:
9b:87:0f:60
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1JwZRMLJ4it+UU+ZS6nEbcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI3MDcxMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTEzZjQ4MjQ1ZjczNjE0NzMyOGEzNmJjOWVlY2Q1YWJiZDA3ZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkR4Knp1+5eoA/HIzJIjJwlFhuJRp
7NmbEc2vU2+GRl7AOZPQDqLkQmDcTFDl9g7H9eTY+yxingB1Ysu8DUMQh4GKL5ja
b8uJE+imYiHUeN0Xebuvkqr6E7NrQa8iWUpWWyK7KsDx+pL5pzxLAsR4zZtpQHfI
Wi4STlf/0nAkK3iqJScso9nEP0zpqiqUOcAgLeEr6fuSZV6fDjjJy5xl38Zp8njm
c9v/OrC7XiGX6ipO8pSeuAMJdmFVCk55lL4hVe9A2eOYuBzPeue8mo/KsbbvxJr0
mlizfO1k+wA0eLh1NnB4q1SCf5YuAmNsNwaCqWgdA0v0fllY9OhKsJl3/wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF4T9IJF9zYUcyija8nuzVq70H7KMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvWGhQMGdrWDNOaFJ6S0tOcnllN05XcnZRZnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAzGCnTu3CV/xZg1IFEN
bqlc4xRRQtAeKhMyJDgxxN0Jc29znRtwJntnvfQ1XEgIt5NCQUC6FBWrfQjJ5KrW
rsc4gfrsC5tfm61ElAd0aCIk5uhtk0+8BXI3CUn4bovV+9Y6lfWInI5LkW8NuJ+v
Xr4CLRp6SdH+wcS9a9X6iCmTrbZpVsPBeAtY4N9i2c0Gv5uuWP5qdrJAYhytikKy
RzFU1QK1fWldJihJP/6f26aaY9+ChYzd7ZvzDzgHAbSstnd7rJKLT8OTNoois8af
ZMouiSCiy5/8hiLW+X65odaCSX+WjN4wGcs4ybWCOuV+w3vN2eGG5Kwwap4gMpuH
D2A=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:45:06 2025 by rpki-client