Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_2EoRO1PQf9NAYfwVkQJWWrz_GE.roa
File: _2EoRO1PQf9NAYfwVkQJWWrz_GE.roa (raw, json)
Hash identifier: 1RkFqiotqgamyJ/R7eenYPt/0HCZTPOqtP7hwsyfqhM=
Subject key identifier: FF:61:28:44:ED:4F:41:FF:4D:01:87:F0:56:44:09:59:6A:F3:FC:61
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0B14FC39ABA41835A0005F1190E35311
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_2EoRO1PQf9NAYfwVkQJWWrz_GE.roa
Signing time: Mon 15 Jan 2024 03:05:41 +0000
ROA not before: Mon 15 Jan 2024 03:05:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64:ffff:0:18d:b14:40e2/128 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0b:14:fc:39:ab:a4:18:35:a0:00:5f:11:90:e3:53:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 15 03:05:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff612844ed4f41ff4d0187f0564409596af3fc61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bb:a7:1f:a2:74:60:33:86:67:3a:6c:c7:a6:
be:d0:c2:7c:e1:45:e9:48:dc:4b:83:cc:d0:eb:1a:
f1:a6:80:b0:d5:46:21:af:d3:87:b3:27:8c:45:14:
79:c8:28:d4:f6:10:d3:d9:3a:a5:05:b9:10:7f:d3:
1a:3c:0e:2e:36:fc:ce:03:b2:56:c0:f0:63:74:8a:
ed:9a:35:f3:9d:23:d1:be:c2:ac:be:4c:99:fa:ca:
36:76:69:c2:6e:58:a2:fd:d8:2a:2a:94:ca:4f:52:
f0:6e:4d:a0:af:61:69:64:28:6f:f7:a2:8f:01:13:
40:98:92:c8:a2:8e:24:61:ea:1a:01:bd:ca:ec:77:
6a:cc:2c:11:ea:77:8d:1e:e0:d1:2a:2a:eb:34:b3:
dc:06:bb:85:1c:bf:0b:4a:20:fe:0b:ac:78:75:94:
5c:cf:95:ed:ba:b1:cb:9b:a1:5a:01:92:3b:68:c0:
79:3c:0e:15:5f:c4:3e:d1:c2:89:84:eb:6b:ad:4a:
15:cb:94:52:8a:15:e8:ca:4f:66:bf:4c:23:01:dc:
9f:1d:49:1b:2d:31:ff:8b:5d:8d:13:94:25:b6:26:
0b:de:d9:a4:ed:b4:32:e4:74:ae:4f:bf:92:11:ed:
22:e8:88:ff:0c:3b:7b:49:de:aa:9e:7a:fc:70:5f:
57:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:61:28:44:ED:4F:41:FF:4D:01:87:F0:56:44:09:59:6A:F3:FC:61
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_2EoRO1PQf9NAYfwVkQJWWrz_GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:1d:ed:67:a4:16:29:de:38:a9:76:8e:0a:6e:84:49:40:be:
8c:d9:bf:dc:1e:22:91:6d:b1:54:6f:69:36:ab:53:4f:f0:42:
03:d6:ee:1d:32:a0:18:62:f0:f4:e8:49:c0:26:0a:f3:7b:4e:
35:62:a9:90:c8:b9:51:fa:6b:cf:48:00:ba:d0:94:fb:32:4c:
eb:11:fe:8c:0f:b8:da:00:e3:89:1c:e3:0d:a7:e9:af:6d:bf:
6b:ca:ff:92:f4:55:d4:8c:ec:85:10:26:0e:56:5c:b1:79:ae:
13:be:b9:6f:4d:c6:3f:51:4e:ea:91:f6:1a:b2:3a:29:14:df:
31:53:a3:4c:a5:25:78:f7:3d:12:83:2e:ca:d8:b1:19:9e:50:
1d:ce:16:5d:8b:59:fc:f0:a7:c1:10:6b:fb:87:5d:5c:31:ca:
bd:9b:c9:8e:5b:61:c5:c6:dc:f8:46:f9:1d:c1:c8:3b:c8:ce:
12:d6:90:bc:21:d7:df:a4:ec:91:3d:70:43:48:03:08:1f:ba:
d6:a8:a1:09:7d:96:6e:b1:2e:fb:9e:6c:f7:6f:40:70:de:88:
36:12:eb:a3:3c:2c:26:ba:a4:99:43:fe:9f:81:09:81:ae:47:
76:2e:0d:ab:50:1c:2f:57:34:e6:6c:83:6a:04:21:da:c7:70:
9e:e6:ac:17
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0LFPw5q6QYNaAAXxGQ41MRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE1MDMwNTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjYxMjg0NGVkNGY0MWZmNGQwMTg3ZjA1NjQ0MDk1OTZhZjNmYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrunH6J0YDOGZzpsx6a+0MJ84UXp
SNxLg8zQ6xrxpoCw1UYhr9OHsyeMRRR5yCjU9hDT2TqlBbkQf9MaPA4uNvzOA7JW
wPBjdIrtmjXznSPRvsKsvkyZ+so2dmnCblii/dgqKpTKT1Lwbk2gr2FpZChv96KP
ARNAmJLIoo4kYeoaAb3K7HdqzCwR6neNHuDRKirrNLPcBruFHL8LSiD+C6x4dZRc
z5XturHLm6FaAZI7aMB5PA4VX8Q+0cKJhOtrrUoVy5RSihXoyk9mv0wjAdyfHUkb
LTH/i12NE5QltiYL3tmk7bQy5HSuT7+SEe0i6Ij/DDt7Sd6qnnr8cF9XuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP9hKETtT0H/TQGH8FZECVlq8/xhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvXzJFb1JPMVBRZjlOQVlmd1ZrUUpXV3J6X0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIkd7WekFineOKl2jgpu
hElAvozZv9weIpFtsVRvaTarU0/wQgPW7h0yoBhi8PToScAmCvN7TjViqZDIuVH6
a89IALrQlPsyTOsR/owPuNoA44kc4w2n6a9tv2vK/5L0VdSM7IUQJg5WXLF5rhO+
uW9Nxj9RTuqR9hqyOikU3zFTo0ylJXj3PRKDLsrYsRmeUB3OFl2LWfzwp8EQa/uH
XVwxyr2byY5bYcXG3PhG+R3ByDvIzhLWkLwh19+k7JE9cENIAwgfutaooQl9lm6x
LvuebPdvQHDeiDYS66M8LCa6pJlD/p+BCYGuR3YuDatQHC9XNOZsg2oEIdrHcJ7m
rBc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:03 2025 by rpki-client