Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_A616Us2XY30-iNsfHmh88RhzNg.roa
File: _A616Us2XY30-iNsfHmh88RhzNg.roa (raw, json)
Hash identifier: XKLkO4ecRuSbqwjmK1rm6EayDQNksGrieVDaZEOU//s=
Subject key identifier: FC:0E:B5:E9:4B:36:5D:8D:F4:FA:23:6C:7C:79:A1:F3:C4:61:CC:D8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D75C00AB760B8D1D02426442333137593
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_A616Us2XY30-iNsfHmh88RhzNg.roa
Signing time: Sun 04 Feb 2024 20:12:16 +0000
ROA not before: Sun 04 Feb 2024 20:12:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:75:c0:0a:b7:60:b8:d1:d0:24:26:44:23:33:13:75:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 4 20:12:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc0eb5e94b365d8df4fa236c7c79a1f3c461ccd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:03:b7:f0:3a:37:5b:89:ca:dd:e7:8a:60:
a3:77:d9:ff:81:6e:e4:46:73:e9:cf:ef:21:58:f2:
03:ec:aa:ff:ba:4f:8a:d8:12:e6:62:8e:d7:7e:e8:
6a:17:27:ed:f2:c2:6b:ad:d0:b6:d9:2e:eb:d7:ba:
31:ce:d5:3c:6b:53:71:09:33:8f:c8:48:79:3e:33:
da:8f:c1:d9:4a:54:b8:69:a8:35:fe:92:06:f6:81:
76:52:10:46:f5:ea:ce:50:cf:f0:7f:13:66:06:d9:
ce:8e:b9:d4:11:aa:e4:45:d1:88:04:df:de:f0:31:
d1:b8:09:fb:f8:7c:61:5a:d3:cd:e8:a4:a9:82:23:
80:2c:a1:48:35:78:29:6d:49:3c:c4:80:8b:4a:97:
39:ee:38:75:42:4f:29:21:4f:34:60:84:3f:75:bc:
9b:38:19:c2:d9:93:f6:7d:5b:2c:1a:f2:4d:1f:e8:
cf:db:77:fd:0b:c0:61:66:f9:5a:33:b5:15:98:4f:
b8:06:89:a1:89:52:8d:ea:7b:23:2b:de:52:57:f4:
f1:78:5a:57:69:67:65:77:39:20:2c:81:31:d1:49:
26:f7:45:0c:e0:71:57:e5:e3:b0:26:86:fb:31:f8:
e6:38:4b:ed:87:ee:a6:42:3a:64:da:c5:69:53:d5:
40:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:0E:B5:E9:4B:36:5D:8D:F4:FA:23:6C:7C:79:A1:F3:C4:61:CC:D8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_A616Us2XY30-iNsfHmh88RhzNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:34:ae:f1:d2:dc:dd:95:c2:ff:06:52:5e:d9:0d:22:75:18:
1c:81:1a:93:e6:67:9a:f8:ea:ab:4d:53:3f:51:6f:c7:f2:85:
3e:a8:7e:2e:13:7b:58:3b:7b:92:d6:f8:b5:27:98:e2:ce:4f:
8c:b9:f8:16:2e:15:37:73:e0:8c:a8:f9:d9:7b:76:ca:28:5a:
84:09:d9:ee:a1:55:06:f3:eb:90:46:62:e9:0c:18:6e:04:5c:
3b:42:6f:2d:a9:cf:c3:94:73:70:0d:bc:00:e9:59:fb:8c:bf:
42:65:4f:8d:83:74:37:1c:b9:61:ec:75:62:3d:b5:da:b4:c8:
0c:2b:a8:6b:86:01:a2:63:e6:b0:81:b2:63:a4:b8:a4:d7:4b:
35:29:b2:e7:08:74:ad:80:6a:f8:91:6c:8b:6a:43:ee:31:08:
91:af:c7:d8:e0:6c:50:70:01:a4:16:8e:0b:dc:39:d8:65:f7:
0d:f3:53:1d:d6:44:e9:75:99:66:1f:aa:f6:79:39:60:e4:d9:
d0:eb:02:3e:bf:7a:16:aa:ba:52:aa:68:17:c5:fd:e1:77:32:
bd:82:39:38:fc:f7:27:7d:4f:83:7c:b2:9a:a6:a6:11:09:85:
13:2d:2f:5a:e9:8a:34:01:34:a2:d1:11:f1:68:c6:cd:5a:a2:
57:13:d6:72
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY11wAq3YLjR0CQmRCMzE3WTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA0MjAxMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzBlYjVlOTRiMzY1ZDhkZjRmYTIzNmM3Yzc5YTFmM2M0NjFjY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzgDt/A6N1uJyt3nimCjd9n/gW7k
RnPpz+8hWPID7Kr/uk+K2BLmYo7XfuhqFyft8sJrrdC22S7r17oxztU8a1NxCTOP
yEh5PjPaj8HZSlS4aag1/pIG9oF2UhBG9erOUM/wfxNmBtnOjrnUEarkRdGIBN/e
8DHRuAn7+HxhWtPN6KSpgiOALKFINXgpbUk8xICLSpc57jh1Qk8pIU80YIQ/dbyb
OBnC2ZP2fVssGvJNH+jP23f9C8BhZvlaM7UVmE+4BomhiVKN6nsjK95SV/TxeFpX
aWdldzkgLIEx0Ukm90UM4HFX5eOwJob7MfjmOEvth+6mQjpk2sVpU9VApQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPwOtelLNl2N9PojbHx5ofPEYczYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX0E2MTZVczJYWTMwLWlOc2ZIbWg4OFJoek5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADQ0rvHS3N2Vwv8GUl7Z
DSJ1GByBGpPmZ5r46qtNUz9Rb8fyhT6ofi4Te1g7e5LW+LUnmOLOT4y5+BYuFTdz
4Iyo+dl7dsooWoQJ2e6hVQbz65BGYukMGG4EXDtCby2pz8OUc3ANvADpWfuMv0Jl
T42DdDccuWHsdWI9tdq0yAwrqGuGAaJj5rCBsmOkuKTXSzUpsucIdK2AaviRbItq
Q+4xCJGvx9jgbFBwAaQWjgvcOdhl9w3zUx3WROl1mWYfqvZ5OWDk2dDrAj6/ehaq
ulKqaBfF/eF3Mr2COTj89yd9T4N8spqmphEJhRMtL1rpijQBNKLREfFoxs1aolcT
1nI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:15 2025 by rpki-client