Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_RbbEWpXSBL7gE9fmqAjkzG-oks.roa
File: _RbbEWpXSBL7gE9fmqAjkzG-oks.roa (raw, json)
Hash identifier: iox1/fqjILdbioSAqNmYG2E68zPXfjFqsZznVj5SJdM=
Subject key identifier: FD:16:DB:11:6A:57:48:12:FB:80:4F:5F:9A:A0:23:93:31:BE:A2:4B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C9B48F23531FB090530A8013B398FEFC3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_RbbEWpXSBL7gE9fmqAjkzG-oks.roa
Signing time: Sun 24 Dec 2023 10:04:58 +0000
ROA not before: Sun 24 Dec 2023 10:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:9b48:3770/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:9b:48:f2:35:31:fb:09:05:30:a8:01:3b:39:8f:ef:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 24 10:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd16db116a574812fb804f5f9aa0239331bea24b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:87:22:f7:82:61:af:00:94:28:86:2b:bb:c4:
70:82:2a:88:2b:dc:c0:e1:6a:e9:25:2f:9b:a1:3c:
05:75:2a:90:27:17:d0:5a:2b:91:78:52:56:03:37:
42:d9:9b:05:64:9a:80:db:aa:a1:10:17:0a:42:eb:
14:dc:95:8d:cf:97:b7:8f:db:51:60:9d:9e:23:ae:
7c:ca:fb:53:80:c0:7d:16:a6:a7:00:4e:ca:0a:e7:
05:ff:00:72:b7:cd:81:54:40:f7:d2:52:66:ab:8e:
86:eb:50:6c:45:46:e4:b8:4c:60:62:72:c3:b9:07:
a6:80:93:a5:64:21:c4:ea:86:bd:1f:b4:c4:8c:6c:
92:eb:67:f4:e7:0a:d6:fa:77:2d:14:c7:e0:5b:41:
84:71:5f:b9:8c:96:fb:81:2f:e4:1b:06:d6:39:2e:
2d:8a:23:f2:29:3c:ee:8f:4c:44:2e:f2:64:8a:81:
e8:79:81:15:d2:5c:df:bb:4d:cb:d8:00:2e:c6:18:
7c:2e:1c:50:11:b3:c6:fc:0f:5c:45:97:b1:57:22:
04:35:00:4d:a6:15:67:f4:36:19:2d:c7:77:c7:1a:
c9:b9:17:7a:0f:94:53:df:24:ea:94:8b:ca:38:ec:
77:83:8a:e4:da:ad:27:ee:4a:d3:15:a8:91:6a:b4:
7c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:16:DB:11:6A:57:48:12:FB:80:4F:5F:9A:A0:23:93:31:BE:A2:4B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_RbbEWpXSBL7gE9fmqAjkzG-oks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:b9:8c:ed:19:f9:59:fa:a1:b4:33:76:48:90:8d:72:56:cb:
90:1e:b2:58:c6:7f:9c:68:30:14:5a:cd:9e:92:bb:d5:d2:7f:
e7:55:0f:33:79:11:b1:77:05:c1:41:38:92:54:cb:40:d2:23:
1d:ca:db:ee:a6:a3:b0:78:82:32:9c:8a:10:7f:32:b5:7c:c5:
e3:b3:80:63:61:49:7b:ab:ff:33:ba:4b:ce:58:d4:78:08:5a:
6a:e7:32:14:0f:06:9f:ea:58:a9:b8:ef:0c:15:6b:b0:d0:c0:
f5:56:df:bd:f7:c2:6c:10:fa:91:4e:2a:45:e9:bf:77:bc:b1:
7a:ff:21:46:69:dd:cd:67:a3:d6:bf:ca:3e:08:9b:ae:7a:25:
85:63:57:ca:0a:26:2c:2c:0a:af:a0:f7:7c:e8:ce:65:c9:10:
35:e2:1c:12:a8:c3:54:8f:90:aa:27:fe:19:25:5a:22:12:35:
03:1f:2c:02:b8:75:20:2f:88:2a:18:89:83:fb:62:a7:68:1f:
ba:ab:7c:33:fb:8e:9e:e2:96:b3:34:c3:91:77:79:d4:b8:a8:
91:92:2d:ca:c1:d9:5e:95:e3:c3:55:0f:01:b5:4f:2c:28:56:
6c:64:8f:47:9f:a3:a9:b0:bd:94:df:38:ec:60:e9:b4:a1:26:
57:3b:41:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYybSPI1MfsJBTCoATs5j+/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI0MTAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDE2ZGIxMTZhNTc0ODEyZmI4MDRmNWY5YWEwMjM5MzMxYmVhMjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoci94JhrwCUKIYru8RwgiqIK9zA
4WrpJS+boTwFdSqQJxfQWiuReFJWAzdC2ZsFZJqA26qhEBcKQusU3JWNz5e3j9tR
YJ2eI658yvtTgMB9FqanAE7KCucF/wByt82BVED30lJmq46G61BsRUbkuExgYnLD
uQemgJOlZCHE6oa9H7TEjGyS62f05wrW+nctFMfgW0GEcV+5jJb7gS/kGwbWOS4t
iiPyKTzuj0xELvJkioHoeYEV0lzfu03L2AAuxhh8LhxQEbPG/A9cRZexVyIENQBN
phVn9DYZLcd3xxrJuRd6D5RT3yTqlIvKOOx3g4rk2q0n7krTFaiRarR87QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP0W2xFqV0gS+4BPX5qgI5MxvqJLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX1JiYkVXcFhTQkw3Z0U5Zm1xQWprekctb2tzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ25jO0Z+Vn6obQzdkiQ
jXJWy5AesljGf5xoMBRazZ6Su9XSf+dVDzN5EbF3BcFBOJJUy0DSIx3K2+6mo7B4
gjKcihB/MrV8xeOzgGNhSXur/zO6S85Y1HgIWmrnMhQPBp/qWKm47wwVa7DQwPVW
3733wmwQ+pFOKkXpv3e8sXr/IUZp3c1no9a/yj4Im656JYVjV8oKJiwsCq+g93zo
zmXJEDXiHBKow1SPkKon/hklWiISNQMfLAK4dSAviCoYiYP7YqdoH7qrfDP7jp7i
lrM0w5F3edS4qJGSLcrB2V6V48NVDwG1TywoVmxkj0efo6mwvZTfOOxg6bShJlc7
QdA=
-----END CERTIFICATE-----
Generated at Sun Apr 20 21:51:04 2025 by rpki-client