Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_b3c3uF02bfXGAjJ39eJKo2uDHU.roa
File: _b3c3uF02bfXGAjJ39eJKo2uDHU.roa (raw, json)
Hash identifier: XoV5CB0dIpX76Ad2ondab3mAPzOu2gUWWW/sW7a5X0s=
Subject key identifier: FD:BD:DC:DE:E1:74:D9:B7:D7:18:08:C9:DF:D7:89:2A:8D:AE:0C:75
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D491CC9BF4EB4D3F59F20CDEB4D97FB95
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_b3c3uF02bfXGAjJ39eJKo2uDHU.roa
Signing time: Sat 27 Jan 2024 04:10:39 +0000
ROA not before: Sat 27 Jan 2024 04:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:49:1c:c9:bf:4e:b4:d3:f5:9f:20:cd:eb:4d:97:fb:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 27 04:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdbddcdee174d9b7d71808c9dfd7892a8dae0c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c3:74:09:7f:3d:61:0e:30:f8:f8:17:1d:97:
6d:b7:0c:e6:9b:69:01:f1:22:ce:1e:1c:4b:fd:9d:
dc:7c:53:fe:b3:e8:ad:b7:43:28:a4:e0:3d:5f:1d:
ea:63:d9:af:0e:c3:5c:89:78:20:2e:47:ac:7e:04:
e3:82:77:2c:15:1a:c5:85:8d:38:84:ab:e2:61:c6:
c9:d8:d6:14:d6:07:0d:a4:33:4a:ec:ff:b2:c3:86:
9b:23:e5:08:d8:2b:ed:88:cf:95:5a:88:fd:43:00:
82:c6:aa:83:2a:37:de:a4:a2:27:5d:1a:41:8c:f7:
b3:f0:52:ba:7b:7d:66:e6:4e:5b:03:b1:78:38:4e:
d7:77:32:74:63:3d:55:2a:ac:ce:28:89:a0:dd:27:
2a:6b:0f:24:2c:c8:c2:28:62:3d:1a:e8:7e:14:e7:
2a:69:c7:85:10:bd:d2:85:80:4b:4a:8d:6f:7b:49:
ec:10:27:af:08:9d:9a:d4:d8:72:9e:fe:b1:0a:4d:
e6:a7:02:72:a8:f9:f9:84:c8:94:aa:c0:45:3a:a9:
b2:ed:00:4b:5e:92:c2:ba:83:9a:d7:a4:18:02:3d:
11:93:8f:38:fa:7e:09:a0:86:0e:2d:05:b4:5b:c6:
c1:99:dc:4f:89:d9:74:0c:76:a9:21:35:3f:33:1b:
cc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:BD:DC:DE:E1:74:D9:B7:D7:18:08:C9:DF:D7:89:2A:8D:AE:0C:75
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_b3c3uF02bfXGAjJ39eJKo2uDHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
99:5d:f3:8c:ec:d0:b0:76:70:2b:df:10:e9:c0:99:de:d7:de:
3f:d3:6f:02:f5:36:8d:64:67:45:b0:99:7d:26:45:af:f9:18:
e3:82:98:ac:32:25:01:4f:7c:55:0f:30:13:db:53:9f:f8:81:
de:9c:f2:a5:87:06:e4:80:25:b0:62:78:44:fc:10:54:41:25:
9a:22:69:32:98:94:02:7e:28:36:d3:71:d0:92:f0:45:f8:6f:
4a:44:a4:47:5f:a1:89:78:f4:62:a1:25:56:6b:e6:bd:42:56:
2b:3a:7b:96:a3:95:15:68:16:b1:6b:8d:4c:c2:70:55:e4:99:
ff:61:dd:72:cd:91:7a:89:34:c3:54:0b:ee:67:b0:2c:24:a8:
c3:07:8c:d3:2d:d1:90:f7:e1:ed:99:c9:8e:b5:6f:6b:6e:e9:
b4:ad:bc:c8:8a:53:62:c9:c3:71:c1:b7:78:d9:73:8f:3b:6c:
6d:3b:fa:15:cf:36:b9:2c:39:14:2b:98:9b:f3:5b:4f:83:b8:
d6:e3:68:b6:4c:eb:ae:5b:16:80:c1:28:51:2f:3e:bb:a4:87:
1e:14:46:e9:22:58:50:02:17:4a:84:2a:e6:d5:dd:67:15:f0:
5b:af:d8:1d:65:92:36:92:2e:cf:06:60:b4:e4:d0:33:f7:13:
00:f8:c5:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1JHMm/TrTT9Z8gzetNl/uVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI3MDQxMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGJkZGNkZWUxNzRkOWI3ZDcxODA4YzlkZmQ3ODkyYThkYWUwYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMN0CX89YQ4w+PgXHZdttwzmm2kB
8SLOHhxL/Z3cfFP+s+itt0MopOA9Xx3qY9mvDsNciXggLkesfgTjgncsFRrFhY04
hKviYcbJ2NYU1gcNpDNK7P+yw4abI+UI2CvtiM+VWoj9QwCCxqqDKjfepKInXRpB
jPez8FK6e31m5k5bA7F4OE7XdzJ0Yz1VKqzOKImg3Scqaw8kLMjCKGI9Guh+FOcq
aceFEL3ShYBLSo1ve0nsECevCJ2a1Nhynv6xCk3mpwJyqPn5hMiUqsBFOqmy7QBL
XpLCuoOa16QYAj0Rk484+n4JoIYOLQW0W8bBmdxPidl0DHapITU/MxvMZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP293N7hdNm31xgIyd/XiSqNrgx1MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX2IzYzN1RjAyYmZYR0FqSjM5ZUpLbzJ1REhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJld84zs0LB2cCvfEOnA
md7X3j/TbwL1No1kZ0WwmX0mRa/5GOOCmKwyJQFPfFUPMBPbU5/4gd6c8qWHBuSA
JbBieET8EFRBJZoiaTKYlAJ+KDbTcdCS8EX4b0pEpEdfoYl49GKhJVZr5r1CVis6
e5ajlRVoFrFrjUzCcFXkmf9h3XLNkXqJNMNUC+5nsCwkqMMHjNMt0ZD34e2ZyY61
b2tu6bStvMiKU2LJw3HBt3jZc487bG07+hXPNrksORQrmJvzW0+DuNbjaLZM665b
FoDBKFEvPrukhx4URukiWFACF0qEKubV3WcV8Fuv2B1lkjaSLs8GYLTk0DP3EwD4
xSQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:16 2025 by rpki-client