Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_rjz77CwL1UeYMEEL7qqpLWQvFM.roa
File: _rjz77CwL1UeYMEEL7qqpLWQvFM.roa (raw, json)
Hash identifier: a644DP3X/79S1Ofyiu5pkz0rWzlYu0ahfA6hrCDYLhE=
Subject key identifier: FE:B8:F3:EF:B0:B0:2F:55:1E:60:C1:04:2F:BA:AA:A4:B5:90:BC:53
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DBA6DE95D76CCDEC04602A7D6673A405C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_rjz77CwL1UeYMEEL7qqpLWQvFM.roa
Signing time: Sun 18 Feb 2024 04:16:21 +0000
ROA not before: Sun 18 Feb 2024 04:16:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ba:6d:e9:5d:76:cc:de:c0:46:02:a7:d6:67:3a:40:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 18 04:16:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=feb8f3efb0b02f551e60c1042fbaaaa4b590bc53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c3:d2:7f:2f:61:89:f7:02:57:3a:d8:02:98:
bc:b0:5e:22:1d:0b:99:a3:ad:3f:9a:f4:52:6d:da:
93:25:0a:86:c5:14:fd:c6:72:01:81:1e:ef:10:ae:
c7:83:a3:79:74:e1:04:6e:06:d8:d1:29:98:c7:84:
e2:ca:f8:ba:e0:68:95:6b:cb:e0:4a:b2:15:61:5b:
7e:b2:a4:9e:48:bb:f0:7b:a5:cc:b2:e9:53:28:df:
fa:78:73:61:87:c4:07:13:30:6b:12:49:7e:95:7b:
17:5d:85:fb:30:60:d3:ff:30:72:c1:d3:7f:22:b4:
79:ff:6f:8d:6c:69:ac:bf:08:26:a8:ce:07:b9:dd:
52:b6:8f:8c:9c:41:75:7e:e8:33:9c:21:a7:3f:f7:
35:c3:b3:50:52:b1:24:5c:6e:ea:a8:9b:8c:b0:ac:
d0:03:e8:e7:d4:be:49:13:fd:6d:31:14:9e:dc:1b:
5e:fb:22:44:63:45:a2:1e:dd:81:72:fa:64:93:9f:
94:e2:a0:c9:a8:bc:33:e4:81:9e:3f:ee:ce:d4:64:
74:92:c8:c2:6e:55:13:e8:bb:76:59:98:a3:a1:62:
a6:56:e1:85:59:c1:75:fe:5a:9f:c6:84:d7:a3:bc:
5b:f6:b7:12:1e:b2:81:98:4c:20:c2:61:78:70:49:
64:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B8:F3:EF:B0:B0:2F:55:1E:60:C1:04:2F:BA:AA:A4:B5:90:BC:53
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/_rjz77CwL1UeYMEEL7qqpLWQvFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
10:5a:ea:16:7f:8e:11:87:99:d3:b1:6e:42:7b:f5:c1:8d:66:
a2:e8:27:b7:bf:15:38:af:fa:e4:70:43:b7:ce:eb:d5:b5:6e:
68:a1:17:dd:71:d4:72:70:5d:69:2d:de:d2:9d:e8:84:23:08:
d7:0a:85:56:2b:f0:54:21:44:8e:95:1b:05:1b:72:81:f3:ed:
45:81:a3:3f:fe:82:6e:2f:55:95:6d:6e:b7:4d:95:40:93:d1:
44:94:d2:3a:5b:5e:8d:89:66:63:be:ce:ca:17:7b:a8:97:2d:
9f:5f:ad:2b:cc:74:7a:b9:c5:f9:f1:60:26:91:89:e3:b8:80:
10:1a:85:ea:a4:06:9a:d1:75:d4:cb:41:d8:d1:9c:1d:bd:c1:
1f:05:72:59:a8:ae:c7:a4:f2:f7:8e:c5:31:07:43:05:5b:83:
3a:d8:c9:89:26:a4:06:b8:90:2f:c9:e2:8b:19:6e:7e:54:e5:
7b:cb:d6:8f:7c:b6:f3:58:08:43:7b:12:34:ab:aa:16:fc:ad:
47:96:28:40:39:71:56:60:4b:41:bf:9e:2d:66:4b:5f:b0:1d:
12:b9:c8:8b:ac:f9:c7:60:ba:fd:21:3d:b8:1b:4e:a3:7e:1b:
25:8b:1b:01:18:e9:91:30:d3:f8:a7:9d:e6:cd:d3:5a:b3:4e:
8e:e1:ff:16
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY26belddszewEYCp9ZnOkBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE4MDQxNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWI4ZjNlZmIwYjAyZjU1MWU2MGMxMDQyZmJhYWFhNGI1OTBiYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsPSfy9hifcCVzrYApi8sF4iHQuZ
o60/mvRSbdqTJQqGxRT9xnIBgR7vEK7Hg6N5dOEEbgbY0SmYx4Tiyvi64GiVa8vg
SrIVYVt+sqSeSLvwe6XMsulTKN/6eHNhh8QHEzBrEkl+lXsXXYX7MGDT/zBywdN/
IrR5/2+NbGmsvwgmqM4Hud1Sto+MnEF1fugznCGnP/c1w7NQUrEkXG7qqJuMsKzQ
A+jn1L5JE/1tMRSe3Bte+yJEY0WiHt2Bcvpkk5+U4qDJqLwz5IGeP+7O1GR0ksjC
blUT6Lt2WZijoWKmVuGFWcF1/lqfxoTXo7xb9rcSHrKBmEwgwmF4cElkIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFP648++wsC9VHmDBBC+6qqS1kLxTMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvX3Jqejc3Q3dMMVVlWU1FRUw3cXFwTFdRdkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABBa6hZ/jhGHmdOxbkJ7
9cGNZqLoJ7e/FTiv+uRwQ7fO69W1bmihF91x1HJwXWkt3tKd6IQjCNcKhVYr8FQh
RI6VGwUbcoHz7UWBoz/+gm4vVZVtbrdNlUCT0USU0jpbXo2JZmO+zsoXe6iXLZ9f
rSvMdHq5xfnxYCaRieO4gBAaheqkBprRddTLQdjRnB29wR8Fclmorsek8veOxTEH
QwVbgzrYyYkmpAa4kC/J4osZbn5U5XvL1o98tvNYCEN7EjSrqhb8rUeWKEA5cVZg
S0G/ni1mS1+wHRK5yIus+cdguv0hPbgbTqN+GyWLGwEY6ZEw0/innebN01qzTo7h
/xY=
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:13:44 2025 by rpki-client