Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aCW7oeaTJ0jxCcqYDwaP9x34HWI.roa
File: aCW7oeaTJ0jxCcqYDwaP9x34HWI.roa (raw, json)
Hash identifier: fkSqw/pTkP6Sqw7mjycgr4aGTotgrK/Xn7GQodl32Oo=
Subject key identifier: 68:25:BB:A1:E6:93:27:48:F1:09:CA:98:0F:06:8F:F7:1D:F8:1D:62
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5A7E4086CAF43549D2AB0B496579FE3F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aCW7oeaTJ0jxCcqYDwaP9x34HWI.roa
Signing time: Tue 30 Jan 2024 13:10:39 +0000
ROA not before: Tue 30 Jan 2024 13:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:7e:40:86:ca:f4:35:49:d2:ab:0b:49:65:79:fe:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 30 13:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6825bba1e6932748f109ca980f068ff71df81d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:48:08:b1:79:e5:bc:c9:bf:ad:56:30:ff:c9:
2f:11:62:26:ad:30:80:38:95:11:91:4c:2f:47:93:
ba:33:45:50:8c:a1:a9:e4:7f:1e:31:f8:13:f5:26:
14:eb:6c:c1:ab:75:ad:4f:b9:75:6b:7b:0f:97:6e:
f0:16:ae:a9:a1:5e:dc:31:6a:ad:7c:da:4f:e8:b4:
a5:f1:38:fc:71:a9:2b:5b:7e:f0:68:a9:46:42:00:
f6:cc:57:a5:50:8f:35:ba:ee:53:91:ba:e7:0d:ab:
bf:7d:5f:4e:bd:81:5f:a8:69:6d:6b:a7:5c:4f:0b:
32:2c:5b:a1:13:2e:72:6f:cb:d7:e5:b8:87:ed:51:
12:df:28:42:c7:66:78:e6:dc:da:aa:12:78:b5:f9:
a6:28:50:f8:f2:b0:bd:ba:cc:60:8d:89:81:03:66:
36:ca:7a:1c:23:33:d9:43:61:85:65:98:6a:4a:59:
83:93:42:cc:99:00:92:5a:57:72:e5:7e:a6:40:75:
21:b2:67:b1:8b:f4:06:4b:47:58:0c:f1:2a:31:a6:
cc:b0:55:1d:17:dc:d6:ca:6e:ff:1e:f9:b8:0a:55:
16:b7:e7:6a:ff:56:e5:24:70:d7:d8:14:24:bb:a2:
fe:f8:a7:e0:03:0b:69:10:5c:6c:61:14:91:d0:21:
97:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:25:BB:A1:E6:93:27:48:F1:09:CA:98:0F:06:8F:F7:1D:F8:1D:62
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aCW7oeaTJ0jxCcqYDwaP9x34HWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:71:63:c7:50:7c:6e:ef:f3:a8:23:24:d2:51:8b:e3:fc:89:
be:95:bd:52:f1:80:89:ab:f0:48:14:68:c7:dc:a7:fb:ed:4b:
61:fc:40:8d:72:56:f3:cd:e7:cb:74:a5:75:60:59:3e:10:8a:
a0:b8:32:74:1a:36:19:0e:0d:04:0d:d3:34:7f:3c:8e:4c:00:
72:f6:e2:97:6b:e0:61:da:8f:71:69:79:b6:96:51:35:73:68:
29:d7:b0:84:d9:82:09:bf:c0:88:66:9b:1b:41:21:64:e5:cd:
af:9c:e9:f0:29:9e:9f:f6:a1:a3:c3:41:a9:1b:94:4a:49:bc:
54:3d:fb:74:f7:8f:f0:89:5c:0a:d4:d8:e4:ad:43:ee:5b:55:
a6:63:40:d3:55:ec:e0:83:b3:42:0b:f4:f8:24:3b:96:ab:00:
1b:c7:8e:78:e8:af:cb:81:51:85:47:d2:13:d1:af:bc:81:10:
ed:64:2d:d6:d6:90:f4:78:48:d6:91:41:f7:42:34:68:36:de:
dd:5f:99:04:c5:51:be:0d:c7:52:28:56:b1:66:00:1b:75:99:
3f:2e:7f:c0:e6:9a:c2:e4:62:9a:ab:fe:9e:eb:7a:c7:98:06:
28:12:f5:e7:7a:26:60:54:22:58:ba:59:e3:ba:48:b1:91:50:
db:91:70:74
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1afkCGyvQ1SdKrC0llef4/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMwMTMxMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODI1YmJhMWU2OTMyNzQ4ZjEwOWNhOTgwZjA2OGZmNzFkZjgxZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkgIsXnlvMm/rVYw/8kvEWImrTCA
OJURkUwvR5O6M0VQjKGp5H8eMfgT9SYU62zBq3WtT7l1a3sPl27wFq6poV7cMWqt
fNpP6LSl8Tj8cakrW37waKlGQgD2zFelUI81uu5TkbrnDau/fV9OvYFfqGlta6dc
TwsyLFuhEy5yb8vX5biH7VES3yhCx2Z45tzaqhJ4tfmmKFD48rC9usxgjYmBA2Y2
ynocIzPZQ2GFZZhqSlmDk0LMmQCSWldy5X6mQHUhsmexi/QGS0dYDPEqMabMsFUd
F9zWym7/Hvm4ClUWt+dq/1blJHDX2BQku6L++KfgAwtpEFxsYRSR0CGXnQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGglu6HmkydI8QnKmA8Gj/cd+B1iMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYUNXN29lYVRKMGp4Q2NxWUR3YVA5eDM0SFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHNxY8dQfG7v86gjJNJR
i+P8ib6VvVLxgImr8EgUaMfcp/vtS2H8QI1yVvPN58t0pXVgWT4QiqC4MnQaNhkO
DQQN0zR/PI5MAHL24pdr4GHaj3FpebaWUTVzaCnXsITZggm/wIhmmxtBIWTlza+c
6fApnp/2oaPDQakblEpJvFQ9+3T3j/CJXArU2OStQ+5bVaZjQNNV7OCDs0IL9Pgk
O5arABvHjnjor8uBUYVH0hPRr7yBEO1kLdbWkPR4SNaRQfdCNGg23t1fmQTFUb4N
x1IoVrFmABt1mT8uf8DmmsLkYpqr/p7reseYBigS9ed6JmBUIli6WeO6SLGRUNuR
cHQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:34:59 2025 by rpki-client