Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aLC3mP3AaKObSZyXF_bR1mkF3ds.roa
File: aLC3mP3AaKObSZyXF_bR1mkF3ds.roa (raw, json)
Hash identifier: Npit7sKkh3TdCrXf2YcmlaAh4I3hOrQpXS5hEC4shJc=
Subject key identifier: 68:B0:B7:98:FD:C0:68:A3:9B:49:9C:97:17:F6:D1:D6:69:05:DD:DB
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D4DA11846759052F251F088BF7E8DDB65
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aLC3mP3AaKObSZyXF_bR1mkF3ds.roa
Signing time: Sun 28 Jan 2024 01:13:39 +0000
ROA not before: Sun 28 Jan 2024 01:13:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:4d:a1:18:46:75:90:52:f2:51:f0:88:bf:7e:8d:db:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 28 01:13:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68b0b798fdc068a39b499c9717f6d1d66905dddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:57:3a:2f:1b:eb:de:93:9f:f9:0f:d6:22:25:
dc:79:25:45:98:51:95:4c:4a:9e:18:15:e6:bf:63:
09:88:76:20:5a:d9:3f:c8:6a:55:65:0c:86:9b:e3:
c4:5d:04:25:85:bd:52:1f:a7:6a:09:c1:e7:fc:6d:
81:72:52:95:a5:47:dc:48:7a:ad:e7:c4:d4:73:2f:
96:b4:85:4f:04:b5:ac:f6:e1:42:8c:6d:08:5c:a1:
51:d7:d5:88:e6:50:64:df:22:a0:6c:f8:4b:a2:6e:
05:02:57:e3:81:e8:a3:13:8f:d9:3d:69:a3:2f:c7:
67:ea:1f:44:41:85:e6:b5:92:ec:36:ae:92:38:5c:
28:75:14:e3:75:77:81:1a:71:14:a7:65:58:00:5f:
f0:3a:b4:ce:f7:9e:64:90:28:b6:d9:5f:60:93:0a:
1d:af:9d:b6:91:48:d5:d4:43:fc:8f:9f:2a:78:1c:
f3:60:0e:63:ba:14:5d:ef:2f:e9:3d:41:97:f1:31:
cc:ed:13:d6:22:98:43:41:d7:02:52:a3:aa:57:18:
17:3f:ca:e2:b1:53:67:24:5b:cb:2f:2d:f8:ac:f9:
30:1d:72:fd:fd:fb:53:0e:ee:af:f6:70:e6:1d:77:
74:ce:4a:35:4d:78:62:fb:3b:fa:7d:90:af:3e:91:
b0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B0:B7:98:FD:C0:68:A3:9B:49:9C:97:17:F6:D1:D6:69:05:DD:DB
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aLC3mP3AaKObSZyXF_bR1mkF3ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:5a:61:13:6f:20:2c:25:c0:9a:12:17:1a:2e:50:24:31:67:
be:9c:f6:06:82:16:e7:3b:bf:16:bc:9a:31:3d:1c:71:22:a6:
2d:35:56:0d:37:36:0b:92:e6:30:a0:c4:a7:4e:f3:20:d5:f9:
9c:d2:dc:ce:c0:36:d1:db:ad:ff:8d:0e:fe:c3:db:94:16:23:
05:97:83:d9:75:e9:83:f0:5a:ab:dd:07:0c:76:ae:89:c0:f8:
21:97:be:13:37:18:04:65:b4:ac:35:7b:a3:6e:95:00:e5:89:
0f:84:37:8a:cb:9f:85:09:39:47:e4:e4:a0:da:b8:af:7b:04:
02:e5:fb:56:c1:11:e6:15:b3:63:f7:8a:f2:f4:45:2a:7a:e0:
4d:e1:d9:40:cb:aa:17:97:c3:db:f0:f0:0d:8d:71:7c:fd:e5:
06:94:38:ba:df:ad:af:4e:ec:75:19:4f:88:52:15:39:39:09:
09:38:78:66:92:13:d7:ea:f8:8f:bb:ef:80:fb:84:f9:d1:99:
67:35:1a:59:8a:59:73:45:2e:08:5e:05:b9:93:c1:f9:94:dc:
86:ec:1a:9b:ed:87:2b:f9:0a:19:8f:48:79:12:85:67:2a:66:
8e:c8:2d:a3:95:9a:ee:e8:d0:d7:e9:2e:3b:17:92:1d:e1:7b:
33:a8:b4:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1NoRhGdZBS8lHwiL9+jdtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI4MDExMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGIwYjc5OGZkYzA2OGEzOWI0OTljOTcxN2Y2ZDFkNjY5MDVkZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFc6Lxvr3pOf+Q/WIiXceSVFmFGV
TEqeGBXmv2MJiHYgWtk/yGpVZQyGm+PEXQQlhb1SH6dqCcHn/G2BclKVpUfcSHqt
58TUcy+WtIVPBLWs9uFCjG0IXKFR19WI5lBk3yKgbPhLom4FAlfjgeijE4/ZPWmj
L8dn6h9EQYXmtZLsNq6SOFwodRTjdXeBGnEUp2VYAF/wOrTO955kkCi22V9gkwod
r522kUjV1EP8j58qeBzzYA5juhRd7y/pPUGX8THM7RPWIphDQdcCUqOqVxgXP8ri
sVNnJFvLLy34rPkwHXL9/ftTDu6v9nDmHXd0zko1TXhi+zv6fZCvPpGw4wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGiwt5j9wGijm0mclxf20dZpBd3bMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYUxDM21QM0FhS09iU1p5WEZfYlIxbWtGM2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEJaYRNvICwlwJoSFxou
UCQxZ76c9gaCFuc7vxa8mjE9HHEipi01Vg03NguS5jCgxKdO8yDV+ZzS3M7ANtHb
rf+NDv7D25QWIwWXg9l16YPwWqvdBwx2ronA+CGXvhM3GARltKw1e6NulQDliQ+E
N4rLn4UJOUfk5KDauK97BALl+1bBEeYVs2P3ivL0RSp64E3h2UDLqheXw9vw8A2N
cXz95QaUOLrfra9O7HUZT4hSFTk5CQk4eGaSE9fq+I+774D7hPnRmWc1GlmKWXNF
LgheBbmTwfmU3IbsGpvthyv5ChmPSHkShWcqZo7ILaOVmu7o0NfpLjsXkh3hezOo
tPs=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:15:30 2025 by rpki-client