Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aM57fBfXpa95n4x4MqDB70XbUF8.roa
File: aM57fBfXpa95n4x4MqDB70XbUF8.roa (raw, json)
Hash identifier: gtG8k8/1dsQ0qICWjN53drEvrwjAbdaCMRTNFbaYC10=
Subject key identifier: 68:CE:7B:7C:17:D7:A5:AF:79:9F:8C:78:32:A0:C1:EF:45:DB:50:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D238F51A10F4FC5271E0D66CE693A47B3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aM57fBfXpa95n4x4MqDB70XbUF8.roa
Signing time: Fri 19 Jan 2024 21:10:11 +0000
ROA not before: Fri 19 Jan 2024 21:10:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:23:8f:51:a1:0f:4f:c5:27:1e:0d:66:ce:69:3a:47:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 19 21:10:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68ce7b7c17d7a5af799f8c7832a0c1ef45db505f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a0:00:46:a5:30:e2:00:ea:d2:9b:bf:7b:f3:
8d:49:b3:69:c5:0e:a9:f5:14:32:8b:db:1d:ea:32:
f2:68:c1:f2:83:58:d5:d6:c3:73:08:5f:6d:cd:44:
68:39:14:6c:48:01:92:0c:e1:59:8a:25:bd:cc:73:
a6:da:c8:54:eb:3e:a4:c0:ef:da:fc:a5:f3:c6:1a:
1e:0e:68:36:6c:11:2e:69:83:a5:78:aa:dd:10:7e:
c1:2a:e7:fa:c9:2c:54:04:57:7e:5c:76:ff:c8:04:
c6:50:cd:f3:00:5e:da:30:fd:ac:45:35:2a:2a:a9:
7d:b8:50:45:f4:41:be:50:03:2e:94:ad:92:78:0c:
4c:e3:00:42:3f:c6:5a:c2:ce:5b:71:79:58:e2:ce:
ad:92:8b:e2:bc:31:76:ee:db:82:8b:08:72:90:d5:
6a:d6:c6:50:14:0a:e5:c6:4f:38:6c:25:69:b2:3d:
5d:3b:6b:11:64:47:71:e9:07:60:e1:a4:e8:fc:3a:
78:45:e7:e3:b0:75:bf:63:e2:74:af:8c:02:d5:9f:
cf:97:9e:9e:e2:99:70:c6:e8:0d:cc:90:38:6b:74:
9c:e5:ab:2f:a2:a5:13:c3:3c:7e:10:0e:18:79:94:
e6:26:d3:2c:c1:26:1a:43:fd:b5:49:a0:ce:61:96:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CE:7B:7C:17:D7:A5:AF:79:9F:8C:78:32:A0:C1:EF:45:DB:50:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aM57fBfXpa95n4x4MqDB70XbUF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
34:41:5f:d8:b6:21:fe:72:87:c5:ab:91:f9:3d:c3:e0:e9:37:
bd:0e:ca:f0:29:1d:85:d8:92:48:c9:3f:56:b4:7a:dc:aa:db:
8e:9b:ee:02:ae:5e:32:91:d0:0d:fe:36:1f:bc:ba:5e:ab:39:
0e:db:8f:f1:d7:38:3c:0a:2b:f2:32:e8:f6:3c:52:b9:5e:3b:
f3:13:d0:7e:a7:eb:65:d3:ee:30:fe:59:d8:0d:f7:3a:1c:9e:
3f:65:fb:d1:64:de:f9:2a:bb:5b:d8:e1:e4:df:e7:45:b8:c0:
c0:31:6a:2d:ca:0a:85:ec:78:9d:67:14:07:35:9b:00:04:cf:
20:af:df:9c:b8:d7:79:4f:58:50:ca:1e:8c:07:18:d3:75:a6:
b0:79:6d:b8:1d:ad:f0:5e:bc:5c:0e:2b:78:18:58:a2:1c:e5:
b9:82:7a:95:57:2d:f1:82:50:ee:27:3a:8e:c2:08:8d:64:94:
37:2e:35:c6:5c:df:ed:c8:fa:e7:d9:4e:41:04:a8:83:22:b2:
ac:d0:20:9f:9d:e2:4b:a2:4c:77:0e:71:75:d9:8e:c6:0d:e0:
14:84:e2:fb:8e:f3:a6:22:7d:ff:c2:29:10:3d:d2:a4:26:4d:
cf:71:84:ed:f3:1d:4e:ab:4b:c9:04:52:3f:49:20:8d:d3:97:
12:0b:cf:c7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0jj1GhD0/FJx4NZs5pOkezMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE5MjExMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNlN2I3YzE3ZDdhNWFmNzk5ZjhjNzgzMmEwYzFlZjQ1ZGI1MDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6AARqUw4gDq0pu/e/ONSbNpxQ6p
9RQyi9sd6jLyaMHyg1jV1sNzCF9tzURoORRsSAGSDOFZiiW9zHOm2shU6z6kwO/a
/KXzxhoeDmg2bBEuaYOleKrdEH7BKuf6ySxUBFd+XHb/yATGUM3zAF7aMP2sRTUq
Kql9uFBF9EG+UAMulK2SeAxM4wBCP8Zaws5bcXlY4s6tkovivDF27tuCiwhykNVq
1sZQFArlxk84bCVpsj1dO2sRZEdx6Qdg4aTo/Dp4RefjsHW/Y+J0r4wC1Z/Pl56e
4plwxugNzJA4a3Sc5asvoqUTwzx+EA4YeZTmJtMswSYaQ/21SaDOYZYwoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGjOe3wX16WveZ+MeDKgwe9F21BfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYU01N2ZCZlhwYTk1bjR4NE1xREI3MFhiVUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADRBX9i2If5yh8Wrkfk9
w+DpN70OyvApHYXYkkjJP1a0etyq246b7gKuXjKR0A3+Nh+8ul6rOQ7bj/HXODwK
K/Iy6PY8UrleO/MT0H6n62XT7jD+WdgN9zocnj9l+9Fk3vkqu1vY4eTf50W4wMAx
ai3KCoXseJ1nFAc1mwAEzyCv35y413lPWFDKHowHGNN1prB5bbgdrfBevFwOK3gY
WKIc5bmCepVXLfGCUO4nOo7CCI1klDcuNcZc3+3I+ufZTkEEqIMisqzQIJ+d4kui
THcOcXXZjsYN4BSE4vuO86Yiff/CKRA90qQmTc9xhO3zHU6rS8kEUj9JII3TlxIL
z8c=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:24 2025 by rpki-client