Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aPT5UHiLVB1qVFUNkual1EN4hKY.roa
File: aPT5UHiLVB1qVFUNkual1EN4hKY.roa (raw, json)
Hash identifier: spS4hVdWcYIerbJhi1WxM/O9ykvw5qKhlQLa34xHLaw=
Subject key identifier: 68:F4:F9:50:78:8B:54:1D:6A:54:55:0D:92:E6:A5:D4:43:78:84:A6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018ED04B68F30EFADB6B19E1D9D16399A21C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aPT5UHiLVB1qVFUNkual1EN4hKY.roa
Signing time: Fri 12 Apr 2024 03:13:06 +0000
ROA not before: Fri 12 Apr 2024 03:13:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d0:4b:68:f3:0e:fa:db:6b:19:e1:d9:d1:63:99:a2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 12 03:13:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=68f4f950788b541d6a54550d92e6a5d4437884a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:43:54:bf:b8:87:22:bc:bf:8d:b0:39:d3:
45:ad:d2:c2:8a:61:65:16:7b:97:bc:ad:c7:c0:50:
12:49:6e:60:08:fc:00:12:97:96:47:34:6c:bc:9e:
6f:c5:fb:1d:0c:74:e7:8b:31:29:70:64:50:2f:e9:
b2:36:2a:31:36:bd:0e:e7:12:4f:bf:fb:96:d4:c8:
67:c9:de:d7:85:ec:02:8a:e2:92:fb:2d:a0:4e:8b:
23:79:ee:21:41:a8:d4:01:ed:88:65:45:50:1b:1e:
26:95:4b:07:08:68:0c:59:0c:3f:d3:c1:0d:8a:2e:
16:67:4f:bc:69:df:b4:5a:b9:1f:7c:98:88:55:db:
a8:ac:9b:7c:ba:31:eb:6d:22:14:81:75:b2:0a:1e:
ae:91:d7:6d:29:cd:0e:61:1a:55:41:13:42:08:f5:
1a:ce:c1:6d:b8:96:1c:22:b6:63:f9:c3:2b:da:f9:
3c:6f:32:27:e0:a8:08:e8:c0:e2:d8:ff:47:c8:53:
af:a7:45:8c:17:67:97:63:68:d8:84:23:4b:96:92:
10:a5:07:54:22:2b:fd:51:80:cc:f8:bc:98:f8:37:
e8:cd:d5:2b:1d:26:2e:5d:c1:f1:82:63:8a:a1:a1:
e9:fc:79:7a:38:fe:1c:76:13:3b:52:73:94:d6:2f:
d9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:F4:F9:50:78:8B:54:1D:6A:54:55:0D:92:E6:A5:D4:43:78:84:A6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aPT5UHiLVB1qVFUNkual1EN4hKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
82:ca:fe:3f:70:29:c0:b4:82:86:3d:b4:6f:13:2d:d6:ec:36:
01:94:67:5b:e1:68:70:79:83:ec:05:68:17:9f:1d:e8:8f:a3:
4f:7f:f2:c7:0f:3b:32:ca:dc:b9:03:1b:2c:9b:4b:cd:ae:e8:
2f:06:96:10:e4:63:3c:bc:15:d0:26:5a:55:e3:be:02:36:43:
5d:cc:17:ef:5a:94:55:db:78:4b:c1:44:cf:38:05:eb:8b:17:
68:ee:7c:c5:19:38:e8:ae:ed:11:df:83:e5:e1:74:85:1e:65:
56:6e:05:d4:a5:2f:e2:fb:2c:4c:6d:be:0e:55:ae:49:b6:b8:
76:70:66:81:6c:b6:2f:e3:1b:d3:0f:56:2a:ef:8d:6e:d2:ac:
2c:f0:f0:0c:64:44:f8:ec:12:e9:5d:8c:b1:eb:50:ae:0e:7f:
cd:1f:19:53:69:35:09:79:52:1d:1d:47:81:f8:08:ee:99:3f:
ce:65:b6:f3:7d:5c:71:a4:18:45:50:67:22:f1:05:00:1f:80:
12:44:67:f4:b2:0f:71:4d:13:f5:38:3a:91:88:cd:85:e5:9e:
47:56:e2:87:14:ae:38:2e:fb:e6:05:75:e6:2a:e6:44:40:30:
d8:09:5b:4a:16:5d:54:b0:65:55:77:29:85:a7:60:e6:c8:f6:
bf:e6:05:7a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7QS2jzDvrbaxnh2dFjmaIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDEyMDMxMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGY0Zjk1MDc4OGI1NDFkNmE1NDU1MGQ5MmU2YTVkNDQzNzg4NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBpDVL+4hyK8v42wOdNFrdLCimFl
FnuXvK3HwFASSW5gCPwAEpeWRzRsvJ5vxfsdDHTnizEpcGRQL+myNioxNr0O5xJP
v/uW1Mhnyd7XhewCiuKS+y2gTosjee4hQajUAe2IZUVQGx4mlUsHCGgMWQw/08EN
ii4WZ0+8ad+0WrkffJiIVduorJt8ujHrbSIUgXWyCh6ukddtKc0OYRpVQRNCCPUa
zsFtuJYcIrZj+cMr2vk8bzIn4KgI6MDi2P9HyFOvp0WMF2eXY2jYhCNLlpIQpQdU
Iiv9UYDM+LyY+DfozdUrHSYuXcHxgmOKoaHp/Hl6OP4cdhM7UnOU1i/ZuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGj0+VB4i1QdalRVDZLmpdRDeISmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYVBUNVVIaUxWQjFxVkZVTmt1YWwxRU40aEtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAILK/j9wKcC0goY9tG8T
LdbsNgGUZ1vhaHB5g+wFaBefHeiPo09/8scPOzLK3LkDGyybS82u6C8GlhDkYzy8
FdAmWlXjvgI2Q13MF+9alFXbeEvBRM84BeuLF2jufMUZOOiu7RHfg+XhdIUeZVZu
BdSlL+L7LExtvg5Vrkm2uHZwZoFsti/jG9MPVirvjW7SrCzw8AxkRPjsEuldjLHr
UK4Of80fGVNpNQl5Uh0dR4H4CO6ZP85ltvN9XHGkGEVQZyLxBQAfgBJEZ/SyD3FN
E/U4OpGIzYXlnkdW4ocUrjgu++YFdeYq5kRAMNgJW0oWXVSwZVV3KYWnYObI9r/m
BXo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:21 2025 by rpki-client