Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aVOtsmRtR4xfbRAdrb5D09RSgyA.roa
File: aVOtsmRtR4xfbRAdrb5D09RSgyA.roa (raw, json)
Hash identifier: OEMdblFKDDGWoB5KcUaogiiUG+vWIJld03S6Kax1SlU=
Subject key identifier: 69:53:AD:B2:64:6D:47:8C:5F:6D:10:1D:AD:BE:43:D3:D4:52:83:20
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD761823322E6652BA4B7969A9D971DF6
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aVOtsmRtR4xfbRAdrb5D09RSgyA.roa
Signing time: Fri 23 Feb 2024 19:11:48 +0000
ROA not before: Fri 23 Feb 2024 19:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d7:61:82:33:22:e6:65:2b:a4:b7:96:9a:9d:97:1d:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 23 19:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6953adb2646d478c5f6d101dadbe43d3d4528320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7b:75:a2:f3:41:05:0f:3c:2f:5b:76:c2:6d:
dc:6e:5c:cd:1a:1b:4b:c8:c7:f0:a9:6d:8e:39:86:
22:fb:bb:87:33:70:02:f6:06:b9:3d:96:64:0e:5b:
f4:3a:dc:f5:55:4c:db:f0:42:a1:29:bf:f4:b6:31:
50:9d:5c:53:f0:22:94:69:30:90:07:d8:c2:b8:76:
2f:86:97:e0:61:0a:17:3d:e8:f2:69:60:1e:6a:96:
2c:0f:b3:81:ee:58:b5:06:93:33:bf:40:d0:3f:58:
a9:27:3d:6c:4d:01:b7:df:eb:8c:76:5c:02:87:46:
ea:3d:b0:77:c6:59:c5:f4:1e:18:cd:3a:0b:23:57:
16:05:b2:b8:3f:ca:4f:85:84:c0:c1:8d:83:9c:c1:
16:c2:24:dd:e0:86:22:d9:42:4d:8b:8b:e6:a1:42:
cd:52:02:5f:0c:ed:6e:58:5e:f9:b9:97:cc:e0:94:
c7:c1:43:64:35:32:54:06:cd:a6:89:09:80:50:33:
5d:90:a5:a0:62:f1:df:53:47:70:a5:3b:eb:ee:27:
fa:82:8b:22:fe:b7:cf:c4:44:a0:ed:b9:9e:d7:32:
f5:11:96:01:59:93:12:d5:48:11:06:74:3a:ee:45:
0d:44:6c:11:62:77:7c:1b:69:0c:9d:29:d8:f9:76:
d0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:53:AD:B2:64:6D:47:8C:5F:6D:10:1D:AD:BE:43:D3:D4:52:83:20
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aVOtsmRtR4xfbRAdrb5D09RSgyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
85:cb:63:bc:e2:63:8e:7c:17:f9:38:4f:f8:ac:60:cd:7f:30:
3b:0e:d5:e7:bb:7a:f5:4b:29:43:64:bd:d5:87:e4:48:41:f6:
a4:90:05:58:e1:fa:63:8c:dd:c2:8b:08:33:e0:87:a1:f5:98:
0f:8b:54:24:07:9f:4e:8c:31:ab:9d:aa:9d:ec:c1:52:97:e1:
97:e9:f5:c2:d9:cf:8e:22:96:4a:04:fb:4a:ad:ae:28:50:d9:
8b:be:72:cc:c4:57:82:49:41:02:45:4c:47:ac:b1:ca:f1:0b:
5a:51:e5:86:90:93:80:7d:40:2a:9d:41:ae:87:ce:75:bc:c7:
17:15:2c:99:00:f4:f1:d2:86:2d:70:f8:a3:ff:86:7e:9b:38:
41:e5:7a:53:55:0d:08:04:12:5b:5e:9c:5a:4b:c6:bd:ed:da:
d9:b8:69:ee:fb:e6:df:9b:b1:2c:7f:12:3b:b7:97:45:8a:fb:
0b:9c:e0:42:b3:f1:2f:7d:f6:57:bf:ac:61:71:c4:94:0b:d5:
dd:a7:ed:da:fc:7d:e9:ff:fb:ec:40:13:03:f3:4b:37:27:39:
25:16:4e:e0:7e:4f:20:d6:3c:1d:e1:4d:86:70:c7:45:ed:42:
49:4c:45:4d:30:4b:38:9f:a0:43:88:e7:ba:71:6e:d9:71:5e:
33:a2:a4:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3XYYIzIuZlK6S3lpqdlx32MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIzMTkxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTUzYWRiMjY0NmQ0NzhjNWY2ZDEwMWRhZGJlNDNkM2Q0NTI4MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXt1ovNBBQ88L1t2wm3cblzNGhtL
yMfwqW2OOYYi+7uHM3AC9ga5PZZkDlv0Otz1VUzb8EKhKb/0tjFQnVxT8CKUaTCQ
B9jCuHYvhpfgYQoXPejyaWAeapYsD7OB7li1BpMzv0DQP1ipJz1sTQG33+uMdlwC
h0bqPbB3xlnF9B4YzToLI1cWBbK4P8pPhYTAwY2DnMEWwiTd4IYi2UJNi4vmoULN
UgJfDO1uWF75uZfM4JTHwUNkNTJUBs2miQmAUDNdkKWgYvHfU0dwpTvr7if6gosi
/rfPxESg7bme1zL1EZYBWZMS1UgRBnQ67kUNRGwRYnd8G2kMnSnY+XbQcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGlTrbJkbUeMX20QHa2+Q9PUUoMgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYVZPdHNtUnRSNHhmYlJBZHJiNUQwOVJTZ3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIXLY7ziY458F/k4T/is
YM1/MDsO1ee7evVLKUNkvdWH5EhB9qSQBVjh+mOM3cKLCDPgh6H1mA+LVCQHn06M
Maudqp3swVKX4Zfp9cLZz44ilkoE+0qtrihQ2Yu+cszEV4JJQQJFTEesscrxC1pR
5YaQk4B9QCqdQa6HznW8xxcVLJkA9PHShi1w+KP/hn6bOEHlelNVDQgEEltenFpL
xr3t2tm4ae775t+bsSx/Eju3l0WK+wuc4EKz8S999le/rGFxxJQL1d2n7dr8fen/
++xAEwPzSzcnOSUWTuB+TyDWPB3hTYZwx0XtQklMRU0wSzifoEOI57pxbtlxXjOi
pN4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:00 2025 by rpki-client