Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aY2GRB_IjqN-11sNBLXg-tLzzXg.roa
File: aY2GRB_IjqN-11sNBLXg-tLzzXg.roa (raw, json)
Hash identifier: lvvRj3sQqXJ4noSOeu89okbdwbEjPcZBBhdKHk66fAw=
Subject key identifier: 69:8D:86:44:1F:C8:8E:A3:7E:D7:5B:0D:04:B5:E0:FA:D2:F3:CD:78
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE144BF3048800606DF61D17EB28E8BFD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aY2GRB_IjqN-11sNBLXg-tLzzXg.roa
Signing time: Sun 07 Jan 2024 00:13:48 +0000
ROA not before: Sun 07 Jan 2024 00:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e1:44:bf:30:48:80:06:06:df:61:d1:7e:b2:8e:8b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 7 00:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=698d86441fc88ea37ed75b0d04b5e0fad2f3cd78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ed:99:56:59:4d:4c:48:5e:ca:53:6d:10:68:
d5:02:8a:97:b6:b6:ff:e5:da:8c:21:33:c0:2b:98:
26:7c:eb:fd:8b:e5:08:b6:79:56:18:75:12:35:5d:
57:2c:04:9e:73:c6:5c:1b:97:64:63:68:55:32:6c:
04:b8:09:c0:2b:58:06:ad:4f:74:28:46:84:c2:b6:
d7:3e:ca:42:28:db:a1:ed:f8:88:bb:b0:e2:f7:a7:
ee:d6:86:9b:93:63:bd:1c:0c:9c:51:2f:33:d6:36:
09:de:7b:35:7c:e5:2a:f3:58:58:cf:05:8f:71:f6:
0a:60:1d:4b:85:00:27:50:cc:3f:0d:c2:90:d3:d2:
7c:3c:95:85:2f:77:c4:71:63:14:5f:62:59:d6:cc:
75:33:06:8e:08:fd:1c:ae:81:73:e8:19:4e:c2:9a:
bd:a3:12:cb:af:91:c9:ee:86:5a:c7:7e:cf:56:e0:
61:ac:6b:18:b3:c0:57:73:3f:b6:36:c6:ec:5a:7e:
17:ea:98:6d:94:8b:e1:01:6d:e8:70:c9:a2:bd:a3:
d5:9b:36:76:a4:d7:80:4f:75:c0:28:88:bd:14:56:
32:d7:06:63:f2:2c:4c:c1:ac:fa:1d:c8:55:59:44:
94:2b:0f:9f:c3:2f:7a:30:68:b2:28:73:8d:86:c7:
0e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:8D:86:44:1F:C8:8E:A3:7E:D7:5B:0D:04:B5:E0:FA:D2:F3:CD:78
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aY2GRB_IjqN-11sNBLXg-tLzzXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
57:4d:bd:39:6d:41:e0:d0:24:fd:2e:e2:80:23:71:83:ce:36:
3e:db:36:01:c9:64:c6:75:3c:c5:9e:2d:da:b6:20:da:ac:d8:
29:be:68:d1:51:52:80:82:9e:29:e2:2c:2a:84:bb:2c:ed:4f:
5f:11:96:75:58:40:91:f5:51:27:10:e4:90:20:1e:36:16:37:
d8:c6:79:36:7b:cf:a0:e8:7b:18:62:a1:14:a5:6d:14:a6:15:
4e:80:3f:37:82:e8:b1:0a:be:af:10:e2:1a:3d:8b:3c:0c:cf:
8f:22:d6:d7:10:51:28:b8:00:db:fc:21:dc:91:77:35:a5:c3:
3a:d0:8e:0e:33:68:21:61:e5:57:75:f2:de:df:1c:f2:b5:45:
5a:36:78:bf:49:b4:b0:7a:89:2a:43:ac:2c:d8:90:c0:f2:43:
b7:85:1e:a5:c7:7a:d8:ed:4f:01:fd:75:c7:41:55:ab:d5:41:
2e:67:38:f8:ae:2e:40:be:4a:f0:e4:75:9d:ef:64:ea:c4:2e:
d8:3e:7b:f2:e6:7c:85:8e:70:bf:e9:dd:a9:e9:81:18:2d:5a:
a7:04:68:10:49:29:50:6b:59:2b:d4:ee:88:b5:f2:d9:cf:00:
bb:14:54:1d:b7:98:95:51:12:d8:d3:c9:98:0c:56:bd:c1:f8:
a4:25:84:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzhRL8wSIAGBt9h0X6yjov9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA3MDAxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OThkODY0NDFmYzg4ZWEzN2VkNzViMGQwNGI1ZTBmYWQyZjNjZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAje2ZVllNTEheylNtEGjVAoqXtrb/
5dqMITPAK5gmfOv9i+UItnlWGHUSNV1XLASec8ZcG5dkY2hVMmwEuAnAK1gGrU90
KEaEwrbXPspCKNuh7fiIu7Di96fu1oabk2O9HAycUS8z1jYJ3ns1fOUq81hYzwWP
cfYKYB1LhQAnUMw/DcKQ09J8PJWFL3fEcWMUX2JZ1sx1MwaOCP0croFz6BlOwpq9
oxLLr5HJ7oZax37PVuBhrGsYs8BXcz+2NsbsWn4X6phtlIvhAW3ocMmivaPVmzZ2
pNeAT3XAKIi9FFYy1wZj8ixMwaz6HchVWUSUKw+fwy96MGiyKHONhscO2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGmNhkQfyI6jftdbDQS14PrS8814MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYVkyR1JCX0lqcU4tMTFzTkJMWGctdEx6elhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFdNvTltQeDQJP0u4oAj
cYPONj7bNgHJZMZ1PMWeLdq2INqs2Cm+aNFRUoCCniniLCqEuyztT18RlnVYQJH1
UScQ5JAgHjYWN9jGeTZ7z6DoexhioRSlbRSmFU6APzeC6LEKvq8Q4ho9izwMz48i
1tcQUSi4ANv8IdyRdzWlwzrQjg4zaCFh5Vd18t7fHPK1RVo2eL9JtLB6iSpDrCzY
kMDyQ7eFHqXHetjtTwH9dcdBVavVQS5nOPiuLkC+SvDkdZ3vZOrELtg+e/LmfIWO
cL/p3anpgRgtWqcEaBBJKVBrWSvU7oi18tnPALsUVB23mJVREtjTyZgMVr3B+KQl
hGQ=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:51:22 2025 by rpki-client