Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aa9_X00SgPKJAuVmdjG5lqw7rXo.roa
File: aa9_X00SgPKJAuVmdjG5lqw7rXo.roa (raw, json)
Hash identifier: c5BbfWTNUngt+IRwirT5kqfSgKm59IqDKI4UvPYEQFc=
Subject key identifier: 69:AF:7F:5F:4D:12:80:F2:89:02:E5:66:76:31:B9:96:AC:3B:AD:7A
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DBCFD6E1788481B307CB04A5B584B68F9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aa9_X00SgPKJAuVmdjG5lqw7rXo.roa
Signing time: Sun 18 Feb 2024 16:12:21 +0000
ROA not before: Sun 18 Feb 2024 16:12:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:bc:fd:6e:17:88:48:1b:30:7c:b0:4a:5b:58:4b:68:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 18 16:12:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69af7f5f4d1280f28902e5667631b996ac3bad7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cb:cd:8b:1f:8c:4e:03:c9:2f:d0:92:ca:19:
27:6f:ac:8e:e3:75:9c:91:9e:f1:2a:2f:b3:ed:b1:
8d:2f:77:86:71:01:c1:00:0e:d2:34:c4:2d:0d:f2:
ee:c3:7d:72:a7:46:80:e4:cc:f9:f1:e7:d9:c9:a7:
75:c5:1f:f4:6e:c8:ee:56:c8:ec:78:43:68:52:d7:
ba:83:28:3f:63:8e:ab:a2:12:5d:cd:00:24:02:fa:
9f:04:e1:36:f0:fe:b2:f1:2f:4e:92:a6:74:aa:44:
b4:f1:3b:4d:f4:4d:01:ae:df:d6:bc:d7:e4:e5:5d:
fc:cf:5f:09:c5:20:9a:51:4d:1e:75:6e:e7:91:e4:
e3:d9:98:3e:3f:42:40:1a:92:d5:7f:ba:d3:59:da:
80:6e:3f:d5:7a:98:f4:3e:06:f3:7a:8c:10:a2:12:
94:ba:79:8d:e9:37:6e:d5:dc:7a:a6:9b:95:8c:c4:
c9:f4:1f:1e:0d:e0:61:ab:ef:43:63:4f:c7:70:89:
1a:4f:3c:13:84:57:25:fb:71:be:67:cd:63:d5:8c:
97:b7:9e:61:38:56:09:a0:b8:bf:c0:87:62:45:1a:
5a:c7:b3:5d:fd:da:99:bd:2c:85:dd:bf:2c:dc:01:
0e:aa:51:6c:3d:be:9a:e2:78:c9:63:97:ac:9d:3f:
04:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AF:7F:5F:4D:12:80:F2:89:02:E5:66:76:31:B9:96:AC:3B:AD:7A
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/aa9_X00SgPKJAuVmdjG5lqw7rXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
46:e1:ab:ef:13:11:8b:b3:e7:1e:44:b8:6d:08:7b:87:31:e5:
d1:50:6b:18:78:79:57:62:a0:c6:d5:cb:90:c0:da:c9:f2:9c:
80:a1:15:5f:ff:97:1e:92:30:82:49:79:4e:57:8c:ac:60:51:
4f:a0:d8:b7:16:c9:d6:13:2f:a1:be:88:4d:3c:9b:24:8b:53:
9a:ff:46:4d:0c:3c:5a:64:e3:89:bd:0c:15:ad:ba:54:9e:13:
d6:21:dd:37:52:27:ca:b4:aa:a7:4d:b6:0e:87:a9:c7:38:cb:
74:fa:7e:ea:66:7f:4f:b2:20:2f:e1:c6:4b:07:17:20:d1:04:
66:ac:8d:85:86:00:07:70:fa:cb:46:68:2d:f6:ef:57:97:1e:
51:3d:1e:cb:1b:9f:93:7f:a4:bc:37:16:5d:0e:51:72:6c:c7:
9c:5c:a5:c7:38:f7:73:59:fd:43:ef:d9:ea:49:18:f1:8a:d1:
cc:06:41:88:8b:88:45:ce:0b:0e:86:e6:d7:d5:78:1b:38:53:
db:26:fa:de:00:60:94:ec:7e:b5:85:8f:52:eb:32:c2:81:e1:
cb:00:54:43:b6:49:c7:40:8e:08:d9:57:82:44:54:b4:9c:44:
88:3c:aa:3e:ea:ea:25:1a:9e:39:3b:58:6d:37:64:cf:a3:e9:
0b:19:b5:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY28/W4XiEgbMHywSltYS2j5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE4MTYxMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFmN2Y1ZjRkMTI4MGYyODkwMmU1NjY3NjMxYjk5NmFjM2JhZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsvNix+MTgPJL9CSyhknb6yO43Wc
kZ7xKi+z7bGNL3eGcQHBAA7SNMQtDfLuw31yp0aA5Mz58efZyad1xR/0bsjuVsjs
eENoUte6gyg/Y46rohJdzQAkAvqfBOE28P6y8S9OkqZ0qkS08TtN9E0Brt/WvNfk
5V38z18JxSCaUU0edW7nkeTj2Zg+P0JAGpLVf7rTWdqAbj/Vepj0PgbzeowQohKU
unmN6Tdu1dx6ppuVjMTJ9B8eDeBhq+9DY0/HcIkaTzwThFcl+3G+Z81j1YyXt55h
OFYJoLi/wIdiRRpax7Nd/dqZvSyF3b8s3AEOqlFsPb6a4njJY5esnT8E5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGmvf19NEoDyiQLlZnYxuZasO616MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYWE5X1gwMFNnUEtKQXVWbWRqRzVscXc3clhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEbhq+8TEYuz5x5EuG0I
e4cx5dFQaxh4eVdioMbVy5DA2snynIChFV//lx6SMIJJeU5XjKxgUU+g2LcWydYT
L6G+iE08mySLU5r/Rk0MPFpk44m9DBWtulSeE9Yh3TdSJ8q0qqdNtg6Hqcc4y3T6
fupmf0+yIC/hxksHFyDRBGasjYWGAAdw+stGaC3271eXHlE9Hssbn5N/pLw3Fl0O
UXJsx5xcpcc493NZ/UPv2epJGPGK0cwGQYiLiEXOCw6G5tfVeBs4U9sm+t4AYJTs
frWFj1LrMsKB4csAVEO2ScdAjgjZV4JEVLScRIg8qj7q6iUanjk7WG03ZM+j6QsZ
tVw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:22 2025 by rpki-client