Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/akR7X7XoPGL54ilzDOZgZmeKrks.roa
File: akR7X7XoPGL54ilzDOZgZmeKrks.roa (raw, json)
Hash identifier: 6+wlbyNMlL4eZzR3cEuv1v7Ec1f/xhs29MzETRiwH2w=
Subject key identifier: 6A:44:7B:5F:B5:E8:3C:62:F9:E2:29:73:0C:E6:60:66:67:8A:AE:4B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E98ECE256820D0795EDC042C576A058EF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/akR7X7XoPGL54ilzDOZgZmeKrks.roa
Signing time: Mon 01 Apr 2024 09:10:45 +0000
ROA not before: Mon 01 Apr 2024 09:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:98:ec:e2:56:82:0d:07:95:ed:c0:42:c5:76:a0:58:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 09:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a447b5fb5e83c62f9e229730ce66066678aae4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:18:96:69:9b:aa:60:5f:a9:24:cb:d7:73:cf:
4a:4c:e9:82:db:47:ed:c4:f2:53:89:54:36:b0:78:
58:d9:cd:13:f2:65:5f:d7:a3:ae:64:fa:cf:17:e4:
e2:a6:8c:1e:55:43:ce:5e:8e:28:70:b5:6d:d5:61:
d0:24:0d:64:88:3c:7f:ad:b6:15:d9:5c:5b:bf:21:
cd:41:1e:ad:a5:48:85:bf:2b:c2:4e:91:01:c7:d2:
b5:f1:51:5c:62:e3:0e:9d:4f:e2:57:4c:38:88:9b:
02:fe:f7:ef:9c:fe:d7:25:88:cf:f6:05:6e:a4:f0:
ff:47:5d:ba:42:78:50:24:12:3c:f8:a7:a5:d6:ba:
51:fb:bc:67:85:40:fd:01:36:ed:1d:f4:cf:1b:14:
49:17:c2:22:80:12:a1:fb:78:3a:09:2d:2d:85:7a:
35:b1:a6:30:3e:c0:7f:55:23:3e:7a:a9:db:04:21:
a1:c8:d3:10:64:00:f5:1b:6d:ee:d2:c2:93:cc:da:
c5:00:a9:06:cc:7b:37:bd:d2:21:fa:1b:3a:52:85:
7f:16:11:a5:ba:20:04:68:a4:23:3e:25:28:bf:8a:
e1:a9:c6:83:7d:17:ec:f4:98:c4:64:4e:8d:de:ce:
c4:98:46:27:59:46:8d:28:b5:19:94:e2:15:39:82:
36:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:44:7B:5F:B5:E8:3C:62:F9:E2:29:73:0C:E6:60:66:67:8A:AE:4B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/akR7X7XoPGL54ilzDOZgZmeKrks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:26:a1:a3:6a:0a:b1:88:f8:d8:7b:e3:16:fc:58:0b:ea:80:
fb:89:36:33:3e:ad:7f:f5:fa:21:f5:07:d2:5a:27:40:e1:e8:
4b:47:ca:52:80:1c:30:28:aa:ff:79:a4:77:17:70:fb:d4:ac:
d1:72:39:52:7f:f9:b8:4d:5d:ad:da:82:88:a5:28:f4:44:05:
69:ff:b9:d1:04:fb:7b:fc:85:d1:6b:6b:47:5f:7b:53:12:c5:
af:3d:7a:66:89:88:89:56:56:ff:19:71:99:03:c9:45:06:bf:
91:7b:1b:5b:24:d9:ef:49:f8:3b:40:7c:3b:2c:88:df:7b:12:
55:78:ae:8b:b6:47:6b:04:8b:cb:56:7a:88:c0:88:dc:21:7e:
e7:26:f7:c8:78:54:24:0c:cc:e4:3a:a6:eb:95:ea:72:b6:28:
69:41:75:48:fe:24:37:37:66:ce:13:b7:3b:64:7d:97:ea:eb:
75:1f:4d:e5:62:74:ab:38:fb:ae:f0:2d:6a:b4:c3:25:f4:12:
28:cf:17:aa:a0:1b:9f:c9:12:fa:3f:48:ea:60:09:ac:76:c9:
c4:96:11:c7:c2:8a:2e:ad:73:65:c0:09:4b:0d:2b:a5:46:9a:
9b:f7:e3:1a:c9:1d:d6:d8:ac:ce:31:62:ce:13:32:7c:67:13:
1e:41:af:f3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6Y7OJWgg0Hle3AQsV2oFjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMDkxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTQ0N2I1ZmI1ZTgzYzYyZjllMjI5NzMwY2U2NjA2NjY3OGFhZTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBiWaZuqYF+pJMvXc89KTOmC20ft
xPJTiVQ2sHhY2c0T8mVf16OuZPrPF+TipoweVUPOXo4ocLVt1WHQJA1kiDx/rbYV
2VxbvyHNQR6tpUiFvyvCTpEBx9K18VFcYuMOnU/iV0w4iJsC/vfvnP7XJYjP9gVu
pPD/R126QnhQJBI8+Kel1rpR+7xnhUD9ATbtHfTPGxRJF8IigBKh+3g6CS0thXo1
saYwPsB/VSM+eqnbBCGhyNMQZAD1G23u0sKTzNrFAKkGzHs3vdIh+hs6UoV/FhGl
uiAEaKQjPiUov4rhqcaDfRfs9JjEZE6N3s7EmEYnWUaNKLUZlOIVOYI2ywIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGpEe1+16Dxi+eIpcwzmYGZniq5LMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYWtSN1g3WG9QR0w1NGlsekRPWmdabWVLcmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJomoaNqCrGI+Nh74xb8
WAvqgPuJNjM+rX/1+iH1B9JaJ0Dh6EtHylKAHDAoqv95pHcXcPvUrNFyOVJ/+bhN
Xa3agoilKPREBWn/udEE+3v8hdFra0dfe1MSxa89emaJiIlWVv8ZcZkDyUUGv5F7
G1sk2e9J+DtAfDssiN97ElV4rou2R2sEi8tWeojAiNwhfucm98h4VCQMzOQ6puuV
6nK2KGlBdUj+JDc3Zs4TtztkfZfq63UfTeVidKs4+67wLWq0wyX0EijPF6qgG5/J
Evo/SOpgCax2ycSWEcfCii6tc2XACUsNK6VGmpv34xrJHdbYrM4xYs4TMnxnEx5B
r/M=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:07 2025 by rpki-client