Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/atL228bWFrLofIi4-ddmksEeips.roa
File: atL228bWFrLofIi4-ddmksEeips.roa (raw, json)
Hash identifier: jA9hHFwA1wsLTxycxxamn4q6gqw0EsSOmGTidwudlwc=
Subject key identifier: 6A:D2:F6:DB:C6:D6:16:B2:E8:7C:88:B8:F9:D7:66:92:C1:1E:8A:9B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE09863898068CE334099F14494F607A9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/atL228bWFrLofIi4-ddmksEeips.roa
Signing time: Mon 15 Apr 2024 07:11:06 +0000
ROA not before: Mon 15 Apr 2024 07:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e0:98:63:89:80:68:ce:33:40:99:f1:44:94:f6:07:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 07:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ad2f6dbc6d616b2e87c88b8f9d76692c11e8a9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f2:da:90:83:6f:83:9d:d0:14:51:35:51:00:
43:9d:62:d3:a2:6f:cf:af:72:f7:ee:97:53:0e:dc:
fa:e6:36:1b:e1:71:89:92:21:0c:cd:68:13:86:d3:
6e:13:78:c1:83:0a:a3:be:54:d0:f5:d3:8d:75:9d:
7a:c7:86:13:dd:49:d1:4f:00:52:1e:6f:94:d1:ca:
11:57:14:d7:46:41:5f:72:77:b9:46:25:2f:9e:45:
0d:53:a4:68:d3:30:f0:a6:de:79:c7:13:00:27:27:
e9:ec:50:70:3e:a7:25:c7:aa:0a:23:dd:dd:f3:11:
35:83:0b:31:0b:99:63:00:70:40:bd:43:7d:c8:1e:
06:cf:aa:ee:d1:e4:72:94:a4:d2:ae:50:09:c3:6f:
d6:5f:0f:06:58:ac:ae:99:ee:7d:95:ef:20:d3:2e:
31:c8:f0:4d:18:78:0a:61:50:18:aa:dc:0c:c7:62:
3a:09:27:4e:24:a8:ae:95:ff:35:0b:a1:f5:d3:74:
47:b5:26:6c:61:36:c7:0d:e2:43:ad:be:a4:28:98:
50:e6:5d:88:76:8e:33:38:09:02:a1:c0:a4:68:16:
8b:33:08:14:3d:dd:40:6d:c5:47:ec:d2:a5:e3:96:
1e:f0:ec:9e:66:d5:83:42:10:f4:44:06:20:09:22:
36:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D2:F6:DB:C6:D6:16:B2:E8:7C:88:B8:F9:D7:66:92:C1:1E:8A:9B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/atL228bWFrLofIi4-ddmksEeips.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
56:c1:0f:be:10:60:2a:a8:cf:83:89:ed:63:d2:d6:b2:41:68:
c1:30:72:b4:b5:7f:ea:35:43:0a:11:0c:33:0f:df:59:15:26:
11:f1:57:1f:b0:36:ea:98:c0:00:48:b1:e7:74:d3:ea:eb:ae:
96:ba:f3:a7:c4:bb:18:27:29:90:62:de:19:5a:13:92:06:46:
96:5b:43:1f:97:c1:af:d9:00:f9:ed:04:e2:9d:ce:2e:56:8e:
50:6b:69:5e:90:a0:ad:91:26:7f:57:22:0e:59:00:ec:7a:72:
99:38:a8:e6:2f:30:1c:e8:a5:e9:02:41:5e:0e:09:25:c0:94:
35:49:5c:5b:0d:81:7e:57:cc:11:be:28:38:2b:1f:39:3b:e5:
56:11:86:af:82:a5:e9:af:7e:80:d3:cc:99:c9:93:bf:19:cf:
d8:93:54:9f:20:b4:75:22:74:5d:1f:49:ea:4b:0d:0b:24:b1:
e3:40:b4:bb:f0:fe:3d:ff:17:12:86:27:c7:0d:a1:0b:2b:7b:
4e:8d:ef:de:b1:4b:05:7e:dd:18:c5:5e:d0:d4:e4:03:64:c5:
ae:79:b7:5f:89:f6:cc:af:a7:0c:4a:e0:5f:a7:82:a2:01:74:
3c:ce:94:d9:c4:9c:07:1b:7b:43:b3:6e:c3:36:f5:fb:99:e6:
b3:15:f6:bd
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7gmGOJgGjOM0CZ8USU9gepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MDcxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWQyZjZkYmM2ZDYxNmIyZTg3Yzg4YjhmOWQ3NjY5MmMxMWU4YTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/LakINvg53QFFE1UQBDnWLTom/P
r3L37pdTDtz65jYb4XGJkiEMzWgThtNuE3jBgwqjvlTQ9dONdZ16x4YT3UnRTwBS
Hm+U0coRVxTXRkFfcne5RiUvnkUNU6Ro0zDwpt55xxMAJyfp7FBwPqclx6oKI93d
8xE1gwsxC5ljAHBAvUN9yB4Gz6ru0eRylKTSrlAJw2/WXw8GWKyume59le8g0y4x
yPBNGHgKYVAYqtwMx2I6CSdOJKiulf81C6H103RHtSZsYTbHDeJDrb6kKJhQ5l2I
do4zOAkCocCkaBaLMwgUPd1AbcVH7NKl45Ye8OyeZtWDQhD0RAYgCSI2KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGrS9tvG1hay6HyIuPnXZpLBHoqbMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYXRMMjI4YldGckxvZklpNC1kZG1rc0VlaXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFbBD74QYCqoz4OJ7WPS
1rJBaMEwcrS1f+o1QwoRDDMP31kVJhHxVx+wNuqYwABIsed00+rrrpa686fEuxgn
KZBi3hlaE5IGRpZbQx+Xwa/ZAPntBOKdzi5WjlBraV6QoK2RJn9XIg5ZAOx6cpk4
qOYvMBzopekCQV4OCSXAlDVJXFsNgX5XzBG+KDgrHzk75VYRhq+CpemvfoDTzJnJ
k78Zz9iTVJ8gtHUidF0fSepLDQskseNAtLvw/j3/FxKGJ8cNoQsre06N796xSwV+
3RjFXtDU5ANkxa55t1+J9syvpwxK4F+ngqIBdDzOlNnEnAcbe0OzbsM29fuZ5rMV
9r0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:11:38 2025 by rpki-client