Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/axx1avNzX4aQkRtOMOGyDcopDso.roa
File: axx1avNzX4aQkRtOMOGyDcopDso.roa (raw, json)
Hash identifier: /JFcq/OQJYjG7AL36IhmpsAf+3mFrMRAh3jSbQALY4M=
Subject key identifier: 6B:1C:75:6A:F3:73:5F:86:90:91:1B:4E:30:E1:B2:0D:CA:29:0E:CA
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D80475714FAB3A2061AFD38B6B35E3367
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/axx1avNzX4aQkRtOMOGyDcopDso.roa
Signing time: Tue 06 Feb 2024 21:16:15 +0000
ROA not before: Tue 06 Feb 2024 21:16:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:80:47:57:14:fa:b3:a2:06:1a:fd:38:b6:b3:5e:33:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 6 21:16:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b1c756af3735f8690911b4e30e1b20dca290eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:db:fa:43:b7:b6:6e:f8:85:0e:dd:45:f6:bb:
b8:19:b5:b5:d8:3a:fb:45:6b:7b:af:49:7b:de:4a:
6e:cd:a1:16:0e:43:04:fa:bb:80:c9:6b:77:0f:9a:
3f:6e:ec:d1:d2:2f:0a:85:9c:b9:94:c3:2b:98:94:
61:03:ab:4d:dc:04:20:99:a5:cd:13:51:9f:00:ac:
da:ff:2e:7c:24:4c:ab:8d:b4:e0:4a:77:51:d6:24:
33:0c:a7:63:2e:ad:56:a5:f4:84:80:14:60:d3:71:
68:f1:d7:d4:35:47:20:2a:cf:b0:e7:1d:82:93:cf:
1c:46:ec:f4:a9:81:67:95:8b:c3:14:c6:8f:81:45:
3d:72:c0:12:e2:f1:f1:c6:76:fa:0d:fc:0a:fd:d4:
7c:a1:43:89:19:36:59:a7:06:88:88:58:a1:21:61:
d4:d8:9a:c6:3c:b8:0f:6d:c6:c1:82:41:24:cf:6e:
ae:fa:ee:87:fc:93:3b:9a:bb:52:5b:50:d3:49:31:
98:f6:20:24:c6:51:f2:36:94:e1:7f:15:a6:81:ad:
94:fc:93:86:1e:16:5f:c1:37:44:86:8a:1f:ea:cc:
d7:24:7e:e0:42:e7:1f:60:84:97:8f:8f:45:f2:16:
a1:08:cb:ec:5c:e7:f0:8e:f9:b2:28:d1:89:36:a4:
05:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1C:75:6A:F3:73:5F:86:90:91:1B:4E:30:E1:B2:0D:CA:29:0E:CA
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/axx1avNzX4aQkRtOMOGyDcopDso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
55:b5:05:ea:0c:41:be:bb:1f:3c:52:28:ba:2c:22:2a:90:ac:
78:28:af:a3:a0:e0:7a:53:42:88:62:84:88:ed:84:42:3a:1d:
32:54:5b:c7:9a:3a:61:54:d7:a3:8e:72:ca:85:6c:11:65:a4:
87:8a:c5:34:10:ef:1f:12:81:75:4a:87:2c:c3:d3:7d:14:2d:
fd:df:35:0c:21:1e:37:3f:88:c0:c3:05:cb:7f:32:58:75:22:
ff:3f:6c:eb:b2:65:f3:5c:ad:c0:20:9e:8d:e0:ca:80:11:ae:
e9:53:cf:8f:e2:24:15:3d:dd:b2:80:e6:fd:db:f1:9e:d5:bf:
fb:ca:8c:45:4d:21:d7:fb:a8:19:80:51:3d:17:ad:80:11:18:
30:49:2f:71:9a:45:41:5a:ec:ad:28:8d:0c:50:0e:dd:be:7b:
95:92:74:da:db:f1:6a:92:bb:91:0d:9e:74:02:e3:81:81:8c:
5f:4f:1e:0d:b3:45:49:fa:66:12:b8:bc:ae:c9:26:83:78:77:
18:48:e5:d8:02:46:fc:9c:9f:c7:f3:d3:d0:4e:eb:43:5b:9b:
45:8a:6d:f7:9b:de:45:8c:a6:ab:c2:9b:91:f6:3f:d9:63:d3:
60:7b:ed:b5:91:b3:69:ab:bb:c8:7f:b5:e7:da:ee:d3:df:33:
59:ff:01:8d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2AR1cU+rOiBhr9OLazXjNnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA2MjExNjE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjFjNzU2YWYzNzM1Zjg2OTA5MTFiNGUzMGUxYjIwZGNhMjkwZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudv6Q7e2bviFDt1F9ru4GbW12Dr7
RWt7r0l73kpuzaEWDkME+ruAyWt3D5o/buzR0i8KhZy5lMMrmJRhA6tN3AQgmaXN
E1GfAKza/y58JEyrjbTgSndR1iQzDKdjLq1WpfSEgBRg03Fo8dfUNUcgKs+w5x2C
k88cRuz0qYFnlYvDFMaPgUU9csAS4vHxxnb6DfwK/dR8oUOJGTZZpwaIiFihIWHU
2JrGPLgPbcbBgkEkz26u+u6H/JM7mrtSW1DTSTGY9iAkxlHyNpThfxWmga2U/JOG
HhZfwTdEhoof6szXJH7gQucfYISXj49F8hahCMvsXOfwjvmyKNGJNqQFYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGscdWrzc1+GkJEbTjDhsg3KKQ7KMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYXh4MWF2TnpYNGFRa1J0T01PR3lEY29wRHNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFW1BeoMQb67HzxSKLos
IiqQrHgor6Og4HpTQohihIjthEI6HTJUW8eaOmFU16OOcsqFbBFlpIeKxTQQ7x8S
gXVKhyzD030ULf3fNQwhHjc/iMDDBct/Mlh1Iv8/bOuyZfNcrcAgno3gyoARrulT
z4/iJBU93bKA5v3b8Z7Vv/vKjEVNIdf7qBmAUT0XrYARGDBJL3GaRUFa7K0ojQxQ
Dt2+e5WSdNrb8WqSu5ENnnQC44GBjF9PHg2zRUn6ZhK4vK7JJoN4dxhI5dgCRvyc
n8fz09BO60Nbm0WKbfeb3kWMpqvCm5H2P9lj02B77bWRs2mru8h/tefa7tPfM1n/
AY0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:14 2025 by rpki-client