Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/b97ccUPLQyVivz4nIGjBJR3R-LU.roa
File: b97ccUPLQyVivz4nIGjBJR3R-LU.roa (raw, json)
Hash identifier: wIYrGSVCEGuLDFdPgc21Z3p9Rry75JX4GreahjBWg7E=
Subject key identifier: 6F:DE:DC:71:43:CB:43:25:62:BF:3E:27:20:68:C1:25:1D:D1:F8:B5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D99C622CF44120563085ABD24864A3CBE
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/b97ccUPLQyVivz4nIGjBJR3R-LU.roa
Signing time: Sun 11 Feb 2024 20:05:15 +0000
ROA not before: Sun 11 Feb 2024 20:05:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:99c5:35ba/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:99:c6:22:cf:44:12:05:63:08:5a:bd:24:86:4a:3c:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 11 20:05:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6fdedc7143cb432562bf3e272068c1251dd1f8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9a:8d:a7:37:90:13:47:9f:24:2c:53:83:56:
72:0e:12:48:65:c0:85:9a:d0:db:5f:92:c5:2f:88:
66:fe:d9:a7:00:c6:1b:01:0c:ff:d8:bc:16:05:79:
1c:ca:9d:6a:d2:22:21:54:b6:e5:fb:71:b8:04:ae:
25:53:84:c9:aa:bd:fd:5e:e1:d2:a5:7e:8a:01:f9:
92:38:fc:4c:f1:13:b4:d6:b1:26:15:2f:19:03:b7:
1b:59:ba:0d:e5:66:4e:7f:c5:80:79:09:68:bb:e2:
3d:ce:01:31:82:56:cb:a2:45:50:ff:b9:43:ed:83:
78:2e:8a:ab:33:34:f7:bc:0c:be:07:aa:71:7f:bf:
86:1b:9b:74:e3:0e:2f:3b:77:24:ae:fe:d7:5b:5d:
59:15:0c:c5:86:13:38:b9:43:37:03:54:89:7b:7c:
18:7a:b9:ac:ec:9f:83:28:11:85:6a:4d:92:e7:66:
c1:d3:2b:5e:3f:fc:60:3e:cd:5e:32:c9:b3:49:b5:
85:61:c3:db:b7:05:0c:08:46:4d:c5:64:98:a5:b9:
70:b6:cb:ee:31:7d:42:96:d5:9c:aa:ad:12:9c:04:
9d:89:e7:f8:d1:c2:03:42:f7:0b:25:56:0a:3f:08:
e8:a9:1a:8d:04:60:b7:28:85:d8:be:81:93:a0:b9:
80:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:DE:DC:71:43:CB:43:25:62:BF:3E:27:20:68:C1:25:1D:D1:F8:B5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/b97ccUPLQyVivz4nIGjBJR3R-LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:a8:4b:87:41:d1:a1:4c:a4:b0:63:e2:f3:7e:50:ac:58:03:
19:81:2e:27:cf:d8:59:be:df:de:d5:a8:e9:18:3e:55:56:c3:
55:aa:b1:78:2a:1b:bd:79:45:a2:d9:c5:52:51:ce:94:99:ce:
b5:ed:b1:af:f1:c2:91:fb:3f:15:de:be:f0:96:f2:61:67:d9:
8d:ad:0a:db:32:71:7e:1a:26:2c:cd:9a:58:17:9d:c7:da:93:
36:0e:a7:b1:67:f2:27:02:df:66:32:80:df:46:22:06:8a:95:
92:2e:85:03:75:c2:8b:43:63:6a:d6:eb:02:b2:cf:d3:f0:f0:
ca:05:5a:49:8a:c5:e3:c2:8b:26:16:f1:55:b5:ca:32:45:75:
30:e9:17:d0:e5:88:71:dd:e8:e3:12:fa:b5:ed:25:83:87:fa:
40:d4:e2:18:61:9d:26:af:f6:ad:25:23:f1:9f:d5:16:a4:1a:
46:ca:2c:4c:2b:f1:d7:06:30:be:9c:f6:03:ea:f8:0d:25:37:
c3:38:81:e5:75:53:92:09:cd:3e:5d:a1:a5:01:86:ec:ca:12:
b8:21:06:0e:39:9b:68:bf:96:14:04:0b:1a:fb:88:1b:42:a2:
ef:d0:5a:eb:97:2b:ff:6f:a4:74:c7:37:0e:ea:0c:e8:9d:6e:
8c:73:89:be
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2ZxiLPRBIFYwhavSSGSjy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjExMjAwNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmRlZGM3MTQzY2I0MzI1NjJiZjNlMjcyMDY4YzEyNTFkZDFmOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpqNpzeQE0efJCxTg1ZyDhJIZcCF
mtDbX5LFL4hm/tmnAMYbAQz/2LwWBXkcyp1q0iIhVLbl+3G4BK4lU4TJqr39XuHS
pX6KAfmSOPxM8RO01rEmFS8ZA7cbWboN5WZOf8WAeQlou+I9zgExglbLokVQ/7lD
7YN4LoqrMzT3vAy+B6pxf7+GG5t04w4vO3ckrv7XW11ZFQzFhhM4uUM3A1SJe3wY
erms7J+DKBGFak2S52bB0yteP/xgPs1eMsmzSbWFYcPbtwUMCEZNxWSYpblwtsvu
MX1CltWcqq0SnASdief40cIDQvcLJVYKPwjoqRqNBGC3KIXYvoGToLmAuQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG/e3HFDy0MlYr8+JyBowSUd0fi1MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYjk3Y2NVUExReVZpdno0bklHakJKUjNSLUxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHOoS4dB0aFMpLBj4vN+
UKxYAxmBLifP2Fm+397VqOkYPlVWw1WqsXgqG715RaLZxVJRzpSZzrXtsa/xwpH7
PxXevvCW8mFn2Y2tCtsycX4aJizNmlgXncfakzYOp7Fn8icC32YygN9GIgaKlZIu
hQN1wotDY2rW6wKyz9Pw8MoFWkmKxePCiyYW8VW1yjJFdTDpF9DliHHd6OMS+rXt
JYOH+kDU4hhhnSav9q0lI/Gf1RakGkbKLEwr8dcGML6c9gPq+A0lN8M4geV1U5IJ
zT5doaUBhuzKErghBg45m2i/lhQECxr7iBtCou/QWuuXK/9vpHTHNw7qDOidboxz
ib4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:19 2025 by rpki-client