Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bR6vCxzyA4gc_jwBhHV0HNMsauQ.roa
File: bR6vCxzyA4gc_jwBhHV0HNMsauQ.roa (raw, json)
Hash identifier: ajSodcCRTj2xbpZCbKRgqdlxX4bgt/esosOjhXopPAc=
Subject key identifier: 6D:1E:AF:0B:1C:F2:03:88:1C:FE:3C:01:84:75:74:1C:D3:2C:6A:E4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1D230839E722E8399DDFAB40758603EA
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bR6vCxzyA4gc_jwBhHV0HNMsauQ.roa
Signing time: Thu 18 Jan 2024 15:14:11 +0000
ROA not before: Thu 18 Jan 2024 15:14:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1d:23:08:39:e7:22:e8:39:9d:df:ab:40:75:86:03:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 18 15:14:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d1eaf0b1cf203881cfe3c018475741cd32c6ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:35:53:90:aa:cf:12:65:f3:33:bb:30:7e:6e:
e3:52:83:70:3d:b9:ff:59:16:98:1a:1a:8c:67:c1:
67:a5:19:4b:aa:30:f3:d2:5e:40:7f:49:d0:4e:ce:
fc:1e:e5:db:ef:be:a9:90:8c:d1:5b:5f:82:75:17:
43:33:9d:b8:12:0e:df:96:a5:11:5d:04:e8:09:de:
7d:17:ef:ad:81:f5:56:87:f6:fc:ec:0e:62:b8:96:
32:66:20:2d:ba:86:70:5e:5b:8f:ec:35:10:88:02:
68:09:fb:21:0a:69:ed:23:c6:7f:0f:78:05:42:75:
1a:2e:dd:0f:0c:d3:9b:99:9d:90:fd:19:bb:08:cb:
81:3a:1c:85:25:40:69:85:0c:67:61:2b:ca:cf:f6:
0b:38:9e:c7:07:b1:21:01:1b:a0:87:13:ad:ff:a5:
15:15:b4:42:bf:9c:b2:c7:bc:75:9b:5f:ba:b1:9e:
ba:1e:ee:ca:31:94:c8:a3:9d:3e:dd:47:dd:ab:ee:
12:e2:ea:66:a5:42:92:c7:bd:59:f6:4b:a9:07:80:
a9:86:8f:1b:22:3f:26:88:8d:f5:39:41:f3:0a:2d:
99:35:d5:d3:f6:30:54:fc:4a:ff:ed:74:8d:dd:f3:
2c:d5:ec:29:90:bf:b5:28:1d:c3:b0:4e:0b:88:07:
e1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1E:AF:0B:1C:F2:03:88:1C:FE:3C:01:84:75:74:1C:D3:2C:6A:E4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bR6vCxzyA4gc_jwBhHV0HNMsauQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
31:cd:e0:32:02:3f:99:d1:06:a9:7b:16:e6:f8:d1:81:11:f9:
7a:a7:20:2b:09:8a:b6:3d:60:2e:64:9a:2c:06:e7:9c:9f:1e:
e1:15:4b:8f:70:96:6d:35:0e:1a:b6:6f:8b:19:39:73:c7:0f:
e0:74:5b:d7:e6:67:d5:f3:f2:d4:47:76:26:fb:ec:f6:02:45:
7e:f4:ed:89:13:c4:50:e4:0c:1e:bc:9c:be:37:ab:7a:e0:e0:
7a:14:f9:68:e3:ac:2f:ae:1d:c8:f4:cc:9e:6b:26:8c:c8:27:
ce:cf:d4:42:13:ca:cb:70:ad:8b:ea:41:3c:35:8c:82:f4:98:
90:21:5d:ce:f5:8d:01:ef:d3:05:1e:92:d6:da:e7:4f:b0:82:
95:df:b7:c3:b5:68:9d:81:d0:b1:0f:82:5e:61:d0:9b:cc:5d:
6b:0e:fe:fa:72:15:9a:39:15:e2:12:f7:7d:b6:2a:3b:10:22:
63:45:10:b5:b5:9f:4a:96:59:19:10:d1:b3:d5:aa:72:ed:7f:
81:b7:06:32:4f:eb:9d:28:91:d8:7d:46:5f:91:bd:9f:53:0f:
43:66:b7:d3:4c:ee:eb:d9:e2:67:be:a6:79:e9:37:f3:79:33:
7a:65:cb:0e:e2:3f:7c:84:c0:0e:c0:1c:98:d4:e9:cc:dd:24:
79:db:32:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0dIwg55yLoOZ3fq0B1hgPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE4MTUxNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFlYWYwYjFjZjIwMzg4MWNmZTNjMDE4NDc1NzQxY2QzMmM2YWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizVTkKrPEmXzM7swfm7jUoNwPbn/
WRaYGhqMZ8FnpRlLqjDz0l5Af0nQTs78HuXb776pkIzRW1+CdRdDM524Eg7flqUR
XQToCd59F++tgfVWh/b87A5iuJYyZiAtuoZwXluP7DUQiAJoCfshCmntI8Z/D3gF
QnUaLt0PDNObmZ2Q/Rm7CMuBOhyFJUBphQxnYSvKz/YLOJ7HB7EhARughxOt/6UV
FbRCv5yyx7x1m1+6sZ66Hu7KMZTIo50+3Ufdq+4S4upmpUKSx71Z9kupB4Cpho8b
Ij8miI31OUHzCi2ZNdXT9jBU/Er/7XSN3fMs1ewpkL+1KB3DsE4LiAfhWQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG0erwsc8gOIHP48AYR1dBzTLGrkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYlI2dkN4enlBNGdjX2p3QmhIVjBITk1zYXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADHN4DICP5nRBql7Fub4
0YER+XqnICsJirY9YC5kmiwG55yfHuEVS49wlm01Dhq2b4sZOXPHD+B0W9fmZ9Xz
8tRHdib77PYCRX707YkTxFDkDB68nL43q3rg4HoU+WjjrC+uHcj0zJ5rJozIJ87P
1EITystwrYvqQTw1jIL0mJAhXc71jQHv0wUektba50+wgpXft8O1aJ2B0LEPgl5h
0JvMXWsO/vpyFZo5FeIS9322KjsQImNFELW1n0qWWRkQ0bPVqnLtf4G3BjJP650o
kdh9Rl+RvZ9TD0Nmt9NM7uvZ4me+pnnpN/N5M3plyw7iP3yEwA7AHJjU6czdJHnb
Mik=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:22 2025 by rpki-client