Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c0fMGmnLhKe6j2GY73avYWr3f7M.roa
File: c0fMGmnLhKe6j2GY73avYWr3f7M.roa (raw, json)
Hash identifier: iexc0XBJN/TtYmGywKqU8sk3IhATnfg7OAMHiaTxfZg=
Subject key identifier: 73:47:CC:1A:69:CB:84:A7:BA:8F:61:98:EF:76:AF:61:6A:F7:7F:B3
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E19E01B695E54A8566444CDF8F2E1077C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c0fMGmnLhKe6j2GY73avYWr3f7M.roa
Signing time: Thu 07 Mar 2024 17:05:01 +0000
ROA not before: Thu 07 Mar 2024 17:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:19df:75cd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:e0:1b:69:5e:54:a8:56:64:44:cd:f8:f2:e1:07:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 7 17:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7347cc1a69cb84a7ba8f6198ef76af616af77fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b0:14:2a:af:22:82:d2:e0:fd:40:26:ce:06:
cc:f4:c1:57:f3:e7:d5:15:51:74:76:cf:24:3b:a0:
01:81:34:9b:df:07:30:12:4c:20:56:ac:f3:1d:d3:
97:1e:e4:2b:23:ff:ba:25:7e:29:90:3f:83:2c:a5:
f7:d5:fe:23:00:c8:85:90:7e:55:58:a9:e8:fd:b4:
f9:a5:41:2a:89:94:b6:d1:8d:bd:0d:4a:56:c2:d1:
02:5d:18:e9:58:da:28:54:3f:72:44:ab:be:da:7e:
35:2b:a5:1f:31:10:bb:35:1c:00:21:3f:53:9c:c8:
35:a3:41:4b:e1:1f:72:09:e4:81:b0:e4:12:a9:47:
0d:03:d2:66:14:45:44:d4:f1:e7:58:62:f5:3a:eb:
ed:ac:b1:46:aa:1a:f8:e6:d3:81:e9:d0:a7:ac:27:
a7:3c:4a:11:f3:1a:0a:93:de:5a:69:b6:d6:1d:91:
5b:9e:2e:46:09:67:09:11:62:ef:4d:a8:9d:d2:ba:
f4:04:d8:ba:30:ee:3e:65:d6:ab:e4:3b:cc:65:08:
b9:2c:2c:6f:7b:d0:81:cc:42:f1:72:af:e7:ed:a6:
01:94:76:77:51:79:22:dd:42:1f:f2:49:72:a7:b5:
c2:46:a1:85:00:6f:bd:8a:fa:da:c8:04:f5:c1:64:
ea:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:47:CC:1A:69:CB:84:A7:BA:8F:61:98:EF:76:AF:61:6A:F7:7F:B3
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c0fMGmnLhKe6j2GY73avYWr3f7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
28:47:27:7f:cd:e1:2d:c7:7d:e3:a5:f0:9a:8d:3d:8c:50:b2:
62:cf:86:8a:bb:b6:4f:e6:c1:c0:51:24:a5:a0:65:2a:f4:eb:
b3:5d:a9:a9:96:72:32:b9:d1:ca:9c:da:34:a7:98:7f:73:8f:
e1:9b:5e:1b:0d:c1:00:10:ab:ca:d2:57:63:03:e8:de:33:c1:
91:4e:dc:20:34:d5:d6:ca:44:52:82:41:f1:fe:32:92:69:d8:
72:90:55:46:08:f8:74:06:c3:8d:6d:4f:1f:45:6f:65:97:6a:
bc:27:fe:d3:d2:a8:7b:01:18:80:40:58:03:e5:0e:13:85:80:
93:8c:82:d4:e2:c5:3d:a9:f9:56:79:d4:a2:dc:d6:a5:08:f6:
fc:92:50:74:72:c5:d0:97:27:04:3a:e0:d5:92:a2:6c:a0:00:
11:7c:dd:de:91:ef:17:4a:7a:13:47:83:38:c7:46:7b:70:ba:
c1:c7:b0:04:7b:3e:72:0f:41:98:7c:9e:c2:cd:73:1f:e1:a1:
96:0a:2e:0d:59:bf:71:a4:27:93:c0:84:4f:3e:dc:1f:49:00:
c2:7b:44:dc:cb:3d:cf:dc:5d:3f:3a:2b:35:a4:52:0c:8e:d2:
1d:91:20:26:9c:08:86:3e:8d:c8:f2:34:be:fa:34:ff:4c:f5:
ec:1a:36:18
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4Z4BtpXlSoVmREzfjy4Qd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzA3MTcwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQ3Y2MxYTY5Y2I4NGE3YmE4ZjYxOThlZjc2YWY2MTZhZjc3ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrAUKq8igtLg/UAmzgbM9MFX8+fV
FVF0ds8kO6ABgTSb3wcwEkwgVqzzHdOXHuQrI/+6JX4pkD+DLKX31f4jAMiFkH5V
WKno/bT5pUEqiZS20Y29DUpWwtECXRjpWNooVD9yRKu+2n41K6UfMRC7NRwAIT9T
nMg1o0FL4R9yCeSBsOQSqUcNA9JmFEVE1PHnWGL1OuvtrLFGqhr45tOB6dCnrCen
PEoR8xoKk95aabbWHZFbni5GCWcJEWLvTaid0rr0BNi6MO4+Zdar5DvMZQi5LCxv
e9CBzELxcq/n7aYBlHZ3UXki3UIf8klyp7XCRqGFAG+9ivrayAT1wWTqzwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHNHzBppy4Snuo9hmO92r2Fq93+zMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYzBmTUdtbkxoS2U2ajJHWTczYXZZV3IzZjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAChHJ3/N4S3HfeOl8JqN
PYxQsmLPhoq7tk/mwcBRJKWgZSr067NdqamWcjK50cqc2jSnmH9zj+GbXhsNwQAQ
q8rSV2MD6N4zwZFO3CA01dbKRFKCQfH+MpJp2HKQVUYI+HQGw41tTx9Fb2WXarwn
/tPSqHsBGIBAWAPlDhOFgJOMgtTixT2p+VZ51KLc1qUI9vySUHRyxdCXJwQ64NWS
omygABF83d6R7xdKehNHgzjHRntwusHHsAR7PnIPQZh8nsLNcx/hoZYKLg1Zv3Gk
J5PAhE8+3B9JAMJ7RNzLPc/cXT86KzWkUgyO0h2RICacCIY+jcjyNL76NP9M9ewa
Nhg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:21:10 2025 by rpki-client