Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c4Zh-tj8nSjFeeK6GK0cmIQdKos.roa
File: c4Zh-tj8nSjFeeK6GK0cmIQdKos.roa (raw, json)
Hash identifier: keHK+S/UewXL0VGuJzeQyMO6XTfPQJkx+DWeB7ffu4M=
Subject key identifier: 73:86:61:FA:D8:FC:9D:28:C5:79:E2:BA:18:AD:1C:98:84:1D:2A:8B
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8CB486B890827889EF8925B99BF149FF
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c4Zh-tj8nSjFeeK6GK0cmIQdKos.roa
Signing time: Sat 30 Mar 2024 00:13:44 +0000
ROA not before: Sat 30 Mar 2024 00:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8c:b4:86:b8:90:82:78:89:ef:89:25:b9:9b:f1:49:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 00:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=738661fad8fc9d28c579e2ba18ad1c98841d2a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:33:e0:4f:c0:19:b8:9f:ee:62:e3:eb:15:62:
44:09:52:b2:3e:66:ab:3f:c7:00:72:b4:17:a5:bd:
d3:95:4c:b8:2e:7a:d5:81:b2:80:e8:a9:c9:8a:38:
69:08:47:72:8c:01:19:4f:c8:42:13:c5:04:d6:cc:
80:74:e4:3c:b0:fa:eb:3f:8d:0b:db:0c:b4:39:1d:
bb:f4:6e:7d:3b:0b:9d:9e:0f:64:cb:42:bb:4a:2e:
dc:7d:80:ac:21:f7:9a:7e:48:c4:49:22:1e:95:d9:
6b:37:32:43:42:1b:01:94:d2:77:41:82:23:c2:6e:
dd:1c:26:ed:59:00:29:0a:58:ed:71:f7:1a:6b:15:
84:6e:80:4f:d3:9b:ba:9b:42:55:2c:2b:ec:d3:62:
96:60:28:bf:1f:03:f7:32:62:ef:83:c6:42:55:36:
30:29:9c:7b:02:f4:b2:fa:7d:d8:51:32:a6:33:11:
3d:52:24:8c:0c:9a:92:b6:b5:2a:34:fe:8e:d2:12:
39:01:28:c1:2d:eb:19:d8:52:05:3d:cc:c4:a3:e4:
dd:25:da:5d:a9:0a:72:d7:41:de:8c:7f:a2:44:fc:
8a:4c:30:39:7d:eb:b2:8a:68:0d:36:6c:55:7a:88:
9c:49:f7:5f:5e:df:33:b7:86:c0:ca:ef:3e:f5:a6:
b3:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:86:61:FA:D8:FC:9D:28:C5:79:E2:BA:18:AD:1C:98:84:1D:2A:8B
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/c4Zh-tj8nSjFeeK6GK0cmIQdKos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
59:c5:e4:68:77:ba:f4:45:96:b5:50:33:94:3a:dc:f8:2a:e0:
1b:0a:32:7a:d8:41:be:aa:f8:a8:9e:ce:a4:13:2d:30:02:ea:
3f:7a:9d:18:0b:60:a1:de:fc:d6:88:0e:b9:d7:db:64:bf:93:
d6:10:e7:c0:ca:dc:24:72:a9:2d:6c:5d:9b:5b:0f:fd:a3:be:
50:14:d3:02:5d:49:61:e9:7a:d2:94:7c:6e:68:f8:38:a2:a5:
a5:66:07:e9:02:9d:b2:3b:33:0e:9e:81:fd:3f:8a:47:df:43:
64:ba:d3:92:62:8d:bd:51:fe:96:e4:61:c8:bb:69:f6:81:d1:
3a:d2:92:59:88:17:10:5a:78:a2:dd:d2:b0:98:1f:d4:26:66:
e5:aa:9a:12:52:0b:55:d8:bb:16:a8:b8:f1:d6:61:26:70:dc:
d8:8d:88:f0:48:ea:4d:68:fe:9f:53:9c:07:74:b9:f8:56:c6:
73:e1:41:58:dd:71:6a:dd:f6:27:5b:b9:46:da:6b:2b:08:15:
4d:c8:dd:5f:ce:65:6c:ef:b5:82:ba:f0:5d:b5:8f:b0:5a:fb:
34:ba:31:22:93:68:de:30:b8:29:5d:81:3b:0d:4c:c3:a2:13:
0f:ed:e7:98:88:16:94:9e:86:9c:5b:7d:14:bc:df:24:0f:2f:
b9:0f:fa:7f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6MtIa4kIJ4ie+JJbmb8Un/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMDAxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzg2NjFmYWQ4ZmM5ZDI4YzU3OWUyYmExOGFkMWM5ODg0MWQyYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDPgT8AZuJ/uYuPrFWJECVKyPmar
P8cAcrQXpb3TlUy4LnrVgbKA6KnJijhpCEdyjAEZT8hCE8UE1syAdOQ8sPrrP40L
2wy0OR279G59Owudng9ky0K7Si7cfYCsIfeafkjESSIeldlrNzJDQhsBlNJ3QYIj
wm7dHCbtWQApCljtcfcaaxWEboBP05u6m0JVLCvs02KWYCi/HwP3MmLvg8ZCVTYw
KZx7AvSy+n3YUTKmMxE9UiSMDJqStrUqNP6O0hI5ASjBLesZ2FIFPczEo+TdJdpd
qQpy10HejH+iRPyKTDA5feuyimgNNmxVeoicSfdfXt8zt4bAyu8+9aazQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHOGYfrY/J0oxXniuhitHJiEHSqLMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYzRaaC10ajhuU2pGZWVLNkdLMGNtSVFkS29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFnF5Gh3uvRFlrVQM5Q6
3Pgq4BsKMnrYQb6q+KiezqQTLTAC6j96nRgLYKHe/NaIDrnX22S/k9YQ58DK3CRy
qS1sXZtbD/2jvlAU0wJdSWHpetKUfG5o+DiipaVmB+kCnbI7Mw6egf0/ikffQ2S6
05Jijb1R/pbkYci7afaB0TrSklmIFxBaeKLd0rCYH9QmZuWqmhJSC1XYuxaouPHW
YSZw3NiNiPBI6k1o/p9TnAd0ufhWxnPhQVjdcWrd9idbuUbaaysIFU3I3V/OZWzv
tYK68F21j7Ba+zS6MSKTaN4wuCldgTsNTMOiEw/t55iIFpSehpxbfRS83yQPL7kP
+n8=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:17:30 2025 by rpki-client