Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cWqFulaLWJrIYA8lc0yNTRFIhg8.roa
File: cWqFulaLWJrIYA8lc0yNTRFIhg8.roa (raw, json)
Hash identifier: GDSVt5Vzu+290fw8D6Nc1d4pjOL5mGT/AsjYntpr36Q=
Subject key identifier: 71:6A:85:BA:56:8B:58:9A:C8:60:0F:25:73:4C:8D:4D:11:48:86:0F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5C395C81E0A01FD49392B4BD39CF5D67
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cWqFulaLWJrIYA8lc0yNTRFIhg8.roa
Signing time: Tue 30 Jan 2024 21:14:39 +0000
ROA not before: Tue 30 Jan 2024 21:14:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5c:39:5c:81:e0:a0:1f:d4:93:92:b4:bd:39:cf:5d:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 30 21:14:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=716a85ba568b589ac8600f25734c8d4d1148860f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6c:d4:64:7c:63:1c:4e:52:1d:d8:b2:4c:8b:
17:6f:62:8f:bb:a5:18:e2:3b:f2:35:cf:9f:be:5b:
d4:29:09:ed:be:2d:ed:c0:5e:78:8f:97:04:3a:5b:
a7:de:99:12:83:8f:c4:f2:b3:30:7e:46:20:62:9d:
fe:25:58:1f:c1:d2:4d:80:8d:a9:3c:70:ac:a2:82:
e5:d7:21:f8:1c:32:bb:f2:4f:df:a6:14:61:e2:76:
64:1e:f2:b7:da:db:2e:6b:ef:92:a3:cb:05:44:70:
b8:dc:b2:d9:eb:9c:65:9b:f4:43:56:08:79:8b:46:
1a:6d:4f:58:eb:ff:28:2b:27:0a:cf:30:90:f3:25:
da:9c:44:f7:6f:52:29:98:b5:9b:e6:b2:dc:a6:40:
9c:06:05:13:79:76:9b:83:06:7f:e7:73:bb:62:a5:
ec:87:3e:5c:fb:bd:e3:cc:37:23:bc:74:4a:97:e6:
55:98:da:bc:16:5b:64:67:e6:b0:9b:c1:16:04:bc:
f2:9e:54:2e:cb:47:84:20:d2:e6:33:d2:ff:5a:c5:
b8:2f:c1:4d:de:65:95:e4:68:7b:e0:a4:fd:3b:76:
77:c2:d3:c2:4c:53:30:21:87:fb:b4:66:19:ad:12:
5f:15:28:01:f9:fa:71:0c:5a:a6:c5:31:40:6a:1c:
d8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6A:85:BA:56:8B:58:9A:C8:60:0F:25:73:4C:8D:4D:11:48:86:0F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cWqFulaLWJrIYA8lc0yNTRFIhg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
3f:96:90:eb:90:84:03:52:2f:f4:17:15:e5:d4:33:d2:8d:8d:
ac:05:de:1d:be:c3:18:80:0c:37:3c:d0:e0:1a:fa:e5:c9:5b:
7a:22:dc:30:ee:e8:20:fd:d4:aa:00:e2:37:b9:fd:91:32:2e:
0c:95:da:8a:65:7f:3b:f1:b8:32:f6:33:8b:85:9b:e4:1c:ab:
96:51:52:b3:d3:ce:ff:98:74:bb:a5:3f:91:59:6c:15:0c:6f:
08:ae:8a:63:70:76:d5:73:ea:e8:80:1d:95:fd:db:68:66:c3:
c9:26:03:d9:6a:1a:1c:52:b2:d4:9f:40:54:e4:94:e0:03:cf:
f5:36:4a:fe:5e:9b:05:60:9f:13:84:db:0d:15:a1:f4:a2:8e:
81:98:3a:4f:ae:70:59:f8:f2:c3:41:17:5e:a8:6f:70:5b:a8:
67:78:50:dd:06:b2:3d:71:12:b0:1c:c6:c8:15:77:a7:d1:43:
09:1c:96:26:c3:a7:e1:f6:c9:bf:3d:e7:2c:c9:0d:6f:51:1b:
d8:87:38:eb:a8:d8:e0:94:f3:20:11:c4:22:f2:b2:a7:fa:ef:
02:a4:74:6d:8c:6f:ed:6b:a9:2b:b9:b3:80:46:e1:09:3b:ef:
c8:c9:c0:95:c5:7a:4a:a6:f3:c7:f5:72:a0:95:8d:ec:c4:a2:
40:7d:3b:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1cOVyB4KAf1JOStL05z11nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMwMjExNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTZhODViYTU2OGI1ODlhYzg2MDBmMjU3MzRjOGQ0ZDExNDg4NjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2zUZHxjHE5SHdiyTIsXb2KPu6UY
4jvyNc+fvlvUKQntvi3twF54j5cEOlun3pkSg4/E8rMwfkYgYp3+JVgfwdJNgI2p
PHCsooLl1yH4HDK78k/fphRh4nZkHvK32tsua++So8sFRHC43LLZ65xlm/RDVgh5
i0YabU9Y6/8oKycKzzCQ8yXanET3b1IpmLWb5rLcpkCcBgUTeXabgwZ/53O7YqXs
hz5c+73jzDcjvHRKl+ZVmNq8FltkZ+awm8EWBLzynlQuy0eEINLmM9L/WsW4L8FN
3mWV5Gh74KT9O3Z3wtPCTFMwIYf7tGYZrRJfFSgB+fpxDFqmxTFAahzYZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHFqhbpWi1iayGAPJXNMjU0RSIYPMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY1dxRnVsYUxXSnJJWUE4bGMweU5UUkZJaGc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAD+WkOuQhANSL/QXFeXU
M9KNjawF3h2+wxiADDc80OAa+uXJW3oi3DDu6CD91KoA4je5/ZEyLgyV2oplfzvx
uDL2M4uFm+Qcq5ZRUrPTzv+YdLulP5FZbBUMbwiuimNwdtVz6uiAHZX922hmw8km
A9lqGhxSstSfQFTklOADz/U2Sv5emwVgnxOE2w0VofSijoGYOk+ucFn48sNBF16o
b3BbqGd4UN0Gsj1xErAcxsgVd6fRQwkclibDp+H2yb895yzJDW9RG9iHOOuo2OCU
8yARxCLysqf67wKkdG2Mb+1rqSu5s4BG4Qk778jJwJXFekqm88f1cqCVjezEokB9
O8I=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:05 2025 by rpki-client