Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cgsOnlNLFt6qEfRr-Z5j0rRtf88.roa
File: cgsOnlNLFt6qEfRr-Z5j0rRtf88.roa (raw, json)
Hash identifier: 7KwZwG0OaiYEpDzqNl3uAyrzR+Z9uRrathGShCwyUhc=
Subject key identifier: 72:0B:0E:9E:53:4B:16:DE:AA:11:F4:6B:F9:9E:63:D2:B4:6D:7F:CF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA5D4D67648B3AC22807531289B745A8B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cgsOnlNLFt6qEfRr-Z5j0rRtf88.roa
Signing time: Tue 26 Dec 2023 11:13:58 +0000
ROA not before: Tue 26 Dec 2023 11:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:d4:d6:76:48:b3:ac:22:80:75:31:28:9b:74:5a:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 26 11:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=720b0e9e534b16deaa11f46bf99e63d2b46d7fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d7:36:4b:ef:57:cd:cc:82:cd:7d:68:93:af:
cd:86:26:90:8f:9b:71:11:bc:15:2f:cb:71:73:78:
d6:fc:a9:42:1a:1f:56:95:44:3f:65:c8:21:6d:8c:
df:40:18:3e:bd:84:21:4b:f8:81:75:cb:18:ce:13:
c2:0f:79:bc:16:73:07:35:d0:4a:52:c6:03:00:5d:
e5:8c:83:c8:84:d3:d6:25:81:b5:76:de:54:3d:30:
8c:48:5f:c0:07:1c:54:28:6a:1a:bf:aa:f5:cf:17:
fc:fb:dd:51:40:c8:6b:9d:df:6c:4a:41:87:4e:35:
b3:9a:b4:de:91:84:54:60:13:d5:88:88:b7:96:d1:
f4:e4:f5:43:89:a0:03:84:67:0f:43:61:51:c4:90:
31:a2:9d:b2:3b:55:55:13:a7:a1:ff:67:ac:68:6c:
e7:5c:d2:05:57:6a:fd:bc:ca:88:ce:f7:d7:d3:87:
bf:84:f3:1c:39:c8:a2:08:03:f3:1b:41:f7:3f:e3:
21:d1:29:2b:77:1c:e6:11:ef:22:ca:72:98:57:d7:
79:c6:32:2b:5e:13:51:a2:14:73:b6:fb:ed:c9:48:
6b:d7:11:96:a5:be:62:48:1a:59:43:b9:4b:1a:9d:
a8:f5:e0:a0:a1:c6:af:56:a8:7e:92:8f:eb:e0:b5:
d2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:0B:0E:9E:53:4B:16:DE:AA:11:F4:6B:F9:9E:63:D2:B4:6D:7F:CF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/cgsOnlNLFt6qEfRr-Z5j0rRtf88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:18:64:19:8d:a9:78:f1:1b:7e:7e:96:b9:38:9a:0b:d9:7c:
22:f2:34:33:45:54:ea:7e:e5:4f:6a:e9:31:5e:c1:b2:fa:e4:
39:ad:01:30:81:3a:23:06:8e:d2:ae:f0:34:2e:0a:d1:b7:86:
f0:2e:3f:63:e5:46:26:fa:98:8f:d1:bf:78:c1:1d:bd:c1:91:
2c:05:7a:0c:84:25:e8:2b:f0:c3:c2:ac:03:16:62:73:02:08:
72:f9:92:ac:a4:78:d7:1e:a4:8a:ec:5e:2d:0f:da:3c:5d:0d:
17:3c:6d:75:29:82:7f:1d:cc:51:c5:b0:c1:a9:5f:93:2f:20:
14:d3:1f:12:ee:26:c4:3e:5e:48:f1:a2:3d:a7:ba:ac:66:7f:
fd:84:e8:5b:10:2c:d4:cd:39:32:ca:23:40:d3:e5:9a:82:84:
b0:6b:0f:eb:fa:ec:05:08:f8:98:10:c4:a6:57:97:6c:99:c9:
71:fa:83:34:bf:cb:52:de:35:45:5b:8c:1c:94:f7:09:f1:74:
31:ac:ca:b4:1f:00:7f:3b:fe:14:2c:80:9c:f4:28:68:05:ff:
ea:be:4e:a2:b0:9e:db:aa:5b:03:05:00:3a:d6:7f:0b:40:b6:
a4:2a:30:97:59:a6:be:df:36:96:70:80:70:6f:f7:e8:76:b7:
c0:9f:c1:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyl1NZ2SLOsIoB1MSibdFqLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI2MTExMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjBiMGU5ZTUzNGIxNmRlYWExMWY0NmJmOTllNjNkMmI0NmQ3ZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Nc2S+9XzcyCzX1ok6/NhiaQj5tx
EbwVL8txc3jW/KlCGh9WlUQ/ZcghbYzfQBg+vYQhS/iBdcsYzhPCD3m8FnMHNdBK
UsYDAF3ljIPIhNPWJYG1dt5UPTCMSF/ABxxUKGoav6r1zxf8+91RQMhrnd9sSkGH
TjWzmrTekYRUYBPViIi3ltH05PVDiaADhGcPQ2FRxJAxop2yO1VVE6eh/2esaGzn
XNIFV2r9vMqIzvfX04e/hPMcOciiCAPzG0H3P+Mh0SkrdxzmEe8iynKYV9d5xjIr
XhNRohRztvvtyUhr1xGWpb5iSBpZQ7lLGp2o9eCgocavVqh+ko/r4LXSdQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHILDp5TSxbeqhH0a/meY9K0bX/PMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY2dzT25sTkxGdDZxRWZSci1aNWowclJ0Zjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACsYZBmNqXjxG35+lrk4
mgvZfCLyNDNFVOp+5U9q6TFewbL65DmtATCBOiMGjtKu8DQuCtG3hvAuP2PlRib6
mI/Rv3jBHb3BkSwFegyEJegr8MPCrAMWYnMCCHL5kqykeNcepIrsXi0P2jxdDRc8
bXUpgn8dzFHFsMGpX5MvIBTTHxLuJsQ+Xkjxoj2nuqxmf/2E6FsQLNTNOTLKI0DT
5ZqChLBrD+v67AUI+JgQxKZXl2yZyXH6gzS/y1LeNUVbjByU9wnxdDGsyrQfAH87
/hQsgJz0KGgF/+q+TqKwntuqWwMFADrWfwtAtqQqMJdZpr7fNpZwgHBv9+h2t8Cf
wVg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:30 2025 by rpki-client