Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/chmBz5F_fH36jm5cTVF3KopNofE.roa
File: chmBz5F_fH36jm5cTVF3KopNofE.roa (raw, json)
Hash identifier: waZ24HG+BEQSstqDPTo2f1iHfx0VRJ/rwawouPzE4j8=
Subject key identifier: 72:19:81:CF:91:7F:7C:7D:FA:8E:6E:5C:4D:51:77:2A:8A:4D:A1:F1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C89B08D26F9F2A97C7486F4380C3AEC22
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/chmBz5F_fH36jm5cTVF3KopNofE.roa
Signing time: Thu 21 Dec 2023 00:04:58 +0000
ROA not before: Thu 21 Dec 2023 00:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:89af:f68a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:89:b0:8d:26:f9:f2:a9:7c:74:86:f4:38:0c:3a:ec:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 21 00:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=721981cf917f7c7dfa8e6e5c4d51772a8a4da1f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7d:c3:e6:b7:3b:bf:84:23:d3:e7:d2:21:67:
11:fc:f9:45:e5:9f:b9:78:3f:c8:a8:6e:bd:6c:4a:
6b:cf:a4:23:ed:c9:d9:0e:d9:b1:e0:5e:74:21:64:
a5:1e:b7:49:03:ed:1b:97:a7:18:4c:0e:5f:3f:34:
10:61:08:01:a3:73:a9:c1:bb:cb:8f:d9:5c:2b:4c:
93:d2:8b:67:53:01:40:f9:f1:16:0e:6d:d4:f1:7e:
b8:05:b5:4e:86:79:c7:b1:27:79:9c:98:2c:d0:2f:
9d:0b:32:17:59:7e:f8:64:6b:7e:64:21:39:58:c9:
2e:e1:aa:f0:49:d4:3d:a7:e8:b2:23:2d:d8:59:4e:
f8:4e:9e:47:50:d9:ef:d5:6a:da:f5:65:81:81:0d:
1a:5f:ef:1e:fd:14:e8:9d:04:c3:de:e6:f4:db:ee:
6c:e8:5f:8e:15:f0:41:11:22:ac:9f:7e:3f:c0:3e:
74:d5:bb:eb:81:a7:45:0d:0e:67:e7:e0:6e:4f:b2:
77:28:f5:fd:9a:39:fa:5b:35:f8:dd:3d:97:27:1b:
c8:93:72:4d:cb:1b:db:c3:f4:8d:37:98:a1:bd:be:
47:83:e0:dd:9d:ce:cf:ae:2f:30:04:7b:16:32:f1:
b2:93:e3:ac:95:b7:25:a8:93:ae:ce:d4:d8:07:aa:
8a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:19:81:CF:91:7F:7C:7D:FA:8E:6E:5C:4D:51:77:2A:8A:4D:A1:F1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/chmBz5F_fH36jm5cTVF3KopNofE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:8e:1d:96:27:5f:c0:42:8b:ac:49:de:35:dc:7b:ca:84:91:
17:59:37:7b:aa:d4:e4:b1:e7:40:5a:0d:78:8c:55:83:c9:f7:
e3:9c:37:16:39:d9:a9:7c:b3:bb:7b:cf:64:3e:0c:f3:38:76:
8d:16:07:c6:3f:7b:c2:e4:6b:b7:dd:6e:3b:a4:f2:d5:3d:ea:
be:b6:f8:57:a5:3b:15:f8:b1:0b:44:ff:d1:c7:0b:fd:7b:9e:
b9:e2:a1:01:87:3b:51:98:f3:42:71:b1:ae:da:36:e5:9a:3a:
b7:ce:f7:f9:01:ea:e6:23:44:36:48:28:69:d1:bf:6c:75:f0:
1a:87:45:00:e7:e2:73:57:df:b4:20:5f:8c:a4:29:e9:a0:d3:
0c:11:e9:72:dd:2f:a4:46:17:e2:c7:7c:36:16:79:50:d2:5a:
db:80:07:aa:ac:3c:ef:54:20:d2:34:f1:1d:f3:45:bd:e0:27:
45:14:2e:02:09:73:26:dc:74:df:45:3d:d0:9f:07:91:ed:be:
9f:a0:d8:b5:ce:16:85:47:3f:d7:81:be:25:a6:70:62:17:20:
21:d3:ff:14:dc:57:92:b8:07:24:9f:07:68:4d:4d:0e:b1:94:
2b:13:48:a5:9e:f0:92:1c:cd:62:a1:29:21:04:58:5e:56:db:
bc:38:25:ad
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyJsI0m+fKpfHSG9DgMOuwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIxMDAwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE5ODFjZjkxN2Y3YzdkZmE4ZTZlNWM0ZDUxNzcyYThhNGRhMWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp33D5rc7v4Qj0+fSIWcR/PlF5Z+5
eD/IqG69bEprz6Qj7cnZDtmx4F50IWSlHrdJA+0bl6cYTA5fPzQQYQgBo3OpwbvL
j9lcK0yT0otnUwFA+fEWDm3U8X64BbVOhnnHsSd5nJgs0C+dCzIXWX74ZGt+ZCE5
WMku4arwSdQ9p+iyIy3YWU74Tp5HUNnv1Wra9WWBgQ0aX+8e/RTonQTD3ub02+5s
6F+OFfBBESKsn34/wD501bvrgadFDQ5n5+BuT7J3KPX9mjn6WzX43T2XJxvIk3JN
yxvbw/SNN5ihvb5Hg+Ddnc7Pri8wBHsWMvGyk+OslbclqJOuztTYB6qK0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHIZgc+Rf3x9+o5uXE1RdyqKTaHxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvY2htQno1Rl9mSDM2am01Y1RWRjNLb3BOb2ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEKOHZYnX8BCi6xJ3jXc
e8qEkRdZN3uq1OSx50BaDXiMVYPJ9+OcNxY52al8s7t7z2Q+DPM4do0WB8Y/e8Lk
a7fdbjuk8tU96r62+FelOxX4sQtE/9HHC/17nrnioQGHO1GY80Jxsa7aNuWaOrfO
9/kB6uYjRDZIKGnRv2x18BqHRQDn4nNX37QgX4ykKemg0wwR6XLdL6RGF+LHfDYW
eVDSWtuAB6qsPO9UINI08R3zRb3gJ0UULgIJcybcdN9FPdCfB5Htvp+g2LXOFoVH
P9eBviWmcGIXICHT/xTcV5K4BySfB2hNTQ6xlCsTSKWe8JIczWKhKSEEWF5W27w4
Ja0=
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:52:33 2025 by rpki-client