Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d1lEwOKefP0ZUuwslTn7n97pgl8.roa
File: d1lEwOKefP0ZUuwslTn7n97pgl8.roa (raw, json)
Hash identifier: 3aN19TQ1/SnGDTHk1f3cqlCodUo9nQED5XuR6Un7K68=
Subject key identifier: 77:59:44:C0:E2:9E:7C:FD:19:52:EC:2C:95:39:FB:9F:DE:E9:82:5F
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D39E2F4B2C56828E7175D91C0B78E6CDB
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d1lEwOKefP0ZUuwslTn7n97pgl8.roa
Signing time: Wed 24 Jan 2024 05:13:11 +0000
ROA not before: Wed 24 Jan 2024 05:13:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:39:e2:f4:b2:c5:68:28:e7:17:5d:91:c0:b7:8e:6c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 24 05:13:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=775944c0e29e7cfd1952ec2c9539fb9fdee9825f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9e:6b:e4:1e:13:48:80:dd:80:97:f0:3e:e9:
ba:85:32:ca:86:a6:84:43:5e:7a:db:5f:e3:dd:21:
94:36:5a:76:c5:32:05:de:22:93:8b:8e:78:d7:c1:
59:95:25:b2:56:f7:8c:7b:37:89:2f:a3:9d:ea:3c:
fd:cf:31:90:4e:bd:6c:6e:05:50:99:b6:fa:f5:79:
d7:d9:8b:92:cd:9a:62:65:77:ad:a3:5e:0b:5f:a1:
9c:69:a2:44:7a:4f:52:0a:64:18:02:ff:74:94:3c:
ac:31:92:8f:a1:4a:fa:f0:5a:e9:43:e5:66:f5:0f:
6a:b5:57:40:ba:e2:97:42:43:66:47:0d:09:cc:e1:
77:c0:20:2b:f7:50:b3:dc:be:a7:b0:5e:90:90:a6:
77:d5:3f:88:30:49:7d:86:1c:ac:a4:70:ad:70:3c:
d2:d9:13:3a:92:11:eb:d2:6e:54:3f:1e:08:01:53:
4b:02:d3:74:01:db:e2:ed:e8:82:ca:c3:94:34:80:
bf:85:a5:c2:2c:e1:92:89:f0:ca:aa:a0:a6:5a:42:
69:71:1f:81:0f:b8:bf:7e:61:6f:94:48:d1:10:5e:
77:4d:56:16:a5:11:42:8f:d1:e8:e8:e4:d0:f1:7f:
75:43:6c:1c:8f:43:75:0c:00:d0:5c:fb:36:15:b7:
06:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:59:44:C0:E2:9E:7C:FD:19:52:EC:2C:95:39:FB:9F:DE:E9:82:5F
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/d1lEwOKefP0ZUuwslTn7n97pgl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
26:f1:ea:54:11:e7:09:df:ee:e9:86:ce:50:c5:3c:25:9a:3f:
36:59:fe:9d:0b:ae:e1:78:10:e6:4e:47:fd:9d:2a:3e:4a:f5:
85:c0:4c:a2:5f:81:81:9e:63:63:4f:80:40:94:60:17:97:d7:
cb:d1:4d:be:c4:7d:44:dc:3f:ef:0a:c5:11:0c:d1:1f:33:28:
dc:78:6d:a3:3f:73:4d:c1:c2:c3:44:bc:8e:6e:66:e0:78:64:
bc:30:d7:04:43:40:03:62:74:01:fc:ae:fb:35:5a:ae:90:f4:
36:48:4f:de:2b:e1:f0:52:88:9d:ac:d3:ae:ca:e4:21:9f:59:
65:39:e5:ad:7b:b4:44:6d:57:db:ec:ff:73:13:25:40:4c:82:
04:72:ac:ea:99:fc:d5:52:21:e8:b0:ea:e6:b9:d8:95:6c:bf:
ad:9a:2b:0b:66:c5:34:22:da:e5:a8:9c:d6:55:09:00:ec:a8:
d0:b5:97:03:26:e0:aa:f8:41:b9:89:ae:98:32:d1:d0:df:56:
f1:45:9c:f9:d2:43:a0:18:03:50:44:2b:09:8a:b9:5b:34:85:
9e:77:0a:57:41:f6:5e:f6:72:6e:91:37:8e:db:f1:54:2d:b9:
ae:9b:10:db:7e:99:87:5b:8e:c4:5f:16:1a:de:cb:ab:e2:c6:
6c:46:41:1b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY054vSyxWgo5xddkcC3jmzbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTI0MDUxMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzU5NDRjMGUyOWU3Y2ZkMTk1MmVjMmM5NTM5ZmI5ZmRlZTk4MjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ5r5B4TSIDdgJfwPum6hTLKhqaE
Q15621/j3SGUNlp2xTIF3iKTi45418FZlSWyVveMezeJL6Od6jz9zzGQTr1sbgVQ
mbb69XnX2YuSzZpiZXeto14LX6GcaaJEek9SCmQYAv90lDysMZKPoUr68FrpQ+Vm
9Q9qtVdAuuKXQkNmRw0JzOF3wCAr91Cz3L6nsF6QkKZ31T+IMEl9hhyspHCtcDzS
2RM6khHr0m5UPx4IAVNLAtN0Advi7eiCysOUNIC/haXCLOGSifDKqqCmWkJpcR+B
D7i/fmFvlEjREF53TVYWpRFCj9Ho6OTQ8X91Q2wcj0N1DADQXPs2FbcGyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHdZRMDinnz9GVLsLJU5+5/e6YJfMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZDFsRXdPS2VmUDBaVXV3c2xUbjduOTdwZ2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACbx6lQR5wnf7umGzlDF
PCWaPzZZ/p0LruF4EOZOR/2dKj5K9YXATKJfgYGeY2NPgECUYBeX18vRTb7EfUTc
P+8KxREM0R8zKNx4baM/c03BwsNEvI5uZuB4ZLww1wRDQANidAH8rvs1Wq6Q9DZI
T94r4fBSiJ2s067K5CGfWWU55a17tERtV9vs/3MTJUBMggRyrOqZ/NVSIeiw6ua5
2JVsv62aKwtmxTQi2uWonNZVCQDsqNC1lwMm4Kr4QbmJrpgy0dDfVvFFnPnSQ6AY
A1BEKwmKuVs0hZ53CldB9l72cm6RN47b8VQtua6bENt+mYdbjsRfFhrey6vixmxG
QRs=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:51 2025 by rpki-client