Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dbcpsVnXmznK9rq8jUS-5N92FiE.roa
File: dbcpsVnXmznK9rq8jUS-5N92FiE.roa (raw, json)
Hash identifier: d8VAiIKyzNxX0k0XU5dZJbaTSM0ePMXi15YtlljWMQg=
Subject key identifier: 75:B7:29:B1:59:D7:9B:39:CA:F6:BA:BC:8D:44:BE:E4:DF:76:16:21
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA075B70A5FFEB35E7B11B34F0383A240
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dbcpsVnXmznK9rq8jUS-5N92FiE.roa
Signing time: Mon 25 Dec 2023 10:11:58 +0000
ROA not before: Mon 25 Dec 2023 10:11:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:75:b7:0a:5f:fe:b3:5e:7b:11:b3:4f:03:83:a2:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 10:11:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75b729b159d79b39caf6babc8d44bee4df761621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:01:3b:28:04:21:4d:f3:b9:2f:90:71:67:c9:
a1:3d:81:c8:94:05:69:79:b1:39:a1:98:63:32:ec:
94:8a:3e:96:fe:cc:19:df:85:e8:c7:57:f9:43:39:
58:3e:fe:17:35:10:01:30:6d:bf:f3:39:2b:3d:85:
7b:14:4f:bb:fd:f0:26:4c:e1:e9:7a:3f:6a:75:fd:
01:c0:b8:da:c6:2c:7e:c7:00:87:9b:2e:64:de:eb:
5a:ac:51:ef:57:72:83:12:ca:85:a3:a5:ca:23:ed:
52:d8:72:4b:76:2d:5c:b0:45:9a:1b:43:b7:b2:29:
80:3a:eb:f6:f2:03:fe:36:86:02:6a:53:de:fa:20:
c2:c9:9c:14:e0:af:03:c6:ef:be:f6:48:c4:c9:f5:
df:c3:35:db:cc:13:98:39:5e:39:95:b3:e2:75:d4:
6c:5f:0e:36:60:10:82:cf:ea:4a:ac:08:fa:ac:a6:
b2:e2:35:e2:6b:9e:3c:2a:ec:06:df:ed:7a:3d:14:
40:25:41:49:f0:06:b7:bb:3a:70:09:c6:ab:04:5a:
4e:9c:d3:33:e5:9c:e5:40:8a:67:69:6d:dc:e7:80:
76:de:68:a7:d6:90:43:d9:64:55:38:cb:c7:c2:b5:
e8:bb:65:f1:77:b7:31:61:61:51:ef:67:94:bd:7a:
1a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B7:29:B1:59:D7:9B:39:CA:F6:BA:BC:8D:44:BE:E4:DF:76:16:21
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dbcpsVnXmznK9rq8jUS-5N92FiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:f3:b3:b0:8c:5c:0f:66:c0:78:21:2a:94:bc:b5:72:f6:0b:
2b:d5:c4:d0:a0:d8:07:65:3d:5a:71:d8:9b:4f:b2:31:38:76:
21:97:13:f0:12:fa:81:2d:27:fc:39:8e:24:4f:fa:6f:cf:32:
95:31:4c:50:98:54:c9:6e:ba:fd:43:c3:c7:31:f4:8b:ce:f7:
c2:52:ea:4d:40:ba:8d:6c:88:52:fe:0a:88:3a:69:39:6d:df:
aa:88:65:73:11:09:ea:21:89:a4:8f:bc:86:89:a8:94:95:91:
9a:0b:b0:8c:dd:12:98:f9:8b:9d:8f:48:eb:bd:3b:15:73:2a:
f3:57:4c:6e:37:27:f7:a8:7b:e4:8d:01:7e:ba:bc:7a:b8:99:
0f:6a:be:ca:49:a0:d8:7b:08:bf:ad:fb:b9:dd:c5:25:ce:c0:
74:3b:f9:06:91:1b:59:e2:ee:bc:9a:c2:7b:d6:f0:b6:c0:0c:
01:99:cd:70:f8:4c:54:06:82:e1:4c:ff:ec:24:de:7f:98:30:
b3:22:95:93:01:77:23:0b:e4:90:0f:d4:14:2b:35:12:6f:d1:
15:b9:ee:64:31:f3:13:71:41:11:eb:38:34:59:07:77:d8:b1:
d4:7e:fe:99:6e:49:27:68:93:a2:75:9a:03:aa:7c:da:fc:96:
e5:cc:07:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYygdbcKX/6zXnsRs08Dg6JAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MTAxMTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWI3MjliMTU5ZDc5YjM5Y2FmNmJhYmM4ZDQ0YmVlNGRmNzYxNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwE7KAQhTfO5L5BxZ8mhPYHIlAVp
ebE5oZhjMuyUij6W/swZ34Xox1f5QzlYPv4XNRABMG2/8zkrPYV7FE+7/fAmTOHp
ej9qdf0BwLjaxix+xwCHmy5k3utarFHvV3KDEsqFo6XKI+1S2HJLdi1csEWaG0O3
simAOuv28gP+NoYCalPe+iDCyZwU4K8Dxu++9kjEyfXfwzXbzBOYOV45lbPiddRs
Xw42YBCCz+pKrAj6rKay4jXia548KuwG3+16PRRAJUFJ8Aa3uzpwCcarBFpOnNMz
5ZzlQIpnaW3c54B23min1pBD2WRVOMvHwrXou2Xxd7cxYWFR72eUvXoaWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHW3KbFZ15s5yva6vI1EvuTfdhYhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZGJjcHNWblhtem5LOXJxOGpVUy01TjkyRmlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAADzs7CMXA9mwHghKpS8
tXL2CyvVxNCg2AdlPVpx2JtPsjE4diGXE/AS+oEtJ/w5jiRP+m/PMpUxTFCYVMlu
uv1Dw8cx9IvO98JS6k1Auo1siFL+Cog6aTlt36qIZXMRCeohiaSPvIaJqJSVkZoL
sIzdEpj5i52PSOu9OxVzKvNXTG43J/eoe+SNAX66vHq4mQ9qvspJoNh7CL+t+7nd
xSXOwHQ7+QaRG1ni7ryawnvW8LbADAGZzXD4TFQGguFM/+wk3n+YMLMilZMBdyML
5JAP1BQrNRJv0RW57mQx8xNxQRHrODRZB3fYsdR+/pluSSdok6J1mgOqfNr8luXM
B8s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:51 2025 by rpki-client