Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dfPAFEfzcv-hQpj7lpmlw_xe3nU.roa
File: dfPAFEfzcv-hQpj7lpmlw_xe3nU.roa (raw, json)
Hash identifier: b7nxOHbLCArqWuZMpMpPueI3Ni/f41xdFTEHpMGER4M=
Subject key identifier: 75:F3:C0:14:47:F3:72:FF:A1:42:98:FB:96:99:A5:C3:FC:5E:DE:75
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E3481CC1561FA6A6526B03CF43CCBDEA8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dfPAFEfzcv-hQpj7lpmlw_xe3nU.roa
Signing time: Tue 12 Mar 2024 21:11:45 +0000
ROA not before: Tue 12 Mar 2024 21:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:34:81:cc:15:61:fa:6a:65:26:b0:3c:f4:3c:cb:de:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 12 21:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75f3c01447f372ffa14298fb9699a5c3fc5ede75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:7e:5e:25:9d:da:2a:16:f9:91:99:04:77:0a:
5c:37:6a:64:cf:3f:5a:ad:a5:81:58:8e:0c:93:5c:
75:60:67:28:07:2e:2d:7d:e4:84:c9:17:6f:7b:7f:
b6:d2:29:17:6a:cf:44:f0:9e:7b:d2:92:a6:15:28:
ff:16:31:02:34:23:db:ff:46:81:82:12:e9:b3:27:
09:0b:c5:10:e9:61:9c:70:6b:cb:e4:a1:a9:0a:b1:
40:fb:ff:f2:2c:e1:06:58:00:a7:ad:03:96:2a:b2:
b7:8c:11:8a:49:c7:cb:5a:5a:5b:1f:fa:86:a6:aa:
8d:fe:91:de:37:de:c1:39:fc:9e:0b:a5:4f:1a:ee:
14:c4:da:8c:bd:ca:26:a9:e3:48:3e:fc:3a:09:60:
dd:46:0a:af:8b:5a:c8:60:06:72:15:bd:10:3b:2f:
15:40:b9:2b:42:b3:3a:f7:0d:d3:14:29:74:cc:92:
c9:0b:52:2f:5a:e9:51:5a:c8:69:39:b6:25:e7:48:
10:37:e4:54:b6:e4:9c:00:b7:00:8c:37:07:d4:7d:
2e:10:74:96:55:6f:14:f0:71:17:06:34:a3:5a:78:
f5:5e:fa:23:f5:62:37:78:d3:39:91:f0:08:cf:16:
6f:7d:70:5f:ae:06:62:b2:72:c5:39:0f:7a:3c:f7:
60:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F3:C0:14:47:F3:72:FF:A1:42:98:FB:96:99:A5:C3:FC:5E:DE:75
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/dfPAFEfzcv-hQpj7lpmlw_xe3nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
75:6e:ba:d9:c8:6d:d7:c5:a8:35:dc:7a:d8:dc:f7:cc:f0:cf:
77:39:e8:82:ad:63:e4:26:ad:ec:28:b8:16:e2:5c:2b:d9:85:
c3:aa:5b:96:7c:a1:8f:af:e3:f1:3e:11:6f:cf:0a:ae:99:18:
4d:96:01:c3:f2:4d:e9:5a:3f:54:87:ec:4e:9a:e7:0f:ea:ca:
b6:98:04:6b:41:8a:13:d5:a8:72:38:7b:b2:89:79:5a:70:75:
51:bb:de:07:2e:75:77:df:fe:b7:e3:f2:80:88:9c:c0:c7:67:
9f:f6:7e:d5:bc:82:99:7e:14:fe:74:44:2e:35:72:6a:03:26:
09:d9:71:fd:98:8f:36:05:21:6a:e1:21:98:6e:b6:27:77:2a:
a5:19:9d:77:8e:79:21:fd:ab:73:33:07:6b:8d:30:8e:80:b2:
9e:04:35:d5:26:3a:db:b6:fb:3e:6a:b6:75:c4:8a:a3:94:40:
57:64:3a:97:23:92:a7:dc:95:7d:54:84:35:b2:ad:fe:76:e1:
e8:54:a6:35:5e:b3:2f:84:72:3f:34:14:b5:1e:6d:c3:5b:f7:
80:f4:2b:c5:25:6e:83:5e:ea:e6:ad:83:6f:0d:81:c2:60:85:
83:fe:cb:52:a7:0a:16:37:6a:7c:86:c3:51:54:75:94:72:47:
29:78:14:de
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY40gcwVYfpqZSawPPQ8y96oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzEyMjExMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWYzYzAxNDQ3ZjM3MmZmYTE0Mjk4ZmI5Njk5YTVjM2ZjNWVkZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkn5eJZ3aKhb5kZkEdwpcN2pkzz9a
raWBWI4Mk1x1YGcoBy4tfeSEyRdve3+20ikXas9E8J570pKmFSj/FjECNCPb/0aB
ghLpsycJC8UQ6WGccGvL5KGpCrFA+//yLOEGWACnrQOWKrK3jBGKScfLWlpbH/qG
pqqN/pHeN97BOfyeC6VPGu4UxNqMvcomqeNIPvw6CWDdRgqvi1rIYAZyFb0QOy8V
QLkrQrM69w3TFCl0zJLJC1IvWulRWshpObYl50gQN+RUtuScALcAjDcH1H0uEHSW
VW8U8HEXBjSjWnj1Xvoj9WI3eNM5kfAIzxZvfXBfrgZisnLFOQ96PPdgqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHXzwBRH83L/oUKY+5aZpcP8Xt51MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZGZQQUZFZnpjdi1oUXBqN2xwbWx3X3hlM25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHVuutnIbdfFqDXcetjc
98zwz3c56IKtY+QmrewouBbiXCvZhcOqW5Z8oY+v4/E+EW/PCq6ZGE2WAcPyTela
P1SH7E6a5w/qyraYBGtBihPVqHI4e7KJeVpwdVG73gcudXff/rfj8oCInMDHZ5/2
ftW8gpl+FP50RC41cmoDJgnZcf2YjzYFIWrhIZhutid3KqUZnXeOeSH9q3MzB2uN
MI6Asp4ENdUmOtu2+z5qtnXEiqOUQFdkOpcjkqfclX1UhDWyrf524ehUpjVesy+E
cj80FLUebcNb94D0K8UlboNe6uatg28NgcJghYP+y1KnChY3anyGw1FUdZRyRyl4
FN4=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:14:59 2025 by rpki-client