Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/e9OBcal-5enozKPc-QImnP8yhjM.roa
File: e9OBcal-5enozKPc-QImnP8yhjM.roa (raw, json)
Hash identifier: I9qIezXU33bnIa2XM480umlAfFV0usWrGAMi91ulnak=
Subject key identifier: 7B:D3:81:71:A9:7E:E5:E9:E8:CC:A3:DC:F9:02:26:9C:FF:32:86:33
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DEA120E98BCD6591F7772436FA2833173
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/e9OBcal-5enozKPc-QImnP8yhjM.roa
Signing time: Tue 27 Feb 2024 10:17:48 +0000
ROA not before: Tue 27 Feb 2024 10:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ea:12:0e:98:bc:d6:59:1f:77:72:43:6f:a2:83:31:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 27 10:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bd38171a97ee5e9e8cca3dcf902269cff328633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e2:3f:27:ed:32:7f:37:4b:a3:ed:bb:78:9b:
7f:d6:f9:93:4f:4d:37:09:34:45:af:18:d3:52:28:
30:9a:92:64:58:48:39:d6:8d:7b:0e:de:b1:97:1b:
6e:df:9a:00:3e:8c:60:29:fd:c8:cb:21:72:e0:d3:
f1:6d:c1:a6:c0:5f:40:62:9f:9f:3f:29:6c:a2:f5:
62:52:06:53:59:35:52:3e:25:12:06:e4:5b:b8:20:
e6:0e:66:92:c4:c6:a8:d2:22:67:53:d2:b8:3f:61:
8f:4c:e5:c9:22:85:86:ed:91:ed:aa:25:3a:4f:de:
ff:09:11:65:2e:bc:f4:4a:68:02:6d:4e:4f:eb:6f:
5d:3a:20:6f:e9:25:53:43:f0:7a:13:4d:52:d0:4a:
8a:92:80:f6:c8:49:f1:f5:e8:50:91:bb:ee:51:cd:
48:24:72:b8:14:0f:c5:a6:e9:fc:69:f4:1f:c3:ed:
f3:67:2d:9f:02:9d:df:2e:fb:c6:c0:02:0a:cb:b1:
91:08:d3:1e:e1:68:84:36:fb:70:61:73:9a:8d:58:
00:07:a7:7a:8b:fd:f0:04:37:45:ef:66:32:cf:34:
52:ba:2f:d7:81:fb:09:a6:2e:74:0d:ff:59:8f:bf:
bf:08:9a:7f:c3:30:18:8a:ad:e2:b1:05:11:81:70:
36:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D3:81:71:A9:7E:E5:E9:E8:CC:A3:DC:F9:02:26:9C:FF:32:86:33
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/e9OBcal-5enozKPc-QImnP8yhjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
30:e4:a8:cf:de:32:54:42:ea:d4:8e:46:ab:4f:04:c5:6d:55:
19:3f:91:39:5e:7e:ab:56:5b:93:79:e2:f8:bf:e5:bf:31:4b:
8c:93:84:ce:ea:a6:8f:ad:9e:e7:95:8f:29:69:d0:81:fa:17:
7b:e4:38:0f:ef:21:64:95:4c:ba:81:8f:0a:85:b5:37:1b:0e:
ab:d0:0d:13:ff:4b:6d:fc:75:08:ba:b5:45:6c:f6:89:c9:ff:
a1:0b:bc:74:6c:9d:92:bc:01:f2:0c:80:fb:cc:27:2f:8d:98:
0f:d2:74:a0:5a:02:28:48:35:d1:6a:70:38:5b:34:f8:4d:5b:
a0:d1:50:4b:2f:98:c0:31:94:c9:d5:99:c1:92:da:10:fd:3c:
cd:88:37:a9:82:43:75:50:d4:ac:ff:eb:04:0d:fc:65:79:2f:
62:8c:18:0f:fe:17:71:e0:50:08:d4:bf:ec:f5:64:a6:de:c8:
28:65:4a:fa:1f:01:1f:94:77:50:6e:b6:5e:e9:94:30:1b:55:
f8:35:cd:6f:59:f7:93:ef:3f:99:aa:27:81:e0:e2:77:60:4c:
19:1a:c6:c2:5a:cc:a2:90:7d:7b:48:a9:c6:24:4b:d8:38:19:
12:de:19:5f:e6:e8:2a:fa:24:98:76:11:42:d6:ab:ad:b3:1d:
1c:c6:50:98
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3qEg6YvNZZH3dyQ2+igzFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI3MTAxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQzODE3MWE5N2VlNWU5ZThjY2EzZGNmOTAyMjY5Y2ZmMzI4NjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOI/J+0yfzdLo+27eJt/1vmTT003
CTRFrxjTUigwmpJkWEg51o17Dt6xlxtu35oAPoxgKf3IyyFy4NPxbcGmwF9AYp+f
PylsovViUgZTWTVSPiUSBuRbuCDmDmaSxMao0iJnU9K4P2GPTOXJIoWG7ZHtqiU6
T97/CRFlLrz0SmgCbU5P629dOiBv6SVTQ/B6E01S0EqKkoD2yEnx9ehQkbvuUc1I
JHK4FA/Fpun8afQfw+3zZy2fAp3fLvvGwAIKy7GRCNMe4WiENvtwYXOajVgAB6d6
i/3wBDdF72YyzzRSui/XgfsJpi50Df9Zj7+/CJp/wzAYiq3isQURgXA28wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHvTgXGpfuXp6Myj3PkCJpz/MoYzMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZTlPQmNhbC01ZW5vektQYy1RSW1uUDh5aGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADDkqM/eMlRC6tSORqtP
BMVtVRk/kTlefqtWW5N54vi/5b8xS4yThM7qpo+tnueVjylp0IH6F3vkOA/vIWSV
TLqBjwqFtTcbDqvQDRP/S238dQi6tUVs9onJ/6ELvHRsnZK8AfIMgPvMJy+NmA/S
dKBaAihINdFqcDhbNPhNW6DRUEsvmMAxlMnVmcGS2hD9PM2IN6mCQ3VQ1Kz/6wQN
/GV5L2KMGA/+F3HgUAjUv+z1ZKbeyChlSvofAR+Ud1Butl7plDAbVfg1zW9Z95Pv
P5mqJ4Hg4ndgTBkaxsJazKKQfXtIqcYkS9g4GRLeGV/m6Cr6JJh2EULWq62zHRzG
UJg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:20 2025 by rpki-client