Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eCdLLPXIR0sbOmkEGVr-ffmZcmQ.roa
File: eCdLLPXIR0sbOmkEGVr-ffmZcmQ.roa (raw, json)
Hash identifier: S/b8vVqb6jwghOGKQrETiCugkPMz/zmSGESjHE3z/9I=
Subject key identifier: 78:27:4B:2C:F5:C8:47:4B:1B:3A:69:04:19:5A:FE:7D:F9:99:72:64
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D26236A497FE080CD537BB48DC08AFEC0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eCdLLPXIR0sbOmkEGVr-ffmZcmQ.roa
Signing time: Sat 20 Jan 2024 09:11:11 +0000
ROA not before: Sat 20 Jan 2024 09:11:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:26:23:6a:49:7f:e0:80:cd:53:7b:b4:8d:c0:8a:fe:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 20 09:11:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78274b2cf5c8474b1b3a6904195afe7df9997264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:49:08:66:4a:b5:ec:c2:48:26:6f:0d:db:af:
62:ef:55:fa:14:73:11:95:cd:f7:76:21:24:54:30:
76:14:a4:52:d5:86:06:f8:a6:53:74:72:61:15:a4:
1d:c0:a3:95:f6:6a:2d:70:f5:48:ca:69:4e:c7:a9:
11:81:80:4f:c1:31:36:99:6f:99:d7:eb:11:ba:dd:
2d:ca:b5:2b:17:ce:3f:f7:86:43:90:b0:00:e8:e4:
cf:c2:f7:47:1a:3d:9b:82:d3:d9:0a:9e:a0:1d:ab:
33:de:05:cf:77:1c:72:04:99:cf:8b:37:ab:af:86:
a8:c3:52:39:a7:46:93:f4:f5:03:46:a9:fc:f9:a6:
8f:57:01:b5:a0:5e:9f:6b:bd:c3:fe:52:0c:f1:95:
ac:c5:a9:17:01:6c:5f:b7:73:3b:05:67:e9:8b:d4:
29:a0:28:71:59:d6:0f:16:65:14:d6:a2:c1:bf:d2:
e8:b0:46:af:91:7d:48:ed:4c:f4:bd:ae:b6:ae:f6:
7b:c5:d0:86:18:85:b0:a0:1d:c2:c1:a3:e2:e2:5b:
0f:90:e5:1f:6a:1c:1d:05:59:29:8d:79:7a:6e:37:
2a:61:1b:f8:5d:90:28:55:31:78:bb:bf:ff:d2:e2:
7e:e9:fa:ff:46:49:5a:8d:db:80:22:9b:0a:3c:e7:
bd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:27:4B:2C:F5:C8:47:4B:1B:3A:69:04:19:5A:FE:7D:F9:99:72:64
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eCdLLPXIR0sbOmkEGVr-ffmZcmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
67:18:c1:ba:8a:bb:db:b2:47:01:a7:bb:21:73:b2:5d:5f:46:
1f:5e:f1:37:2c:9f:60:c2:cb:a4:c6:45:b3:d4:5f:0b:e5:70:
2c:b0:de:1a:42:51:bf:e3:23:93:74:ac:64:7f:24:76:af:08:
12:42:3f:6b:9a:92:13:ec:a1:51:92:65:d0:1a:3e:15:1f:ff:
76:5b:e1:8c:d7:3d:5a:dd:72:1f:5c:01:a7:b1:5d:05:35:ba:
64:2f:e4:8c:02:3d:92:c6:8b:04:9d:ad:b0:34:f9:eb:f6:0c:
04:42:8a:0b:00:bd:d5:b5:21:28:35:28:f6:22:8e:68:98:19:
60:8f:88:b8:ee:bf:d4:8a:f8:3b:54:55:00:47:26:95:fb:b1:
39:10:d0:42:5f:2d:38:0f:ab:4c:95:ad:fc:51:b5:a1:3b:ab:
7c:7f:ca:af:4b:70:95:be:55:3d:e2:7a:7a:a9:02:26:8a:ef:
bb:10:80:02:40:c8:94:8a:47:97:05:3f:ab:73:72:ac:55:c8:
67:0f:70:24:a8:87:b9:e6:82:64:6b:f7:31:22:5c:3f:03:5d:
3f:47:c0:26:1d:3b:63:8e:f2:92:23:ba:29:6e:4f:19:97:4c:
9b:37:d6:71:4e:ee:66:1d:8c:13:3b:94:03:90:a0:d1:cd:b3:
83:6a:9e:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0mI2pJf+CAzVN7tI3Aiv7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIwMDkxMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODI3NGIyY2Y1Yzg0NzRiMWIzYTY5MDQxOTVhZmU3ZGY5OTk3MjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkkIZkq17MJIJm8N269i71X6FHMR
lc33diEkVDB2FKRS1YYG+KZTdHJhFaQdwKOV9motcPVIymlOx6kRgYBPwTE2mW+Z
1+sRut0tyrUrF84/94ZDkLAA6OTPwvdHGj2bgtPZCp6gHasz3gXPdxxyBJnPizer
r4aow1I5p0aT9PUDRqn8+aaPVwG1oF6fa73D/lIM8ZWsxakXAWxft3M7BWfpi9Qp
oChxWdYPFmUU1qLBv9LosEavkX1I7Uz0va62rvZ7xdCGGIWwoB3CwaPi4lsPkOUf
ahwdBVkpjXl6bjcqYRv4XZAoVTF4u7//0uJ+6fr/RklajduAIpsKPOe9uwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHgnSyz1yEdLGzppBBla/n35mXJkMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZUNkTExQWElSMHNiT21rRUdWci1mZm1aY21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGcYwbqKu9uyRwGnuyFz
sl1fRh9e8Tcsn2DCy6TGRbPUXwvlcCyw3hpCUb/jI5N0rGR/JHavCBJCP2uakhPs
oVGSZdAaPhUf/3Zb4YzXPVrdch9cAaexXQU1umQv5IwCPZLGiwSdrbA0+ev2DARC
igsAvdW1ISg1KPYijmiYGWCPiLjuv9SK+DtUVQBHJpX7sTkQ0EJfLTgPq0yVrfxR
taE7q3x/yq9LcJW+VT3ienqpAiaK77sQgAJAyJSKR5cFP6tzcqxVyGcPcCSoh7nm
gmRr9zEiXD8DXT9HwCYdO2OO8pIjuiluTxmXTJs31nFO7mYdjBM7lAOQoNHNs4Nq
npM=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:48:11 2025 by rpki-client