Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eHP8z7qiPXYKtBPfPE3lqT3Cq_0.roa
File: eHP8z7qiPXYKtBPfPE3lqT3Cq_0.roa (raw, json)
Hash identifier: ZZsZVuVEhMJxULxsBum94gCJDQOJIlJKs00aRTYsGK8=
Subject key identifier: 78:73:FC:CF:BA:A2:3D:76:0A:B4:13:DF:3C:4D:E5:A9:3D:C2:AB:FD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D1E6461C1E8905BCA143275A9F699994D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eHP8z7qiPXYKtBPfPE3lqT3Cq_0.roa
Signing time: Thu 18 Jan 2024 21:05:11 +0000
ROA not before: Thu 18 Jan 2024 21:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:1e63:939d/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1e:64:61:c1:e8:90:5b:ca:14:32:75:a9:f6:99:99:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 18 21:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7873fccfbaa23d760ab413df3c4de5a93dc2abfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:dc:44:90:9b:f2:35:cd:9a:4d:c0:18:bd:6e:
28:5e:7b:4f:f1:73:77:bd:28:36:b4:23:58:df:84:
2d:44:74:d3:0d:cf:ec:b8:6b:13:1c:37:5a:b5:59:
d2:1b:2d:2d:6d:55:03:9d:f1:25:fb:db:44:55:d9:
f1:b0:74:0d:64:d4:e4:06:e8:e8:92:a2:c7:cc:79:
1c:1e:fc:16:46:3d:13:08:d5:21:43:25:d6:96:10:
ec:c1:a4:65:d8:2c:ae:d0:10:3e:a3:4c:49:be:74:
6c:7b:fe:fe:7f:0c:b8:ca:75:96:1b:44:d9:63:d9:
0d:33:10:de:8e:86:ec:53:b0:24:b3:b8:3a:b1:7c:
7c:83:ec:42:a3:c1:91:c3:e1:e1:58:24:0e:db:58:
f2:ad:cd:6c:61:c7:5f:65:15:ac:4f:f3:c2:28:26:
f9:7d:81:91:74:ae:21:a2:96:43:e7:e7:16:2d:84:
8f:64:17:a4:a7:36:55:ab:47:6d:1a:22:94:5a:c0:
1a:79:e2:93:48:7e:b8:62:75:d8:d1:aa:e4:9b:fd:
2c:9e:4f:55:74:3a:7e:e7:d8:47:f4:ed:61:f3:cf:
0b:b5:5a:be:6b:e9:88:70:2d:36:60:8d:dd:94:5b:
8e:d2:44:4c:85:ea:b2:35:4c:55:16:2e:1f:c6:a4:
7d:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:73:FC:CF:BA:A2:3D:76:0A:B4:13:DF:3C:4D:E5:A9:3D:C2:AB:FD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eHP8z7qiPXYKtBPfPE3lqT3Cq_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5a:a6:f0:9b:d1:bb:f7:c7:7c:dd:9e:b7:45:da:3e:bd:b7:c7:
18:e6:d5:c6:53:2a:e2:44:68:aa:4c:a5:c4:a1:9c:c4:d8:08:
41:2e:92:88:bb:0a:1b:78:c5:d8:ef:35:d4:e5:fe:f0:b6:74:
f0:b7:ab:4f:21:eb:63:4b:1e:ae:4d:12:cd:77:9e:36:4c:82:
2f:14:af:8e:68:b9:35:aa:82:0d:51:2b:1a:ae:ac:1b:45:37:
64:93:79:72:80:7b:5a:88:cd:0e:eb:79:af:87:8f:b0:f3:b9:
60:ef:9e:03:56:ea:5c:6f:5b:a6:78:cd:3f:4e:b5:a4:ac:ec:
b6:5c:63:bd:79:73:05:15:45:0d:7f:03:27:d9:11:2c:33:ac:
a4:8f:f1:af:bd:78:cf:4f:0b:3b:53:6f:86:7d:d7:3a:87:fd:
1b:e6:0d:91:73:c3:45:d8:6f:14:35:b0:dc:72:32:a6:49:c9:
49:15:7f:d9:c0:1c:7a:9a:84:2c:d6:a9:69:56:ad:ac:96:4c:
61:27:9e:b9:ae:71:15:79:c1:d2:08:1c:a5:d9:d8:71:6e:67:
f9:fd:50:5d:b9:d7:3d:bc:80:12:5d:5b:28:47:a2:5f:12:72:
b0:c4:2d:1a:11:85:02:cf:4c:a1:99:3c:b1:47:2e:20:99:ca:
1c:28:5f:4d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0eZGHB6JBbyhQydan2mZlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE4MjEwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODczZmNjZmJhYTIzZDc2MGFiNDEzZGYzYzRkZTVhOTNkYzJhYmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNxEkJvyNc2aTcAYvW4oXntP8XN3
vSg2tCNY34QtRHTTDc/suGsTHDdatVnSGy0tbVUDnfEl+9tEVdnxsHQNZNTkBujo
kqLHzHkcHvwWRj0TCNUhQyXWlhDswaRl2Cyu0BA+o0xJvnRse/7+fwy4ynWWG0TZ
Y9kNMxDejobsU7Aks7g6sXx8g+xCo8GRw+HhWCQO21jyrc1sYcdfZRWsT/PCKCb5
fYGRdK4hopZD5+cWLYSPZBekpzZVq0dtGiKUWsAaeeKTSH64YnXY0arkm/0snk9V
dDp+59hH9O1h888LtVq+a+mIcC02YI3dlFuO0kRMheqyNUxVFi4fxqR9kwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHhz/M+6oj12CrQT3zxN5ak9wqv9MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZUhQOHo3cWlQWFlLdEJQZlBFM2xxVDNDcV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFqm8JvRu/fHfN2et0Xa
Pr23xxjm1cZTKuJEaKpMpcShnMTYCEEukoi7Cht4xdjvNdTl/vC2dPC3q08h62NL
Hq5NEs13njZMgi8Ur45ouTWqgg1RKxqurBtFN2STeXKAe1qIzQ7rea+Hj7DzuWDv
ngNW6lxvW6Z4zT9OtaSs7LZcY715cwUVRQ1/AyfZESwzrKSP8a+9eM9PCztTb4Z9
1zqH/RvmDZFzw0XYbxQ1sNxyMqZJyUkVf9nAHHqahCzWqWlWrayWTGEnnrmucRV5
wdIIHKXZ2HFuZ/n9UF251z28gBJdWyhHol8ScrDELRoRhQLPTKGZPLFHLiCZyhwo
X00=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:34 2025 by rpki-client