Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eMSlOgpW4V6XxNI1Fuuna4pQD1I.roa
File: eMSlOgpW4V6XxNI1Fuuna4pQD1I.roa (raw, json)
Hash identifier: TmvVZWZMYipb50GiiThFLU/bIZdBUU7RB2jwXq637gQ=
Subject key identifier: 78:C4:A5:3A:0A:56:E1:5E:97:C4:D2:35:16:EB:A7:6B:8A:50:0F:52
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E979EB7956AE2DEEA85CB0B0D823767E9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eMSlOgpW4V6XxNI1Fuuna4pQD1I.roa
Signing time: Mon 01 Apr 2024 03:05:45 +0000
ROA not before: Mon 01 Apr 2024 03:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
2001:67c:64:ffff:0:18e:979d:e2dd/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:97:9e:b7:95:6a:e2:de:ea:85:cb:0b:0d:82:37:67:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 1 03:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78c4a53a0a56e15e97c4d23516eba76b8a500f52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:75:38:82:3d:05:83:e5:d7:6c:01:00:22:47:
47:43:87:1b:e3:48:c3:8f:21:72:6f:5f:0c:ae:f2:
89:4c:68:c2:bf:79:6a:fc:e5:f8:b4:ac:c1:07:f8:
74:4a:19:8f:7a:56:88:98:22:31:97:af:49:f8:b5:
e3:6d:33:70:e7:4d:57:6a:c9:19:4e:65:c8:45:16:
d4:a6:20:d5:62:aa:e1:bb:9f:43:b3:28:7e:ea:84:
ca:fc:08:95:0e:67:9e:50:61:4a:a1:f8:a6:b2:90:
a1:59:39:74:2d:22:16:dd:f9:37:60:c3:a0:9b:70:
a9:34:2f:5a:c6:18:6c:43:e4:67:18:7c:c2:86:9e:
8d:b9:5b:ea:67:67:33:01:19:81:ea:10:ab:0e:b7:
0d:e7:94:1e:a7:a2:8f:83:a3:e1:d9:91:63:be:96:
a1:17:52:f7:48:7d:cb:21:b0:a7:49:da:12:1a:25:
8a:33:ab:7f:c0:2f:75:20:39:38:2f:b2:58:45:c6:
5e:00:55:cb:b5:67:a5:fb:af:79:06:17:88:aa:5a:
8a:59:a5:ed:19:93:3e:c3:c0:4f:e5:86:7f:9f:8a:
a2:62:f2:ad:28:d0:7a:0c:fd:ac:9e:08:0e:dc:36:
dc:29:4e:09:ff:43:58:8e:23:99:d7:af:62:79:ce:
71:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:C4:A5:3A:0A:56:E1:5E:97:C4:D2:35:16:EB:A7:6B:8A:50:0F:52
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/eMSlOgpW4V6XxNI1Fuuna4pQD1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
36:b4:32:1f:75:65:db:a6:d4:80:cc:6f:f7:2c:63:57:3a:90:
6c:45:4d:ab:76:3f:07:bb:1c:d1:1b:82:9c:7c:76:cc:31:8e:
ec:d6:3e:11:6a:3d:70:3e:95:93:1e:21:c3:39:2d:18:a4:0e:
71:6c:b2:fc:3f:84:da:85:19:5c:f3:8f:0b:a8:4b:69:af:ab:
10:61:61:9e:02:29:d2:0c:ff:7f:cc:60:5c:98:00:66:99:3e:
c7:f4:f3:bb:5b:c6:ed:a3:9d:3f:bb:79:1e:09:84:29:00:9d:
6e:6a:d8:d2:69:6b:12:ea:b4:47:f0:b6:a4:03:72:5d:af:d1:
12:b5:4b:b5:1c:25:fa:90:e2:0b:2b:df:85:01:b3:ff:fd:4b:
2f:52:26:5a:8f:22:8d:a2:f6:74:aa:93:5d:7f:77:a9:e2:ae:
ae:06:26:b8:de:57:45:68:f7:97:dc:e5:66:0a:3a:6a:21:4a:
af:6b:b8:ec:09:d6:2f:40:72:c6:ff:56:86:7a:f0:cb:aa:18:
94:53:20:43:43:9a:78:72:50:1b:36:61:95:1c:35:6c:0e:ee:
bc:29:1e:8d:48:76:f4:9b:ce:70:d3:36:99:00:63:03:8b:59:
4e:8c:b6:39:90:32:29:df:f8:fe:f9:57:6e:1e:08:39:2e:6b:
b5:4e:07:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6XnreVauLe6oXLCw2CN2fpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAxMDMwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGM0YTUzYTBhNTZlMTVlOTdjNGQyMzUxNmViYTc2YjhhNTAwZjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHU4gj0Fg+XXbAEAIkdHQ4cb40jD
jyFyb18MrvKJTGjCv3lq/OX4tKzBB/h0ShmPelaImCIxl69J+LXjbTNw501XaskZ
TmXIRRbUpiDVYqrhu59Dsyh+6oTK/AiVDmeeUGFKofimspChWTl0LSIW3fk3YMOg
m3CpNC9axhhsQ+RnGHzChp6NuVvqZ2czARmB6hCrDrcN55Qep6KPg6Ph2ZFjvpah
F1L3SH3LIbCnSdoSGiWKM6t/wC91IDk4L7JYRcZeAFXLtWel+695BheIqlqKWaXt
GZM+w8BP5YZ/n4qiYvKtKNB6DP2snggO3DbcKU4J/0NYjiOZ169iec5xQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHjEpToKVuFel8TSNRbrp2uKUA9SMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZU1TbE9ncFc0VjZYeE5JMUZ1dW5hNHBRRDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADa0Mh91Zdum1IDMb/cs
Y1c6kGxFTat2Pwe7HNEbgpx8dswxjuzWPhFqPXA+lZMeIcM5LRikDnFssvw/hNqF
GVzzjwuoS2mvqxBhYZ4CKdIM/3/MYFyYAGaZPsf087tbxu2jnT+7eR4JhCkAnW5q
2NJpaxLqtEfwtqQDcl2v0RK1S7UcJfqQ4gsr34UBs//9Sy9SJlqPIo2i9nSqk11/
d6nirq4GJrjeV0Vo95fc5WYKOmohSq9ruOwJ1i9Acsb/VoZ68MuqGJRTIENDmnhy
UBs2YZUcNWwO7rwpHo1IdvSbznDTNpkAYwOLWU6MtjmQMinf+P75V24eCDkua7VO
B2c=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:28:47 2025 by rpki-client