Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f5s9Qu82RJCm1ITmZPjNkceOkdE.roa
File: f5s9Qu82RJCm1ITmZPjNkceOkdE.roa (raw, json)
Hash identifier: extp2KjtEKb5BaOi5GmRYdbOBPQ9Et7v/XbguTL4ODI=
Subject key identifier: 7F:9B:3D:42:EF:36:44:90:A6:D4:84:E6:64:F8:CD:91:C7:8E:91:D1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E8F7BE4E384CABFFE1F3985C58D71AE6C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f5s9Qu82RJCm1ITmZPjNkceOkdE.roa
Signing time: Sat 30 Mar 2024 13:10:45 +0000
ROA not before: Sat 30 Mar 2024 13:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8f:7b:e4:e3:84:ca:bf:fe:1f:39:85:c5:8d:71:ae:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 30 13:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f9b3d42ef364490a6d484e664f8cd91c78e91d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d1:d8:66:33:c7:90:4b:f5:6f:6a:de:9b:0c:
72:dd:61:00:2a:92:1a:19:eb:9e:26:7f:3a:d9:bc:
2f:15:3c:2f:33:b6:15:2f:e3:aa:7d:29:25:05:23:
9d:0a:63:cb:9c:87:57:6c:c9:97:d9:27:7f:fb:47:
ff:b8:77:73:20:b2:d5:34:95:9d:a2:23:cf:cd:86:
10:bd:86:58:97:e8:17:fb:08:e4:3b:8d:55:2b:c9:
12:08:00:57:3f:d7:4d:d4:e7:c0:66:4b:bc:ef:90:
35:38:d8:4b:99:38:90:4b:c3:3b:f6:62:b4:4e:2a:
be:d1:94:d9:9b:54:e8:ae:8d:cf:a0:bb:c4:47:dd:
72:d6:2a:5e:c7:fe:17:51:6e:b9:67:a5:ae:cc:12:
99:e6:1a:af:d9:a9:d1:36:86:24:c0:06:64:50:a1:
f5:a6:64:e9:1d:e7:88:26:90:02:35:52:38:04:e8:
21:8f:4f:f6:d2:88:d4:d3:11:33:32:6a:ea:d6:8d:
10:30:8b:73:d3:27:26:f9:70:c0:07:aa:cc:3f:56:
1f:d6:99:a9:a6:25:df:03:e4:c0:99:57:83:96:f4:
63:38:1e:bd:2f:34:57:92:dd:7b:0a:dd:13:fd:f2:
f5:49:a8:ef:66:14:9c:cb:7a:c4:8a:56:94:3e:1e:
32:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:9B:3D:42:EF:36:44:90:A6:D4:84:E6:64:F8:CD:91:C7:8E:91:D1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/f5s9Qu82RJCm1ITmZPjNkceOkdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8d:ed:90:bd:54:db:64:14:93:ac:69:74:89:2b:5a:1b:f0:9c:
1e:84:25:e9:d7:03:90:27:12:56:e8:55:dd:67:1e:6e:fe:93:
00:ab:1a:8c:f7:2e:b7:7b:df:d0:18:9b:e3:e1:ca:b2:4d:13:
14:76:da:02:d6:69:1a:72:d5:f1:d2:c4:65:03:37:11:b8:d3:
09:ec:2f:99:f8:2d:f0:4c:4c:e1:61:06:1b:2f:d1:58:cd:91:
df:52:88:ac:7d:ec:e2:04:00:93:98:54:1c:39:58:1b:b2:f1:
4e:1c:58:c6:22:bc:08:37:bf:60:d7:eb:cc:7b:3b:a5:0e:38:
41:7b:d9:c9:8e:22:80:f1:7e:c7:61:49:eb:f9:8a:f5:c0:f8:
fb:4a:a6:94:10:79:32:19:2b:f3:ab:fd:6c:1d:14:87:63:1c:
13:6e:ef:79:a5:ec:c8:ce:c7:81:da:b6:a3:96:45:9f:15:fd:
42:90:6b:b6:3c:34:03:ea:29:97:d0:16:7b:27:1b:71:57:30:
ed:6e:5e:25:af:f2:76:aa:a0:af:ac:bc:83:b5:19:70:9a:f4:
ae:e2:60:e3:ec:b0:66:4e:f7:d4:8c:14:db:27:84:90:56:73:
b8:f8:5b:cf:d3:7d:22:97:93:df:10:44:7c:35:2b:37:c5:99:
c8:5a:90:38
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6Pe+TjhMq//h85hcWNca5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzMwMTMxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjliM2Q0MmVmMzY0NDkwYTZkNDg0ZTY2NGY4Y2Q5MWM3OGU5MWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9HYZjPHkEv1b2remwxy3WEAKpIa
GeueJn862bwvFTwvM7YVL+OqfSklBSOdCmPLnIdXbMmX2Sd/+0f/uHdzILLVNJWd
oiPPzYYQvYZYl+gX+wjkO41VK8kSCABXP9dN1OfAZku875A1ONhLmTiQS8M79mK0
Tiq+0ZTZm1Toro3PoLvER91y1ipex/4XUW65Z6WuzBKZ5hqv2anRNoYkwAZkUKH1
pmTpHeeIJpACNVI4BOghj0/20ojU0xEzMmrq1o0QMItz0ycm+XDAB6rMP1Yf1pmp
piXfA+TAmVeDlvRjOB69LzRXkt17Ct0T/fL1SajvZhScy3rEilaUPh4y3wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH+bPULvNkSQptSE5mT4zZHHjpHRMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZjVzOVF1ODJSSkNtMUlUbVpQak5rY2VPa2RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI3tkL1U22QUk6xpdIkr
WhvwnB6EJenXA5AnElboVd1nHm7+kwCrGoz3Lrd739AYm+PhyrJNExR22gLWaRpy
1fHSxGUDNxG40wnsL5n4LfBMTOFhBhsv0VjNkd9SiKx97OIEAJOYVBw5WBuy8U4c
WMYivAg3v2DX68x7O6UOOEF72cmOIoDxfsdhSev5ivXA+PtKppQQeTIZK/Or/Wwd
FIdjHBNu73ml7MjOx4HatqOWRZ8V/UKQa7Y8NAPqKZfQFnsnG3FXMO1uXiWv8naq
oK+svIO1GXCa9K7iYOPssGZO99SMFNsnhJBWc7j4W8/TfSKXk98QRHw1KzfFmcha
kDg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:17 2025 by rpki-client