Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/flNkYT6o-6UV0_ag-qJi64A4q1Y.roa
File: flNkYT6o-6UV0_ag-qJi64A4q1Y.roa (raw, json)
Hash identifier: LUM9Ub54exkBnDyivIitJnsoGWIJMfZmcFbI099pUfU=
Subject key identifier: 7E:53:64:61:3E:A8:FB:A5:15:D3:F6:A0:FA:A2:62:EB:80:38:AB:56
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EE218E823154F9F1D235C188E0C57DA5A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/flNkYT6o-6UV0_ag-qJi64A4q1Y.roa
Signing time: Mon 15 Apr 2024 14:11:06 +0000
ROA not before: Mon 15 Apr 2024 14:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:18:e8:23:15:4f:9f:1d:23:5c:18:8e:0c:57:da:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 14:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e5364613ea8fba515d3f6a0faa262eb8038ab56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ff:b3:74:0b:43:9a:ae:a6:01:6f:ae:02:30:
c2:66:d4:8f:39:f9:0d:6b:93:b9:d7:ed:91:de:31:
b7:f6:76:65:5b:a6:82:03:d2:d7:ca:ab:38:3b:f6:
37:c8:fa:4f:19:46:f0:82:e7:ee:42:53:45:f1:7e:
fe:5d:53:2d:d4:6e:bd:9c:60:6a:d0:34:1d:2e:b5:
0d:e6:ea:ca:f1:1b:4f:a8:1e:f9:a9:a3:c4:47:71:
bb:ea:59:96:46:a6:b8:0c:4a:99:50:a0:81:9b:dd:
bc:4f:d6:ce:16:b3:b7:09:cc:03:43:b7:5f:88:73:
69:65:8c:d0:a2:75:b7:78:dd:96:82:51:69:87:26:
d1:82:71:01:06:7a:e1:5e:57:2b:01:a9:16:ec:f7:
85:9e:da:ca:fc:cc:76:65:2c:a6:be:80:45:11:92:
95:27:7b:cf:4e:ec:5d:86:df:3e:c0:0e:96:b4:8f:
66:e3:2a:06:2f:6c:25:65:68:22:97:19:68:f1:41:
1f:14:58:ef:e5:f3:8c:d1:7c:ac:db:da:9a:0d:2a:
63:83:ac:dd:87:86:05:0d:f8:e7:ff:9a:2e:92:67:
d7:51:5a:b7:7d:a0:c9:02:fa:48:4d:78:c9:7d:fa:
d1:bb:2f:f7:0a:13:8a:ee:32:c4:e5:58:87:3a:86:
f0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:53:64:61:3E:A8:FB:A5:15:D3:F6:A0:FA:A2:62:EB:80:38:AB:56
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/flNkYT6o-6UV0_ag-qJi64A4q1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
21:18:98:cb:af:76:7e:ee:38:fb:91:a5:3f:bc:33:47:e6:5b:
8a:dd:dd:fe:6b:a6:1c:fd:ab:4a:a7:ca:e0:25:77:33:a6:98:
ce:f2:b0:35:64:bd:5c:09:c9:22:90:92:6b:47:38:c4:53:04:
b5:93:9e:7e:7d:4d:08:15:ab:21:61:3e:a4:87:6a:4d:3b:01:
39:f9:97:21:0f:7d:ee:ae:3c:47:6a:e0:ff:52:27:ee:26:a4:
b1:6e:ae:d9:93:34:93:d7:94:54:51:19:5b:b4:3d:12:4c:66:
83:32:96:09:14:35:7d:32:6b:e6:a0:5f:61:bb:f8:e8:36:7d:
f7:df:70:71:72:c8:6c:a1:2f:08:71:c9:7e:13:e2:f6:de:b3:
eb:64:b7:4e:bf:29:7f:b9:22:8b:3d:17:4e:39:47:80:ff:f6:
f1:35:b4:8b:c7:f8:ee:09:4a:13:b9:6c:1f:78:ee:24:94:78:
90:bd:5d:8c:45:b5:f1:92:87:ec:4e:06:29:aa:6e:2d:2a:fc:
b7:59:77:3d:49:e9:ae:37:77:30:6b:4d:d1:f2:c2:6e:f2:06:
74:89:dc:57:51:b8:84:d6:2b:ba:ca:52:8b:c6:a6:54:5a:b3:
82:b5:c9:22:43:10:28:09:b9:87:8b:b7:e0:8e:80:80:e8:a6:
12:06:ef:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7iGOgjFU+fHSNcGI4MV9paMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MTQxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTUzNjQ2MTNlYThmYmE1MTVkM2Y2YTBmYWEyNjJlYjgwMzhhYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v+zdAtDmq6mAW+uAjDCZtSPOfkN
a5O51+2R3jG39nZlW6aCA9LXyqs4O/Y3yPpPGUbwgufuQlNF8X7+XVMt1G69nGBq
0DQdLrUN5urK8RtPqB75qaPER3G76lmWRqa4DEqZUKCBm928T9bOFrO3CcwDQ7df
iHNpZYzQonW3eN2WglFphybRgnEBBnrhXlcrAakW7PeFntrK/Mx2ZSymvoBFEZKV
J3vPTuxdht8+wA6WtI9m4yoGL2wlZWgilxlo8UEfFFjv5fOM0Xys29qaDSpjg6zd
h4YFDfjn/5oukmfXUVq3faDJAvpITXjJffrRuy/3ChOK7jLE5ViHOobwYQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH5TZGE+qPulFdP2oPqiYuuAOKtWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZmxOa1lUNm8tNlVWMF9hZy1xSmk2NEE0cTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACEYmMuvdn7uOPuRpT+8
M0fmW4rd3f5rphz9q0qnyuAldzOmmM7ysDVkvVwJySKQkmtHOMRTBLWTnn59TQgV
qyFhPqSHak07ATn5lyEPfe6uPEdq4P9SJ+4mpLFurtmTNJPXlFRRGVu0PRJMZoMy
lgkUNX0ya+agX2G7+Og2ffffcHFyyGyhLwhxyX4T4vbes+tkt06/KX+5Ios9F045
R4D/9vE1tIvH+O4JShO5bB947iSUeJC9XYxFtfGSh+xOBimqbi0q/LdZdz1J6a43
dzBrTdHywm7yBnSJ3FdRuITWK7rKUovGplRas4K1ySJDECgJuYeLt+COgIDophIG
7w4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:45 2025 by rpki-client