Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/guHcgMkPzrtqWNk0H1Ecd77rZpk.roa
File: guHcgMkPzrtqWNk0H1Ecd77rZpk.roa (raw, json)
Hash identifier: PPlO6haXNuNBoU9cSLwuyowvGsi9mlemRUmloX4RIeI=
Subject key identifier: 82:E1:DC:80:C9:0F:CE:BB:6A:58:D9:34:1F:51:1C:77:BE:EB:66:99
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE3A1E979E04020111CFEFC08F3416E86
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/guHcgMkPzrtqWNk0H1Ecd77rZpk.roa
Signing time: Sun 07 Jan 2024 11:14:48 +0000
ROA not before: Sun 07 Jan 2024 11:14:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e3:a1:e9:79:e0:40:20:11:1c:fe:fc:08:f3:41:6e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 7 11:14:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82e1dc80c90fcebb6a58d9341f511c77beeb6699
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:30:f6:48:57:60:fa:89:a0:7d:5c:3b:bb:f1:
8c:9c:9f:9e:14:3f:cf:fd:c0:0e:dc:61:27:1e:8d:
7d:b7:14:5f:28:17:9e:eb:11:fc:5f:ec:63:ce:eb:
e2:be:1c:d5:be:2d:15:f0:b1:ea:98:1b:66:b9:ad:
d0:6a:84:f2:8c:cf:63:f3:38:83:88:79:00:64:e7:
12:02:21:76:2e:8f:4b:01:25:47:b3:f2:85:74:06:
20:be:a0:40:28:e2:63:df:85:28:1a:ec:03:04:82:
25:43:42:2a:ec:cd:9a:50:ee:95:74:37:cc:fc:3e:
76:11:1f:80:62:9d:67:fe:3a:79:3d:b1:c0:82:c2:
23:29:54:d1:75:a3:fb:62:34:5f:f7:7f:97:ac:2e:
f1:8f:35:d7:7c:f4:5f:5e:f4:b8:92:e5:ab:5b:42:
50:8f:e1:ad:e8:1f:03:10:f9:f4:2e:8d:f1:2d:f4:
40:1e:2b:ce:9d:dd:4d:3b:83:4c:2b:23:0e:91:87:
b4:7e:23:7d:4f:c1:78:43:1a:94:c7:d9:e3:1b:21:
d6:67:00:2f:ca:f7:6c:9d:59:8f:44:11:9b:fd:86:
22:13:39:94:f3:4f:11:e9:36:80:8f:2e:10:c7:b7:
6f:55:f1:b1:ae:77:ef:7d:5c:63:44:b7:2f:f8:26:
4e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E1:DC:80:C9:0F:CE:BB:6A:58:D9:34:1F:51:1C:77:BE:EB:66:99
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/guHcgMkPzrtqWNk0H1Ecd77rZpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1d:c4:70:06:7e:50:cf:e9:7c:92:96:fe:66:fb:0d:a2:d8:4f:
dc:be:e0:72:ab:03:9e:47:d9:2f:6a:b0:e5:24:8a:fb:01:e8:
bd:de:05:39:9a:84:c8:ea:bc:dd:fc:17:63:f5:25:8c:72:32:
90:e5:72:8f:81:d0:12:2e:82:c9:ab:9e:42:24:33:d7:ea:37:
c7:8e:90:18:bb:f2:1e:9d:6d:c8:8e:22:91:65:8c:05:0b:92:
2f:5d:28:d4:eb:d2:97:77:ff:9d:53:9f:52:d2:75:b2:53:66:
f2:aa:65:0a:1e:28:81:ac:65:d8:c8:18:9f:ac:59:27:83:f0:
3a:16:d3:b2:8a:41:aa:bd:e5:b3:5d:27:d5:4f:c3:73:ad:fe:
92:8b:6f:f6:cb:ea:60:e3:0f:4a:52:24:2f:43:ef:90:e2:0f:
17:32:6d:90:af:b2:97:80:61:d3:33:b9:8f:26:10:1f:39:f4:
51:21:40:fb:6b:4a:fa:fc:72:3a:13:66:a1:87:e7:1a:39:b7:
2c:a4:db:8a:ad:e9:30:f1:40:73:bc:e3:aa:f0:f0:f4:e4:92:
02:93:5d:e6:06:63:cf:39:6b:fc:59:69:aa:47:3b:a9:fc:ac:
2a:8c:4e:8c:b0:7a:1b:db:a3:6d:20:68:24:dd:57:b5:ce:e0:
5f:60:f6:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzjoel54EAgERz+/AjzQW6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA3MTExNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmUxZGM4MGM5MGZjZWJiNmE1OGQ5MzQxZjUxMWM3N2JlZWI2Njk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DD2SFdg+omgfVw7u/GMnJ+eFD/P
/cAO3GEnHo19txRfKBee6xH8X+xjzuvivhzVvi0V8LHqmBtmua3QaoTyjM9j8ziD
iHkAZOcSAiF2Lo9LASVHs/KFdAYgvqBAKOJj34UoGuwDBIIlQ0Iq7M2aUO6VdDfM
/D52ER+AYp1n/jp5PbHAgsIjKVTRdaP7YjRf93+XrC7xjzXXfPRfXvS4kuWrW0JQ
j+Gt6B8DEPn0Lo3xLfRAHivOnd1NO4NMKyMOkYe0fiN9T8F4QxqUx9njGyHWZwAv
yvdsnVmPRBGb/YYiEzmU808R6TaAjy4Qx7dvVfGxrnfvfVxjRLcv+CZOTwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFILh3IDJD867aljZNB9RHHe+62aZMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvZ3VIY2dNa1B6cnRxV05rMEgxRWNkNzdyWnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAB3EcAZ+UM/pfJKW/mb7
DaLYT9y+4HKrA55H2S9qsOUkivsB6L3eBTmahMjqvN38F2P1JYxyMpDlco+B0BIu
gsmrnkIkM9fqN8eOkBi78h6dbciOIpFljAULki9dKNTr0pd3/51Tn1LSdbJTZvKq
ZQoeKIGsZdjIGJ+sWSeD8DoW07KKQaq95bNdJ9VPw3Ot/pKLb/bL6mDjD0pSJC9D
75DiDxcybZCvspeAYdMzuY8mEB859FEhQPtrSvr8cjoTZqGH5xo5tyyk24qt6TDx
QHO846rw8PTkkgKTXeYGY885a/xZaapHO6n8rCqMToywehvbo20gaCTdV7XO4F9g
9kE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:23 2025 by rpki-client