Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/i0FYznOVgDjyrrQajPX35OZPp8g.roa
File: i0FYznOVgDjyrrQajPX35OZPp8g.roa (raw, json)
Hash identifier: tozQ8pebl5VATwYussMlU96NwoZkaradwnxYxDYrQSk=
Subject key identifier: 8B:41:58:CE:73:95:80:38:F2:AE:B4:1A:8C:F5:F7:E4:E6:4F:A7:C8
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CF15D6BE7407380961E4AC7CF0D4BBF5D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/i0FYznOVgDjyrrQajPX35OZPp8g.roa
Signing time: Wed 10 Jan 2024 03:14:40 +0000
ROA not before: Wed 10 Jan 2024 03:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f1:5d:6b:e7:40:73:80:96:1e:4a:c7:cf:0d:4b:bf:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 10 03:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b4158ce73958038f2aeb41a8cf5f7e4e64fa7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:33:51:26:43:ee:eb:21:c0:fc:93:b9:0d:e5:
b2:b1:52:67:a8:8d:0f:79:03:26:b5:57:2b:68:8e:
ad:3c:48:4c:a4:dd:0a:63:0c:a6:9f:2e:65:6f:88:
5b:3b:25:16:80:58:5f:3f:98:64:ae:30:46:21:50:
26:bc:c6:78:ea:ef:c8:4a:43:a8:c2:22:f8:e7:79:
24:74:07:aa:80:5e:65:84:55:9b:88:0c:ff:06:4e:
08:f6:a9:1a:13:40:3b:f6:14:7b:b7:15:c9:6c:75:
27:31:3a:9c:8c:09:75:d1:37:c0:be:2c:64:a4:55:
b9:2e:4a:41:30:a0:a5:98:66:01:46:5d:5e:1d:d1:
4a:05:96:6c:66:e9:fa:b4:1d:f1:61:10:5b:7f:b9:
9a:a0:a2:d9:d0:e0:67:b3:7e:29:40:6c:42:ca:6d:
90:1e:6c:69:d2:76:b3:8d:45:88:8b:a0:0b:48:cb:
08:62:44:06:47:e7:56:56:c4:11:5e:73:07:87:93:
e0:b9:25:81:e0:62:8f:c1:7b:4d:5f:04:68:b7:df:
19:a6:87:58:33:26:5f:d2:9b:ee:62:27:65:70:86:
26:2d:2d:39:37:1e:d5:23:5f:d7:df:e4:73:3c:6c:
a6:b8:0b:f5:fc:72:53:e5:35:47:2a:f5:43:6c:a9:
22:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:41:58:CE:73:95:80:38:F2:AE:B4:1A:8C:F5:F7:E4:E6:4F:A7:C8
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/i0FYznOVgDjyrrQajPX35OZPp8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
48:3a:37:8d:8d:d3:13:58:cd:d3:b1:1a:d1:75:31:ec:db:3c:
92:82:23:85:c3:e5:34:e8:c7:d3:cc:53:fe:6b:d1:9a:89:03:
4f:d0:91:32:5b:bf:0d:24:88:7e:79:01:a6:81:6a:c3:2e:a9:
a2:38:ec:78:41:3f:56:44:ed:c1:bb:8c:af:58:ba:27:b5:5d:
1f:9e:b1:eb:51:4c:d6:75:27:05:0c:63:60:fc:79:cf:f8:ed:
58:bc:f7:2c:2d:20:4e:b3:a6:57:df:7c:c5:2b:7d:f5:0a:cf:
05:d2:19:8f:83:26:de:25:a5:0b:6c:d0:48:34:01:4f:cd:4e:
ff:1c:b0:18:37:44:d2:e1:4a:a8:ea:be:c7:45:6e:0a:10:70:
7e:6b:db:c7:8b:57:0a:b2:4d:6d:1b:e1:7c:65:17:9f:66:36:
45:0f:8c:8e:8f:61:e0:2a:e4:6d:27:10:51:64:cd:6d:70:3b:
54:7c:43:01:7f:2f:d9:d0:23:8c:95:cf:42:92:ce:0f:85:8d:
55:bc:0e:cd:a5:f7:d1:70:1d:b8:73:03:3d:c2:02:f0:28:c1:
75:c3:5c:48:9f:fe:70:02:cf:6c:d9:6f:97:04:a6:cd:c1:b9:
fc:05:a2:d0:42:2f:0f:f8:32:de:80:9d:e7:1b:ca:82:ce:af:
30:2f:33:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzxXWvnQHOAlh5Kx88NS79dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTEwMDMxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQxNThjZTczOTU4MDM4ZjJhZWI0MWE4Y2Y1ZjdlNGU2NGZhN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zNRJkPu6yHA/JO5DeWysVJnqI0P
eQMmtVcraI6tPEhMpN0KYwymny5lb4hbOyUWgFhfP5hkrjBGIVAmvMZ46u/ISkOo
wiL453kkdAeqgF5lhFWbiAz/Bk4I9qkaE0A79hR7txXJbHUnMTqcjAl10TfAvixk
pFW5LkpBMKClmGYBRl1eHdFKBZZsZun6tB3xYRBbf7maoKLZ0OBns34pQGxCym2Q
Hmxp0nazjUWIi6ALSMsIYkQGR+dWVsQRXnMHh5PguSWB4GKPwXtNXwRot98ZpodY
MyZf0pvuYidlcIYmLS05Nx7VI1/X3+RzPGymuAv1/HJT5TVHKvVDbKkiLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFItBWM5zlYA48q60Goz19+TmT6fIMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaTBGWXpuT1ZnRGp5cnJRYWpQWDM1T1pQcDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEg6N42N0xNYzdOxGtF1
MezbPJKCI4XD5TTox9PMU/5r0ZqJA0/QkTJbvw0kiH55AaaBasMuqaI47HhBP1ZE
7cG7jK9Yuie1XR+esetRTNZ1JwUMY2D8ec/47Vi89ywtIE6zplfffMUrffUKzwXS
GY+DJt4lpQts0Eg0AU/NTv8csBg3RNLhSqjqvsdFbgoQcH5r28eLVwqyTW0b4Xxl
F59mNkUPjI6PYeAq5G0nEFFkzW1wO1R8QwF/L9nQI4yVz0KSzg+FjVW8Ds2l99Fw
HbhzAz3CAvAowXXDXEif/nACz2zZb5cEps3BufwFotBCLw/4Mt6AnecbyoLOrzAv
M/A=
-----END CERTIFICATE-----
Generated at Sun Apr 20 14:28:42 2025 by rpki-client