Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iDuHO0dud1lDaZ5yNnIMw6xGqAY.roa
File: iDuHO0dud1lDaZ5yNnIMw6xGqAY.roa (raw, json)
Hash identifier: 1J7+oy6GIPCfXgMOWWUvn1n7MR1tfhx32hkk9Q0YVN4=
Subject key identifier: 88:3B:87:3B:47:6E:77:59:43:69:9E:72:36:72:0C:C3:AC:46:A8:06
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E4914D293490F4240610F3566AD596692
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iDuHO0dud1lDaZ5yNnIMw6xGqAY.roa
Signing time: Sat 16 Mar 2024 21:04:45 +0000
ROA not before: Sat 16 Mar 2024 21:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:4914:5890/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:49:14:d2:93:49:0f:42:40:61:0f:35:66:ad:59:66:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 16 21:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=883b873b476e775943699e7236720cc3ac46a806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3a:81:8d:b9:d7:cf:91:b3:e8:f7:5c:3a:8b:
4e:e4:0f:6b:e6:18:00:2b:93:26:ee:65:f0:05:60:
c8:02:1e:92:49:af:55:57:21:e2:10:c9:a9:f6:ce:
27:5e:31:ef:c9:7b:be:1f:5d:9d:a7:5f:1b:30:7c:
66:90:e3:1c:26:9a:f7:3e:c2:26:66:a9:22:86:78:
9f:00:b0:1f:db:80:d0:31:42:f5:3d:db:77:30:0a:
03:17:19:9b:c2:5a:19:db:e6:c7:38:bc:76:f1:83:
cc:07:29:2b:fd:f6:d9:4d:e8:f8:b1:71:22:44:f1:
7a:0a:2e:f5:81:6f:80:db:1c:0a:64:1b:cf:cc:9e:
92:21:f8:74:5e:3a:d4:89:b6:cd:ab:f6:c4:88:3c:
e2:9d:73:1c:b7:58:42:cb:d1:7a:ee:e7:68:ac:88:
89:a6:63:fb:c5:80:fb:7d:4d:8f:3c:de:eb:86:2e:
93:ba:10:13:e0:8e:47:1d:3a:f2:6f:d6:a2:14:af:
62:41:a8:06:e4:68:6d:c6:57:28:64:c5:00:ca:30:
40:16:4e:44:52:64:c6:ff:d2:07:f4:9c:d0:bd:89:
57:6c:ac:0b:f2:7e:53:8a:cf:c3:89:03:25:3b:41:
a8:1b:1b:bf:5a:dd:ce:6b:d2:b7:6c:58:29:9e:d1:
da:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3B:87:3B:47:6E:77:59:43:69:9E:72:36:72:0C:C3:AC:46:A8:06
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iDuHO0dud1lDaZ5yNnIMw6xGqAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:3e:2a:44:aa:b3:af:ee:be:fb:0d:5f:7c:83:d8:9e:e4:6d:
55:49:1e:bd:e9:f9:b1:9c:64:76:6c:07:7c:cc:69:5b:4e:79:
a9:13:aa:27:b3:59:10:34:b7:1c:23:28:e5:e3:3c:0d:d9:28:
b9:fd:06:48:47:e4:89:3e:8b:90:70:a8:be:c7:bb:cd:72:48:
3f:c1:74:59:b8:00:2b:a3:92:78:6e:e6:a8:61:13:88:71:9e:
2e:91:41:ff:fd:75:45:9f:ea:8a:b9:f3:65:be:f0:f2:fe:79:
4e:12:7a:31:d4:2d:f2:d2:37:03:c3:18:98:e1:e8:7e:2c:42:
bf:67:e5:a1:87:71:63:d3:ad:04:2d:40:72:a3:ef:62:e6:20:
4e:03:78:51:5b:89:ef:fb:dd:a2:cf:54:31:2e:39:a1:d6:76:
51:09:65:50:b1:67:26:54:9d:a2:20:c7:a8:26:d9:bd:78:bc:
3f:c9:5f:78:6d:58:5c:ab:24:73:da:23:38:2c:07:d1:31:80:
b2:98:e0:7e:a6:57:4f:31:90:38:fb:ff:0e:10:ce:f7:f6:b9:
19:e1:64:ce:df:82:5e:bc:fa:e7:7f:1e:fe:f2:99:f3:c1:f4:
16:78:4c:fd:f1:de:74:77:98:b3:87:d4:c2:2b:d8:a5:24:ca:
8e:c5:8e:27
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5JFNKTSQ9CQGEPNWatWWaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE2MjEwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODNiODczYjQ3NmU3NzU5NDM2OTllNzIzNjcyMGNjM2FjNDZhODA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjqBjbnXz5Gz6PdcOotO5A9r5hgA
K5Mm7mXwBWDIAh6SSa9VVyHiEMmp9s4nXjHvyXu+H12dp18bMHxmkOMcJpr3PsIm
ZqkihnifALAf24DQMUL1Pdt3MAoDFxmbwloZ2+bHOLx28YPMBykr/fbZTej4sXEi
RPF6Ci71gW+A2xwKZBvPzJ6SIfh0XjrUibbNq/bEiDzinXMct1hCy9F67udorIiJ
pmP7xYD7fU2PPN7rhi6TuhAT4I5HHTryb9aiFK9iQagG5GhtxlcoZMUAyjBAFk5E
UmTG/9IH9JzQvYlXbKwL8n5Tis/DiQMlO0GoGxu/Wt3Oa9K3bFgpntHaRwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIg7hztHbndZQ2mecjZyDMOsRqgGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaUR1SE8wZHVkMWxEYVo1eU5uSU13NnhHcUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEA+KkSqs6/uvvsNX3yD
2J7kbVVJHr3p+bGcZHZsB3zMaVtOeakTqiezWRA0txwjKOXjPA3ZKLn9BkhH5Ik+
i5BwqL7Hu81ySD/BdFm4ACujknhu5qhhE4hxni6RQf/9dUWf6oq582W+8PL+eU4S
ejHULfLSNwPDGJjh6H4sQr9n5aGHcWPTrQQtQHKj72LmIE4DeFFbie/73aLPVDEu
OaHWdlEJZVCxZyZUnaIgx6gm2b14vD/JX3htWFyrJHPaIzgsB9ExgLKY4H6mV08x
kDj7/w4Qzvf2uRnhZM7fgl68+ud/Hv7ymfPB9BZ4TP3x3nR3mLOH1MIr2KUkyo7F
jic=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:46:40 2025 by rpki-client