Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iN_v7RG9JT7RZCTdLjUaci6DnK8.roa
File: iN_v7RG9JT7RZCTdLjUaci6DnK8.roa (raw, json)
Hash identifier: HlT6We7dKsRkpl8FucLgtO4V9bGdo9dzkz7DFjbjHCc=
Subject key identifier: 88:DF:EF:ED:11:BD:25:3E:D1:64:24:DD:2E:35:1A:72:2E:83:9C:AF
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA114495EF39BE30477B1928EB977F7FC
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iN_v7RG9JT7RZCTdLjUaci6DnK8.roa
Signing time: Tue 02 Apr 2024 23:10:45 +0000
ROA not before: Tue 02 Apr 2024 23:10:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a1:14:49:5e:f3:9b:e3:04:77:b1:92:8e:b9:77:f7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 23:10:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88dfefed11bd253ed16424dd2e351a722e839caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5d:2a:ad:26:77:55:98:30:17:c9:fc:aa:2c:
7a:21:f8:b4:b2:76:cf:43:ef:07:b8:a0:0d:8a:39:
08:d7:68:3b:b1:67:d7:48:1f:10:c3:b1:62:ad:32:
8e:e1:85:91:66:c9:16:72:74:7f:78:02:de:58:cb:
1c:7f:4f:da:b2:7e:60:46:ee:37:b7:e9:c5:7d:49:
43:70:4d:09:2f:fe:0b:c1:b1:c4:12:04:59:cf:30:
1e:f2:34:1a:15:6f:26:34:c1:87:20:1d:76:2f:36:
7a:34:3b:5f:ff:3f:cc:d3:72:3c:38:ee:07:75:6a:
4e:84:81:d8:0b:a2:22:30:8f:39:72:62:72:3d:97:
1b:ee:41:60:87:53:56:a3:b3:f8:cb:3e:68:ba:d9:
2d:63:90:4d:16:8e:17:a2:d3:dd:b3:9d:1c:4a:62:
37:4e:fe:a4:45:21:d5:12:fb:8d:91:67:d0:7a:99:
0f:00:b7:17:b9:7b:90:ef:07:12:d0:54:e7:7a:88:
77:75:69:1a:31:7a:43:28:5c:d6:ad:a1:57:23:fa:
6d:b2:fd:5b:77:18:b5:07:5d:3a:a8:40:00:a2:31:
19:3a:cc:28:9a:e9:d5:cc:95:fd:a2:a2:0a:1d:65:
c9:fb:0f:9e:24:07:35:81:4f:ac:e9:93:c1:8f:19:
4f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:DF:EF:ED:11:BD:25:3E:D1:64:24:DD:2E:35:1A:72:2E:83:9C:AF
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iN_v7RG9JT7RZCTdLjUaci6DnK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
71:02:6d:0b:6c:72:85:cd:74:fb:42:3c:4e:d9:9b:38:13:1b:
24:ab:60:4d:2d:89:ad:64:45:1e:a5:67:14:61:00:37:da:ef:
ea:fe:d3:82:62:f7:80:b8:4b:00:84:a7:ec:8c:00:20:2c:7b:
3d:0f:2e:13:e0:aa:6c:c9:0a:6b:90:1b:16:1d:60:b8:5d:cf:
92:8b:19:ec:36:42:78:7c:be:f3:a7:6d:2d:11:ba:80:b8:b1:
5f:b5:02:10:5f:f7:6a:d5:d3:48:8e:06:01:16:73:ad:3b:7f:
50:8e:8f:61:25:fb:1c:05:08:b4:d2:2a:34:5d:c8:48:58:4d:
f4:33:e3:0e:65:a9:7a:3d:97:2c:b3:90:dc:82:63:19:61:4a:
b5:98:f4:54:42:fd:07:e9:4e:8d:52:3a:26:a1:2c:23:91:f0:
f5:4d:9c:0a:f6:4d:bc:ec:2f:58:2c:54:cf:60:71:33:f3:bc:
b0:8e:37:d5:ca:ca:1a:cc:76:b2:d8:aa:ff:0d:78:d8:cc:f7:
4f:69:e1:07:76:cd:df:a7:90:27:8b:57:d5:4b:74:03:9e:d8:
2f:50:27:df:66:50:8d:f5:0f:01:e8:f7:9e:8a:41:b7:8a:7f:
35:c6:af:d5:ef:97:46:8c:21:bc:96:55:a3:3d:b3:75:3a:75:
50:b5:5f:92
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6hFEle85vjBHexko65d/f8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMjMxMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGRmZWZlZDExYmQyNTNlZDE2NDI0ZGQyZTM1MWE3MjJlODM5Y2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjV0qrSZ3VZgwF8n8qix6Ifi0snbP
Q+8HuKANijkI12g7sWfXSB8Qw7FirTKO4YWRZskWcnR/eALeWMscf0/asn5gRu43
t+nFfUlDcE0JL/4LwbHEEgRZzzAe8jQaFW8mNMGHIB12LzZ6NDtf/z/M03I8OO4H
dWpOhIHYC6IiMI85cmJyPZcb7kFgh1NWo7P4yz5outktY5BNFo4XotPds50cSmI3
Tv6kRSHVEvuNkWfQepkPALcXuXuQ7wcS0FTneoh3dWkaMXpDKFzWraFXI/ptsv1b
dxi1B106qEAAojEZOswomunVzJX9oqIKHWXJ+w+eJAc1gU+s6ZPBjxlPYwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIjf7+0RvSU+0WQk3S41GnIug5yvMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaU5fdjdSRzlKVDdSWkNUZExqVWFjaTZEbks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHECbQtscoXNdPtCPE7Z
mzgTGySrYE0tia1kRR6lZxRhADfa7+r+04Ji94C4SwCEp+yMACAsez0PLhPgqmzJ
CmuQGxYdYLhdz5KLGew2Qnh8vvOnbS0RuoC4sV+1AhBf92rV00iOBgEWc607f1CO
j2El+xwFCLTSKjRdyEhYTfQz4w5lqXo9lyyzkNyCYxlhSrWY9FRC/QfpTo1SOiah
LCOR8PVNnAr2TbzsL1gsVM9gcTPzvLCON9XKyhrMdrLYqv8NeNjM909p4Qd2zd+n
kCeLV9VLdAOe2C9QJ99mUI31DwHo956KQbeKfzXGr9Xvl0aMIbyWVaM9s3U6dVC1
X5I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:30 2025 by rpki-client