Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iWVpJ6KpqUNfypuG2wiY_Zjeqnc.roa
File: iWVpJ6KpqUNfypuG2wiY_Zjeqnc.roa (raw, json)
Hash identifier: 2Hyq6GpUcVChTJtRqW0hpha6sEkkI47q5NA1d3jiWQ4=
Subject key identifier: 89:65:69:27:A2:A9:A9:43:5F:CA:9B:86:DB:08:98:FD:98:DE:AA:77
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D145643649F7FC97D07AB140C10352FF1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iWVpJ6KpqUNfypuG2wiY_Zjeqnc.roa
Signing time: Tue 16 Jan 2024 22:13:34 +0000
ROA not before: Tue 16 Jan 2024 22:13:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:14:56:43:64:9f:7f:c9:7d:07:ab:14:0c:10:35:2f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 16 22:13:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89656927a2a9a9435fca9b86db0898fd98deaa77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ca:f9:a2:28:15:c6:01:17:14:cd:2a:f2:2d:
ec:0c:8c:a4:e2:ac:06:aa:46:78:aa:08:f1:25:85:
82:e8:15:83:f8:4a:36:04:25:d1:55:ce:e9:50:68:
10:2a:dd:f2:d8:72:ef:5e:8a:f6:33:71:f4:1c:0f:
40:f1:9d:cf:c6:b7:f9:da:7f:d9:44:3f:a0:9c:a2:
18:f5:cd:4a:b8:8b:df:28:00:7f:4d:0a:74:2a:8b:
a8:3c:9f:3d:85:87:17:c9:b1:30:19:d2:2f:e3:12:
10:c7:ff:04:76:31:37:80:ec:e2:8f:96:08:f7:d1:
38:97:f9:9e:4d:d4:50:e7:5e:64:64:87:17:6e:58:
ad:30:3f:9b:3a:54:96:d8:7b:8a:f0:47:60:5e:57:
f7:cf:82:80:df:f6:e0:5f:98:53:23:05:db:1d:d8:
14:76:2d:16:2e:30:70:b6:f8:3a:dd:87:d1:b4:5c:
e3:d8:3d:42:6c:9c:4f:a6:3b:1d:4f:0e:eb:e1:6b:
6a:50:89:1c:aa:5b:c3:4b:98:cf:b7:50:1a:47:a5:
83:e7:62:3c:ec:b9:ac:b4:99:5a:c9:a3:b7:e0:ab:
b0:96:a7:51:30:6d:13:fa:d1:30:9e:a4:4b:03:f3:
59:06:17:55:8f:e8:b5:ae:8f:3c:31:ca:27:26:cc:
62:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:65:69:27:A2:A9:A9:43:5F:CA:9B:86:DB:08:98:FD:98:DE:AA:77
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/iWVpJ6KpqUNfypuG2wiY_Zjeqnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a7:3c:b0:b2:5a:0f:f2:03:10:d3:90:61:23:4f:c3:73:25:b0:
90:06:35:43:a7:6c:9c:8a:3b:2c:26:a7:ca:05:b0:0c:bb:f6:
05:ba:30:29:2f:17:11:e8:a3:b0:4e:20:da:97:b7:20:dd:8c:
1d:6e:dd:63:55:6b:26:a0:84:57:9d:b8:8a:2a:5e:42:a9:ae:
d0:cd:80:90:ef:a1:02:14:04:0e:41:07:43:00:2b:f1:e3:f2:
38:37:06:f0:cc:71:b4:61:c3:15:20:c4:f9:78:87:3e:1f:c5:
d8:ef:8a:52:32:69:26:68:0f:98:c8:57:a0:71:39:a5:03:0b:
ee:31:e3:75:bf:69:2a:ac:62:0a:8b:ad:46:a2:48:c5:09:ce:
40:52:a2:0a:90:1f:6b:a0:59:bb:12:bd:60:aa:2a:05:ad:cb:
3f:3f:17:0d:d5:66:ee:31:8d:93:b9:a3:69:3e:30:11:76:72:
66:ce:95:d5:7e:64:91:5c:3c:f4:9a:1a:e8:e2:41:05:e0:d0:
bb:db:ae:ba:21:d8:86:fb:bc:16:f5:87:86:0f:86:c3:25:ea:
41:87:93:7a:60:a7:09:0f:ab:a2:70:7a:fe:a0:dc:5b:bf:51:
81:1a:4b:7c:40:11:ec:85:f3:34:53:d1:22:61:60:95:1d:40:
ed:e2:fe:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0UVkNkn3/JfQerFAwQNS/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE2MjIxMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY1NjkyN2EyYTlhOTQzNWZjYTliODZkYjA4OThmZDk4ZGVhYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcr5oigVxgEXFM0q8i3sDIyk4qwG
qkZ4qgjxJYWC6BWD+Eo2BCXRVc7pUGgQKt3y2HLvXor2M3H0HA9A8Z3Pxrf52n/Z
RD+gnKIY9c1KuIvfKAB/TQp0KouoPJ89hYcXybEwGdIv4xIQx/8EdjE3gOzij5YI
99E4l/meTdRQ515kZIcXblitMD+bOlSW2HuK8EdgXlf3z4KA3/bgX5hTIwXbHdgU
di0WLjBwtvg63YfRtFzj2D1CbJxPpjsdTw7r4WtqUIkcqlvDS5jPt1AaR6WD52I8
7LmstJlayaO34KuwlqdRMG0T+tEwnqRLA/NZBhdVj+i1ro88MconJsxi8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIllaSeiqalDX8qbhtsImP2Y3qp3MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaVdWcEo2S3BxVU5meXB1RzJ3aVlfWmplcW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKc8sLJaD/IDENOQYSNP
w3MlsJAGNUOnbJyKOywmp8oFsAy79gW6MCkvFxHoo7BOINqXtyDdjB1u3WNVayag
hFeduIoqXkKprtDNgJDvoQIUBA5BB0MAK/Hj8jg3BvDMcbRhwxUgxPl4hz4fxdjv
ilIyaSZoD5jIV6BxOaUDC+4x43W/aSqsYgqLrUaiSMUJzkBSogqQH2ugWbsSvWCq
KgWtyz8/Fw3VZu4xjZO5o2k+MBF2cmbOldV+ZJFcPPSaGujiQQXg0Lvbrroh2Ib7
vBb1h4YPhsMl6kGHk3pgpwkPq6Jwev6g3Fu/UYEaS3xAEeyF8zRT0SJhYJUdQO3i
/rU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:21:23 2025 by rpki-client