Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ifctt7YBEH536_Qh1xYXjq3zxKU.roa
File: ifctt7YBEH536_Qh1xYXjq3zxKU.roa (raw, json)
Hash identifier: F/uLdsPxmRM5x7lcGYvzBU2Tu7bbbEQTdDlc/SKM+6g=
Subject key identifier: 89:F7:2D:B7:B6:01:10:7E:77:EB:F4:21:D7:16:17:8E:AD:F3:C4:A5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CCCE265BC412827D61212F4E7DF735B5C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ifctt7YBEH536_Qh1xYXjq3zxKU.roa
Signing time: Wed 03 Jan 2024 01:13:58 +0000
ROA not before: Wed 03 Jan 2024 01:13:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cc:e2:65:bc:41:28:27:d6:12:12:f4:e7:df:73:5b:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 3 01:13:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89f72db7b601107e77ebf421d716178eadf3c4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5e:d4:e7:0c:69:bf:85:bc:4e:ff:1e:de:bc:
1b:59:68:97:b6:c6:d6:6b:8e:84:9e:b3:b9:a5:3c:
62:68:cd:04:ed:43:1d:ad:af:f4:8a:ab:94:44:cb:
af:b2:e3:18:73:c2:32:3d:27:e7:7b:31:44:f5:9b:
97:a2:14:ef:b7:a6:c4:89:f8:26:c3:75:b4:b6:86:
21:55:9f:54:bb:3b:aa:c2:f3:83:4a:44:40:85:38:
64:c0:ef:e8:a0:aa:f3:84:81:0e:e6:ad:92:8e:32:
99:3c:b0:a8:df:9d:30:08:76:56:3e:08:99:f5:e8:
69:62:b8:ca:de:5a:a4:98:75:e0:33:7c:c5:90:27:
f7:62:a8:5b:79:ef:89:8b:6b:68:2d:35:4b:6f:3d:
70:19:de:00:9f:53:b1:3a:47:7e:77:0e:2f:67:23:
8e:9d:e5:03:36:79:2b:54:40:b5:6a:38:e4:7f:4a:
2e:98:8b:3b:20:90:26:fc:8d:40:ae:4d:6a:c1:5a:
30:2a:77:44:71:71:d7:52:55:67:ed:2e:62:2e:2b:
14:71:1d:63:b6:8a:7c:ad:c2:11:cd:6e:c1:49:e9:
f2:da:04:f5:c2:96:3f:50:9d:ad:1e:34:df:1c:3f:
01:a9:6d:d5:88:c6:85:e9:ef:54:23:97:0b:e8:6f:
b5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F7:2D:B7:B6:01:10:7E:77:EB:F4:21:D7:16:17:8E:AD:F3:C4:A5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ifctt7YBEH536_Qh1xYXjq3zxKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
40:c5:9d:d8:51:e0:69:7f:ea:52:cd:e8:99:1b:b8:35:5e:5b:
5e:e3:87:ca:ac:b9:fc:81:fe:ce:5e:2d:3d:66:5e:9e:ba:33:
c1:aa:9e:b9:30:b1:1a:94:f7:09:49:75:d6:50:98:e0:dc:5d:
a4:1c:c2:19:dd:bc:6a:1a:43:d8:e9:d8:6f:da:0c:c9:ad:cb:
93:ac:1d:41:81:ad:85:b7:f9:56:df:13:74:f4:0c:b9:aa:9c:
56:c3:1b:13:d9:f2:99:72:2c:17:e6:b6:61:d9:e0:22:58:87:
5a:ae:1e:cc:3c:63:c0:ce:db:72:9f:55:00:06:6f:a2:46:07:
36:7c:5b:4c:9f:36:3c:40:ea:bd:2d:f4:86:68:21:86:58:5a:
45:25:e5:15:c8:92:7e:70:24:46:b8:18:b9:63:d9:d9:22:e5:
cd:93:17:9f:56:50:c6:ff:2d:3d:c6:b8:d6:77:ff:b7:7e:4d:
02:ec:5a:cd:cb:a9:b1:bc:03:8a:3e:ec:80:8c:e5:8d:ed:a9:
1d:3e:5b:a5:71:22:49:4b:87:ad:a9:b6:49:94:de:b1:0d:57:
d2:f2:80:69:a3:0f:8a:0b:56:e1:f4:69:08:9c:c5:6c:42:fa:
ce:a0:0c:1d:e6:b4:d1:3d:62:2a:b4:fc:02:14:2b:a7:e4:45:
6a:ad:cf:a5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzM4mW8QSgn1hIS9Offc1tcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTAzMDExMzU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWY3MmRiN2I2MDExMDdlNzdlYmY0MjFkNzE2MTc4ZWFkZjNjNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo17U5wxpv4W8Tv8e3rwbWWiXtsbW
a46EnrO5pTxiaM0E7UMdra/0iquURMuvsuMYc8IyPSfnezFE9ZuXohTvt6bEifgm
w3W0toYhVZ9UuzuqwvODSkRAhThkwO/ooKrzhIEO5q2SjjKZPLCo350wCHZWPgiZ
9ehpYrjK3lqkmHXgM3zFkCf3Yqhbee+Ji2toLTVLbz1wGd4An1OxOkd+dw4vZyOO
neUDNnkrVEC1ajjkf0oumIs7IJAm/I1Ark1qwVowKndEcXHXUlVn7S5iLisUcR1j
top8rcIRzW7BSeny2gT1wpY/UJ2tHjTfHD8BqW3ViMaF6e9UI5cL6G+19wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIn3Lbe2ARB+d+v0IdcWF46t88SlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaWZjdHQ3WUJFSDUzNl9RaDF4WVhqcTN6eEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEDFndhR4Gl/6lLN6Jkb
uDVeW17jh8qsufyB/s5eLT1mXp66M8GqnrkwsRqU9wlJddZQmODcXaQcwhndvGoa
Q9jp2G/aDMmty5OsHUGBrYW3+VbfE3T0DLmqnFbDGxPZ8plyLBfmtmHZ4CJYh1qu
Hsw8Y8DO23KfVQAGb6JGBzZ8W0yfNjxA6r0t9IZoIYZYWkUl5RXIkn5wJEa4GLlj
2dki5c2TF59WUMb/LT3GuNZ3/7d+TQLsWs3LqbG8A4o+7ICM5Y3tqR0+W6VxIklL
h62ptkmU3rENV9LygGmjD4oLVuH0aQicxWxC+s6gDB3mtNE9Yiq0/AIUK6fkRWqt
z6U=
-----END CERTIFICATE-----
Generated at Sun Apr 20 05:11:21 2025 by rpki-client