Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/is_d6ClimUb1VuXDwQXR5o1YooY.roa
File: is_d6ClimUb1VuXDwQXR5o1YooY.roa (raw, json)
Hash identifier: teGmoHW2avadT4vsGHdOmpcGjuyVO3iC/oqfCCvt3aM=
Subject key identifier: 8A:CF:DD:E8:29:62:99:46:F5:56:E5:C3:C1:05:D1:E6:8D:58:A2:86
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D849024828943DA37FAA1517C81656A38
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/is_d6ClimUb1VuXDwQXR5o1YooY.roa
Signing time: Wed 07 Feb 2024 17:14:15 +0000
ROA not before: Wed 07 Feb 2024 17:14:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:84:90:24:82:89:43:da:37:fa:a1:51:7c:81:65:6a:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 7 17:14:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8acfdde829629946f556e5c3c105d1e68d58a286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c9:43:f2:70:81:96:1d:31:5d:6b:c7:6d:c9:
b2:d5:bb:6b:2f:dc:be:3a:21:77:a2:8d:4b:97:d7:
12:c4:9b:90:84:e2:8c:13:8c:54:b9:95:cf:97:24:
f5:18:2e:45:78:1c:cb:20:e4:12:34:a4:a2:a6:ca:
2c:9b:91:c9:9f:5d:a7:ef:0c:03:69:12:af:99:9d:
60:ae:99:4d:07:97:79:6a:6d:2b:ab:b0:62:06:67:
a9:da:91:bf:5f:99:44:2b:8d:ca:ff:60:f6:00:fa:
93:34:d3:b6:ae:b5:4f:14:b6:2e:5f:ee:37:ff:30:
94:78:ff:9c:31:59:e7:66:27:5d:e2:eb:7b:e9:ee:
d0:00:d6:0c:46:2e:0c:44:7f:11:cd:72:19:31:1f:
3d:1e:6b:32:1e:3e:e7:ef:ed:98:06:2c:b3:db:13:
ad:c8:72:2a:3a:b1:67:7a:04:f5:74:32:e0:3f:08:
91:bd:02:41:01:c9:30:69:64:ef:b2:7d:56:d1:67:
5c:62:de:31:4e:56:d6:99:3a:61:6e:0a:f6:0a:4c:
fb:d4:e1:9a:31:56:a7:ee:9e:3e:85:0b:be:86:a9:
e2:2a:30:99:b1:9b:04:db:b4:d2:95:14:31:3f:2e:
cc:8f:fd:41:97:4d:25:c2:4a:e5:d3:6c:01:a5:4a:
b9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CF:DD:E8:29:62:99:46:F5:56:E5:C3:C1:05:D1:E6:8D:58:A2:86
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/is_d6ClimUb1VuXDwQXR5o1YooY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
12:fe:61:2a:01:20:26:47:a4:62:2a:87:5d:9f:7f:d3:1a:52:
bf:46:7e:8d:f1:07:d3:6a:e4:45:a4:70:7c:df:1a:a6:c9:e2:
35:be:20:b3:26:2b:cf:5d:2f:e4:de:ec:4d:44:a4:4e:fe:57:
5d:77:47:92:88:90:e9:09:e7:b1:0f:66:0e:8a:0b:e8:d7:e6:
a6:b4:3b:ff:fb:53:77:3e:7c:6c:f3:0b:46:55:cc:94:9e:94:
7e:7e:4d:6d:92:2d:93:03:26:72:dc:68:23:57:68:c9:f8:ad:
4f:4d:46:02:a8:c2:5c:7f:f3:9d:57:d1:a4:c1:1a:70:f1:86:
c1:59:db:64:e8:b5:b0:62:85:35:db:e3:e7:b9:f3:0d:f4:8b:
d9:75:a1:5a:8d:0a:bf:fb:88:95:e5:d9:9c:bf:94:78:00:0b:
7c:24:e7:49:bd:56:db:72:ec:78:da:b7:27:e6:44:00:04:5f:
3e:f8:b5:7e:2d:d6:b1:af:57:e8:a0:25:0e:63:a7:4b:01:c1:
2e:40:1c:af:82:af:e6:e6:93:68:58:fa:be:fc:8b:54:72:99:
51:c3:d6:53:cf:e1:4e:34:84:eb:25:ea:31:97:85:66:3f:e9:
87:3e:27:72:ee:67:39:67:0f:90:a8:4c:31:be:9c:d4:ec:e6:
06:22:c3:b1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2EkCSCiUPaN/qhUXyBZWo4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA3MTcxNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNmZGRlODI5NjI5OTQ2ZjU1NmU1YzNjMTA1ZDFlNjhkNThhMjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8lD8nCBlh0xXWvHbcmy1btrL9y+
OiF3oo1Ll9cSxJuQhOKME4xUuZXPlyT1GC5FeBzLIOQSNKSipsosm5HJn12n7wwD
aRKvmZ1grplNB5d5am0rq7BiBmep2pG/X5lEK43K/2D2APqTNNO2rrVPFLYuX+43
/zCUeP+cMVnnZidd4ut76e7QANYMRi4MRH8RzXIZMR89HmsyHj7n7+2YBiyz2xOt
yHIqOrFnegT1dDLgPwiRvQJBAckwaWTvsn1W0WdcYt4xTlbWmTphbgr2Ckz71OGa
MVan7p4+hQu+hqniKjCZsZsE27TSlRQxPy7Mj/1Bl00lwkrl02wBpUq5RQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrP3egpYplG9Vblw8EF0eaNWKKGMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaXNfZDZDbGltVWIxVnVYRHdRWFI1bzFZb29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABL+YSoBICZHpGIqh12f
f9MaUr9Gfo3xB9Nq5EWkcHzfGqbJ4jW+ILMmK89dL+Te7E1EpE7+V113R5KIkOkJ
57EPZg6KC+jX5qa0O//7U3c+fGzzC0ZVzJSelH5+TW2SLZMDJnLcaCNXaMn4rU9N
RgKowlx/851X0aTBGnDxhsFZ22TotbBihTXb4+e58w30i9l1oVqNCr/7iJXl2Zy/
lHgAC3wk50m9Vtty7HjatyfmRAAEXz74tX4t1rGvV+igJQ5jp0sBwS5AHK+Cr+bm
k2hY+r78i1RymVHD1lPP4U40hOsl6jGXhWY/6Yc+J3LuZzlnD5CoTDG+nNTs5gYi
w7E=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:39:46 2025 by rpki-client