Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/itGAffu8uRIZy_AhpRd2IzPBROU.roa
File: itGAffu8uRIZy_AhpRd2IzPBROU.roa (raw, json)
Hash identifier: WWC2mFZJynz9r00ri6pd5KF1/VKrajZZvgvwcQUZBuQ=
Subject key identifier: 8A:D1:80:7D:FB:BC:B9:12:19:CB:F0:21:A5:17:76:23:33:C1:44:E5
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C93CDAA3D33CD9D197AB0F4BFC037B6F1
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/itGAffu8uRIZy_AhpRd2IzPBROU.roa
Signing time: Fri 22 Dec 2023 23:12:58 +0000
ROA not before: Fri 22 Dec 2023 23:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:93:cd:aa:3d:33:cd:9d:19:7a:b0:f4:bf:c0:37:b6:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 22 23:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ad1807dfbbcb91219cbf021a517762333c144e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e4:08:53:0b:25:d4:82:00:7e:91:00:09:6a:
1c:b9:b8:44:22:e0:ba:ab:fa:4a:e5:8e:d7:47:9c:
3d:44:eb:26:f0:e1:b3:43:6b:48:1a:a1:eb:b7:3d:
9b:a7:46:20:a7:57:a8:40:ab:00:1e:7c:c2:1c:e1:
d3:7e:8f:de:4d:e0:d2:38:42:b3:ca:af:e7:8f:c7:
39:74:c3:48:4a:2f:e2:13:61:ad:9a:d5:04:f1:fc:
93:a6:58:6b:8e:42:60:25:58:2f:82:40:2d:24:7e:
0f:fb:5c:65:3e:64:1e:ed:47:33:87:5b:f9:3b:8c:
42:f9:2e:54:3a:03:07:46:e8:1c:2f:d2:70:3e:96:
96:3b:7b:f4:e2:84:66:01:74:60:e8:c4:cb:43:88:
54:78:36:db:a9:6e:08:8a:04:78:c6:7a:1a:2a:33:
ec:48:cc:eb:70:c6:a6:7c:f8:32:fd:7f:17:b8:93:
50:32:d6:7c:42:07:1b:68:e4:79:8c:8e:fa:5e:41:
6b:ca:0f:2c:77:6c:4c:c0:25:79:02:8b:1c:5c:76:
04:15:95:58:52:ac:7d:23:ed:2b:fb:4c:7b:39:4b:
0e:7b:b2:1e:0e:9e:26:83:69:1e:23:2a:f7:5e:b5:
c7:d8:de:b0:a2:b1:65:ba:c1:68:9a:a0:71:bf:24:
ca:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D1:80:7D:FB:BC:B9:12:19:CB:F0:21:A5:17:76:23:33:C1:44:E5
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/itGAffu8uRIZy_AhpRd2IzPBROU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:3d:f9:6b:83:4f:8d:0e:6d:a7:25:f7:6e:c0:b4:c2:06:82:
9b:59:f9:03:3a:cb:22:22:61:71:a7:e2:de:15:51:95:5b:fc:
7c:a3:dc:d6:23:dc:54:66:ca:ef:de:08:3a:2c:d0:e8:97:f7:
99:d4:08:f4:7c:c9:91:ea:41:8f:b5:3a:cc:94:50:6a:8c:0e:
b2:43:d1:64:68:d1:9e:28:64:27:56:ab:82:d0:4b:9a:80:cf:
84:ea:43:7a:94:47:15:67:99:03:e4:99:a6:ce:88:34:55:e5:
94:a1:10:56:5a:6f:d2:1f:b8:d3:6e:f2:07:18:7c:c5:ba:2c:
c1:fe:c5:9e:3d:46:ac:6c:58:21:28:85:bf:61:67:1b:9c:ac:
5e:63:f8:85:2e:93:67:36:c6:55:68:a7:b3:5e:5b:6b:8c:a2:
67:94:a3:97:cc:40:5f:68:29:ee:c1:3f:ed:d5:fc:54:00:bc:
4d:42:6d:06:b6:9c:1c:98:18:bb:39:91:d8:20:44:39:09:24:
06:58:61:bd:4c:66:c4:19:a1:18:e3:f4:65:3a:41:b2:dc:53:
56:f5:d8:e3:ff:2e:70:21:db:df:79:95:1e:e5:c3:74:a3:63:
4c:28:f9:a9:c4:cc:d8:41:bf:8b:43:03:68:53:d7:41:b7:18:
bc:05:60:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyTzao9M82dGXqw9L/AN7bxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIyMjMxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQxODA3ZGZiYmNiOTEyMTljYmYwMjFhNTE3NzYyMzMzYzE0NGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOQIUwsl1IIAfpEACWocubhEIuC6
q/pK5Y7XR5w9ROsm8OGzQ2tIGqHrtz2bp0Ygp1eoQKsAHnzCHOHTfo/eTeDSOEKz
yq/nj8c5dMNISi/iE2GtmtUE8fyTplhrjkJgJVgvgkAtJH4P+1xlPmQe7Uczh1v5
O4xC+S5UOgMHRugcL9JwPpaWO3v04oRmAXRg6MTLQ4hUeDbbqW4IigR4xnoaKjPs
SMzrcMamfPgy/X8XuJNQMtZ8QgcbaOR5jI76XkFryg8sd2xMwCV5AoscXHYEFZVY
Uqx9I+0r+0x7OUsOe7IeDp4mg2keIyr3XrXH2N6worFlusFomqBxvyTKkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrRgH37vLkSGcvwIaUXdiMzwUTlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaXRHQWZmdTh1UklaeV9BaHBSZDJJelBCUk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGg9+WuDT40Obacl927A
tMIGgptZ+QM6yyIiYXGn4t4VUZVb/Hyj3NYj3FRmyu/eCDos0OiX95nUCPR8yZHq
QY+1OsyUUGqMDrJD0WRo0Z4oZCdWq4LQS5qAz4TqQ3qURxVnmQPkmabOiDRV5ZSh
EFZab9IfuNNu8gcYfMW6LMH+xZ49RqxsWCEohb9hZxucrF5j+IUuk2c2xlVop7Ne
W2uMomeUo5fMQF9oKe7BP+3V/FQAvE1CbQa2nByYGLs5kdggRDkJJAZYYb1MZsQZ
oRjj9GU6QbLcU1b12OP/LnAh2995lR7lw3SjY0wo+anEzNhBv4tDA2hT10G3GLwF
YD8=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:17:06 2025 by rpki-client