Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/izakUe0jnRKlbbhgWlCY-1pP_aE.roa
File: izakUe0jnRKlbbhgWlCY-1pP_aE.roa (raw, json)
Hash identifier: SFAaUz/HGKelYm3oqSyfVvsYvTVE6lN4r0FzjSppmE0=
Subject key identifier: 8B:36:A4:51:ED:23:9D:12:A5:6D:B8:60:5A:50:98:FB:5A:4F:FD:A1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D940079AF06A6D56E17723B4DD35A017A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/izakUe0jnRKlbbhgWlCY-1pP_aE.roa
Signing time: Sat 10 Feb 2024 17:11:15 +0000
ROA not before: Sat 10 Feb 2024 17:11:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:94:00:79:af:06:a6:d5:6e:17:72:3b:4d:d3:5a:01:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 10 17:11:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b36a451ed239d12a56db8605a5098fb5a4ffda1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:06:84:77:0d:19:8f:d2:5b:6e:ec:67:b1:0b:
74:09:62:c4:24:5e:f0:47:3b:2d:fe:e0:b3:02:a4:
fb:d8:07:a9:96:a1:b6:2a:3d:0c:3b:3d:9a:ee:9e:
89:a8:00:97:94:6d:93:56:65:3c:5a:fe:36:77:1c:
99:e9:77:50:c8:c0:cb:c8:7a:de:69:c4:40:80:1d:
92:20:87:14:65:2f:00:fc:c6:38:ac:56:ed:62:10:
e6:41:e3:66:63:eb:0c:a4:f9:d3:07:97:34:9e:83:
bf:82:ca:d1:05:e3:58:69:31:cb:1a:87:11:e8:70:
79:90:14:67:8a:12:7b:cc:7e:20:0e:03:24:28:97:
df:b6:b3:ce:33:9f:cd:b4:fd:dd:d9:2b:ff:d4:51:
61:f9:5a:b7:89:09:c8:fa:5d:16:be:5f:d2:26:a4:
d1:cf:d3:80:20:74:24:78:17:ee:56:65:02:3b:5a:
00:90:02:37:b7:f9:48:71:03:90:9a:db:bd:ac:e8:
20:3f:32:ea:63:b0:16:3a:e4:58:e2:50:27:f9:98:
d8:4f:d5:4c:73:b7:45:fd:bc:cd:18:cc:fb:d0:67:
09:63:00:0c:83:f4:84:5a:db:5b:03:ad:94:0c:f7:
26:91:cd:30:89:a3:b9:f2:47:cc:58:6b:41:f8:95:
0e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:36:A4:51:ED:23:9D:12:A5:6D:B8:60:5A:50:98:FB:5A:4F:FD:A1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/izakUe0jnRKlbbhgWlCY-1pP_aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0d:c2:25:9b:24:4f:80:f1:2d:8f:0d:d6:d8:59:59:19:80:9e:
13:f5:e8:fe:1a:35:42:e4:8f:5c:93:24:a6:00:8c:34:a8:29:
92:4b:39:36:b3:2c:15:91:06:61:b5:96:14:06:f4:6a:36:52:
65:3f:0d:f5:dc:d0:96:ef:23:70:1a:2d:69:3a:c3:66:94:37:
e4:77:07:63:09:a1:a4:e0:79:c7:08:e0:75:91:6c:fc:cc:e2:
ac:26:92:56:31:80:62:94:af:71:a8:cb:c7:2c:12:2a:35:ab:
93:dd:5c:44:c5:9f:90:1c:33:db:69:3b:d8:fa:4b:d6:07:62:
12:12:83:3b:2c:5b:71:a4:21:4f:85:46:b2:2a:62:2a:62:dd:
a8:4d:b4:90:82:41:51:ce:28:4f:05:37:83:59:0a:91:24:2b:
65:ea:c3:d9:73:28:a0:a6:40:32:34:81:02:bf:21:b7:5d:c6:
0f:1c:fb:4c:a8:c9:9c:92:53:74:e0:82:90:4d:5a:7e:d6:12:
4a:ee:4c:7b:85:c6:7c:07:95:fc:70:c4:f4:db:4b:ff:68:24:
c1:c2:f9:24:5e:46:7c:2d:51:c9:30:c0:27:30:9d:42:fe:f6:
ee:d3:c0:c4:2b:82:b5:2b:7b:de:db:e8:72:ec:15:91:69:21:
91:a8:9a:f6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2UAHmvBqbVbhdyO03TWgF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjEwMTcxMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjM2YTQ1MWVkMjM5ZDEyYTU2ZGI4NjA1YTUwOThmYjVhNGZmZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAaEdw0Zj9JbbuxnsQt0CWLEJF7w
Rzst/uCzAqT72AeplqG2Kj0MOz2a7p6JqACXlG2TVmU8Wv42dxyZ6XdQyMDLyHre
acRAgB2SIIcUZS8A/MY4rFbtYhDmQeNmY+sMpPnTB5c0noO/gsrRBeNYaTHLGocR
6HB5kBRnihJ7zH4gDgMkKJfftrPOM5/NtP3d2Sv/1FFh+Vq3iQnI+l0Wvl/SJqTR
z9OAIHQkeBfuVmUCO1oAkAI3t/lIcQOQmtu9rOggPzLqY7AWOuRY4lAn+ZjYT9VM
c7dF/bzNGMz70GcJYwAMg/SEWttbA62UDPcmkc0wiaO58kfMWGtB+JUOpwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIs2pFHtI50SpW24YFpQmPtaT/2hMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvaXpha1VlMGpuUktsYmJoZ1dsQ1ktMXBQX2FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA3CJZskT4DxLY8N1thZ
WRmAnhP16P4aNULkj1yTJKYAjDSoKZJLOTazLBWRBmG1lhQG9Go2UmU/DfXc0Jbv
I3AaLWk6w2aUN+R3B2MJoaTgeccI4HWRbPzM4qwmklYxgGKUr3Goy8csEio1q5Pd
XETFn5AcM9tpO9j6S9YHYhISgzssW3GkIU+FRrIqYipi3ahNtJCCQVHOKE8FN4NZ
CpEkK2Xqw9lzKKCmQDI0gQK/Ibddxg8c+0yoyZySU3TggpBNWn7WEkruTHuFxnwH
lfxwxPTbS/9oJMHC+SReRnwtUckwwCcwnUL+9u7TwMQrgrUre97b6HLsFZFpIZGo
mvY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:34:31 2025 by rpki-client