Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jR56cxqhlzKppURk2BJTNIbelq4.roa
File: jR56cxqhlzKppURk2BJTNIbelq4.roa (raw, json)
Hash identifier: ft57dCbVnsIbjU5OPgVvATzdyj8r/V5g4fLFf8+4D1w=
Subject key identifier: 8D:1E:7A:73:1A:A1:97:32:A9:A5:44:64:D8:12:53:34:86:DE:96:AE
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC55470BA2A61DCD82EB41AB394E5EEB0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jR56cxqhlzKppURk2BJTNIbelq4.roa
Signing time: Tue 20 Feb 2024 07:04:21 +0000
ROA not before: Tue 20 Feb 2024 07:04:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:c554:5cb8/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:54:70:ba:2a:61:dc:d8:2e:b4:1a:b3:94:e5:ee:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 20 07:04:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8d1e7a731aa19732a9a54464d812533486de96ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b8:e6:09:51:91:63:4f:5a:85:72:8f:62:09:
fb:9c:d0:a3:07:87:6e:21:5d:af:45:d5:3a:93:c9:
c1:81:ea:a8:36:01:59:08:db:4a:a4:c9:f9:96:16:
e2:c0:aa:f2:c4:06:0f:b2:e8:59:23:7a:bd:cb:91:
b2:d2:9d:4f:f9:95:3f:c5:38:a0:08:19:9a:cd:6c:
3b:d9:72:ff:4d:07:3b:ef:01:61:64:8e:98:b3:6e:
bc:84:07:d8:ce:33:e0:50:7c:8b:ee:aa:ff:92:de:
65:95:33:7f:d9:7c:32:94:dc:ca:89:9b:f7:60:9f:
60:39:83:6e:6d:c5:03:e0:7c:c7:f0:4f:e7:8f:40:
95:d2:c7:28:02:1b:ae:37:56:cf:11:40:8b:31:2b:
85:ed:43:15:e5:a1:2c:4d:f5:a8:d9:00:2b:ca:9d:
06:cc:fe:46:e2:ff:42:94:a0:ba:1a:ad:51:77:33:
c2:97:cc:52:a5:ca:79:7f:0b:00:3d:b0:2b:a0:da:
d7:82:e6:41:cb:4b:f5:b6:da:e0:5d:62:01:43:55:
8a:30:5c:76:17:5d:85:39:6a:05:d4:b9:15:bf:de:
8f:32:43:6b:bb:1c:49:c7:70:fd:3c:ea:fe:0d:08:
0d:d6:43:24:f2:ba:86:3b:36:bc:67:76:c7:91:a8:
4a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1E:7A:73:1A:A1:97:32:A9:A5:44:64:D8:12:53:34:86:DE:96:AE
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jR56cxqhlzKppURk2BJTNIbelq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6e:02:82:3d:f2:94:67:7b:ad:da:dd:00:48:da:9c:de:b2:66:
ca:ea:d0:69:a8:37:d4:3c:9e:22:a2:d8:ea:4f:59:35:38:22:
c9:e5:fe:42:e5:ca:93:b5:01:14:8f:ce:4e:08:33:89:6e:96:
17:dc:2f:82:a9:7e:89:45:37:2b:17:fb:56:00:43:59:f3:ac:
b9:31:d8:8f:5f:40:64:b8:4e:13:12:9a:c0:61:a1:8d:50:64:
db:9a:ff:9f:3a:14:e6:92:fc:16:2c:0a:86:1f:73:99:e0:6d:
26:09:48:6c:0c:57:a6:af:f2:ec:78:d3:e8:63:1d:3e:a1:b9:
54:8c:c8:18:5b:37:37:6d:b2:ca:dc:15:e5:24:80:ff:51:ee:
fd:c0:63:94:da:5d:bf:de:bd:9e:94:2b:74:d4:cd:95:27:04:
5a:66:59:1b:c4:95:61:be:27:8f:7a:40:fa:c0:00:ce:66:fa:
94:36:41:4f:d6:1c:fa:14:6f:7a:b2:1f:4e:12:8b:14:16:11:
46:8e:27:fb:66:73:2f:84:ba:17:13:c9:b5:5e:22:01:f0:6d:
cf:51:12:60:34:d7:6d:f8:aa:90:07:e1:74:bb:a7:25:e7:db:
1a:75:dc:9b:12:07:a5:d2:af:12:7f:d1:14:df:28:29:7c:10:
ea:80:aa:14
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3FVHC6KmHc2C60GrOU5e6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIwMDcwNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDFlN2E3MzFhYTE5NzMyYTlhNTQ0NjRkODEyNTMzNDg2ZGU5NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbjmCVGRY09ahXKPYgn7nNCjB4du
IV2vRdU6k8nBgeqoNgFZCNtKpMn5lhbiwKryxAYPsuhZI3q9y5Gy0p1P+ZU/xTig
CBmazWw72XL/TQc77wFhZI6Ys268hAfYzjPgUHyL7qr/kt5llTN/2XwylNzKiZv3
YJ9gOYNubcUD4HzH8E/nj0CV0scoAhuuN1bPEUCLMSuF7UMV5aEsTfWo2QAryp0G
zP5G4v9ClKC6Gq1RdzPCl8xSpcp5fwsAPbAroNrXguZBy0v1ttrgXWIBQ1WKMFx2
F12FOWoF1LkVv96PMkNruxxJx3D9POr+DQgN1kMk8rqGOza8Z3bHkahKgwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI0eenMaoZcyqaVEZNgSUzSG3pauMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvalI1NmN4cWhsektwcFVSazJCSlROSWJlbHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAG4Cgj3ylGd7rdrdAEja
nN6yZsrq0GmoN9Q8niKi2OpPWTU4Isnl/kLlypO1ARSPzk4IM4lulhfcL4KpfolF
NysX+1YAQ1nzrLkx2I9fQGS4ThMSmsBhoY1QZNua/586FOaS/BYsCoYfc5ngbSYJ
SGwMV6av8ux40+hjHT6huVSMyBhbNzdtssrcFeUkgP9R7v3AY5TaXb/evZ6UK3TU
zZUnBFpmWRvElWG+J496QPrAAM5m+pQ2QU/WHPoUb3qyH04SixQWEUaOJ/tmcy+E
uhcTybVeIgHwbc9REmA01234qpAH4XS7pyXn2xp13JsSB6XSrxJ/0RTfKCl8EOqA
qhQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:42 2025 by rpki-client