Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jiWMs5wl6fIhLO-8as5OMSltCWk.roa
File: jiWMs5wl6fIhLO-8as5OMSltCWk.roa (raw, json)
Hash identifier: FWi2KlzCLhfCsfngDL6vdcM8zK1kpJHmE6PnxTD25CU=
Subject key identifier: 8E:25:8C:B3:9C:25:E9:F2:21:2C:EF:BC:6A:CE:4E:31:29:6D:09:69
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D5DE7A8C71661B3F6847FC5E1FDD4AE68
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jiWMs5wl6fIhLO-8as5OMSltCWk.roa
Signing time: Wed 31 Jan 2024 05:04:39 +0000
ROA not before: Wed 31 Jan 2024 05:04:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:5de7:3a23/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5d:e7:a8:c7:16:61:b3:f6:84:7f:c5:e1:fd:d4:ae:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 31 05:04:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e258cb39c25e9f2212cefbc6ace4e31296d0969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b0:c1:16:35:74:8b:4c:b6:fe:51:f0:f9:f2:
c8:a9:41:1a:a9:3b:d8:0a:53:c6:67:6e:bd:66:55:
65:45:9a:c2:f0:01:e8:b6:c8:1c:88:c8:9d:ea:61:
0c:b0:ea:b4:ba:6f:7a:bd:92:1c:a9:d5:64:a6:a3:
d7:04:a6:f1:fe:72:d4:cc:2a:4b:7a:a1:6a:ae:4b:
74:e8:fb:1b:60:db:e3:86:02:af:f9:60:1d:38:1e:
0f:eb:ba:6a:76:17:f2:d0:e0:52:bd:99:31:5a:c7:
be:90:51:dc:8a:b5:f9:fc:c7:69:0d:72:57:2e:50:
b5:f1:80:cc:bd:5c:d0:2a:91:d2:22:67:a0:75:c2:
71:e3:01:d1:77:ca:36:d7:df:82:6c:36:3f:5c:42:
c9:1a:c7:c1:d8:30:c4:a2:d6:16:82:a9:09:bb:18:
13:a2:84:0c:31:9d:24:f8:8d:b7:2e:d2:9e:a6:d7:
24:f1:c8:c0:ae:77:23:17:ad:5a:a5:22:18:0f:af:
3b:b4:fe:e0:3f:bc:8f:e4:1a:6c:29:8e:3a:d0:62:
bf:e8:4f:c3:bf:24:e8:91:62:8e:1b:87:a8:f0:96:
ea:35:5c:30:f6:14:c7:73:22:6a:ca:5d:cc:85:e4:
2c:86:6c:d9:08:96:91:a0:8a:75:6b:71:5b:13:16:
d5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:25:8C:B3:9C:25:E9:F2:21:2C:EF:BC:6A:CE:4E:31:29:6D:09:69
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/jiWMs5wl6fIhLO-8as5OMSltCWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2c:7b:2f:5f:70:f5:ae:6a:53:ba:49:95:70:9e:65:01:26:e7:
51:9f:fb:28:02:5f:2e:e4:8f:f1:82:9d:dd:bd:f4:69:09:91:
0d:9f:bb:e4:2d:bb:49:78:93:d7:cb:1e:15:55:6f:5b:4f:99:
41:49:c7:67:7d:b3:72:af:30:b1:9a:f7:1f:2b:ac:2e:30:18:
f1:56:28:49:de:58:01:67:73:f1:7e:9c:0b:d0:82:00:90:27:
3c:33:1c:00:84:5b:2a:79:8a:5d:5b:16:cf:90:df:cb:e1:55:
12:df:83:77:2c:f9:b5:31:61:b0:1a:41:66:16:cb:ff:83:20:
84:83:11:1a:e1:c8:33:a2:1d:73:c9:f0:db:82:5f:8c:69:af:
04:e7:ac:5f:b9:77:22:e4:39:f3:4c:31:a4:c7:a4:1a:6c:28:
42:b3:b2:66:6c:ac:49:4c:ee:c7:63:cf:f9:0b:39:10:24:a2:
bf:6f:61:42:36:26:c7:f9:79:2b:3e:6f:c9:2b:52:01:2b:d4:
64:03:83:bc:cb:20:e2:de:72:9f:7d:c0:a8:9e:b5:83:b5:3f:
6e:9a:37:7f:e7:5e:2b:04:63:8d:96:99:73:96:c1:b7:57:59:
9f:6b:32:28:d1:09:94:8c:b3:cf:0c:3d:f7:d8:28:02:06:df:
64:ee:7f:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1d56jHFmGz9oR/xeH91K5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTMxMDUwNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTI1OGNiMzljMjVlOWYyMjEyY2VmYmM2YWNlNGUzMTI5NmQwOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LDBFjV0i0y2/lHw+fLIqUEaqTvY
ClPGZ269ZlVlRZrC8AHotsgciMid6mEMsOq0um96vZIcqdVkpqPXBKbx/nLUzCpL
eqFqrkt06PsbYNvjhgKv+WAdOB4P67pqdhfy0OBSvZkxWse+kFHcirX5/MdpDXJX
LlC18YDMvVzQKpHSImegdcJx4wHRd8o219+CbDY/XELJGsfB2DDEotYWgqkJuxgT
ooQMMZ0k+I23LtKeptck8cjArncjF61apSIYD687tP7gP7yP5BpsKY460GK/6E/D
vyTokWKOG4eo8JbqNVww9hTHcyJqyl3MheQshmzZCJaRoIp1a3FbExbVuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI4ljLOcJenyISzvvGrOTjEpbQlpMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvamlXTXM1d2w2ZkloTE8tOGFzNU9NU2x0Q1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACx7L19w9a5qU7pJlXCe
ZQEm51Gf+ygCXy7kj/GCnd299GkJkQ2fu+Qtu0l4k9fLHhVVb1tPmUFJx2d9s3Kv
MLGa9x8rrC4wGPFWKEneWAFnc/F+nAvQggCQJzwzHACEWyp5il1bFs+Q38vhVRLf
g3cs+bUxYbAaQWYWy/+DIISDERrhyDOiHXPJ8NuCX4xprwTnrF+5dyLkOfNMMaTH
pBpsKEKzsmZsrElM7sdjz/kLORAkor9vYUI2Jsf5eSs+b8krUgEr1GQDg7zLIOLe
cp99wKietYO1P26aN3/nXisEY42WmXOWwbdXWZ9rMijRCZSMs88MPffYKAIG32Tu
f8o=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:19:29 2025 by rpki-client