Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/joUZ0GpEVJxxXyJezBW_72iv9UU.roa
File: joUZ0GpEVJxxXyJezBW_72iv9UU.roa (raw, json)
Hash identifier: jTOHKyUbTBEaBBcWCdZcuydxnaw6aPz1CAWRVMDkOHA=
Subject key identifier: 8E:85:19:D0:6A:44:54:9C:71:5F:22:5E:CC:15:BF:EF:68:AF:F5:45
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CE77BEFA196C5B77402E2A9D09A453C51
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/joUZ0GpEVJxxXyJezBW_72iv9UU.roa
Signing time: Mon 08 Jan 2024 05:11:48 +0000
ROA not before: Mon 08 Jan 2024 05:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e7:7b:ef:a1:96:c5:b7:74:02:e2:a9:d0:9a:45:3c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 8 05:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8e8519d06a44549c715f225ecc15bfef68aff545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:bd:17:0c:94:9c:bf:15:30:33:f1:f9:46:a8:
b8:9a:e5:d0:24:57:69:58:f0:cc:a9:24:39:da:e9:
4c:07:98:b1:1a:4d:89:f5:17:dd:89:f4:fe:30:f8:
85:36:8c:3a:60:21:0f:87:e2:d6:77:da:ab:92:45:
ea:69:1a:5c:99:97:8e:5e:0b:78:94:c9:07:c3:79:
00:7d:ac:f0:39:0e:03:13:36:b9:97:24:02:29:d8:
d2:66:3f:3b:a6:87:8b:22:22:95:66:a9:82:c1:aa:
48:32:b4:12:69:0a:f9:6f:fb:a2:5a:8e:1c:b9:66:
cd:0f:97:9f:32:f2:ca:b6:60:de:d3:4c:a9:4b:15:
0c:fc:f8:8e:70:6c:b3:ed:7c:0c:fa:28:ca:e1:77:
fb:f2:7e:05:3f:4d:b8:ea:13:32:ff:dc:db:ea:5b:
26:49:6d:02:b4:c4:f5:ca:99:6b:19:d9:b4:66:20:
59:bc:b5:58:95:43:0b:94:4a:b4:d3:d4:45:03:f4:
fc:45:65:0a:b0:0b:c9:f1:5b:d7:ec:28:43:73:69:
03:e2:2f:23:06:10:fe:90:76:1d:65:c6:8e:81:6a:
ab:a6:1d:e1:d2:74:a0:99:fc:ca:71:e7:dc:6f:24:
68:10:94:96:a5:7b:a8:20:4f:40:bc:48:00:9f:92:
61:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:85:19:D0:6A:44:54:9C:71:5F:22:5E:CC:15:BF:EF:68:AF:F5:45
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/joUZ0GpEVJxxXyJezBW_72iv9UU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:de:ef:d3:04:e4:05:f2:09:61:6f:e4:c7:7c:b9:0b:f1:1e:
55:db:ac:8e:2f:a5:c1:5c:f5:30:b1:75:7f:f5:a5:ac:f4:77:
3a:44:09:69:cb:51:13:d2:9c:75:0c:d7:f7:81:cb:45:df:0e:
a7:f7:6a:b4:63:e3:53:7a:b7:9d:78:b0:22:de:22:75:2e:2d:
d1:cd:6a:65:48:9d:47:11:d4:ab:47:15:d5:ec:0e:cc:95:e6:
44:50:26:0b:66:73:bc:b6:21:33:42:5d:cc:50:8d:b1:07:67:
d2:5c:d0:61:13:00:a0:f5:ed:e7:81:0c:29:55:2e:f2:dd:14:
07:8d:8d:be:37:86:ee:99:34:9e:18:40:7e:b8:1b:60:ed:91:
c8:08:ef:e5:a6:8c:ee:3f:d8:29:0e:33:08:3c:df:bc:ef:47:
09:a2:bf:99:ee:2c:79:9c:f6:22:56:30:a4:03:70:4e:e5:a6:
7a:c1:87:b4:6a:d5:e1:c8:3d:34:4e:97:4f:76:da:62:97:df:
03:31:b5:84:16:18:91:ad:6a:74:3c:12:e5:ec:f8:1d:d2:f8:
fc:03:47:48:c1:22:86:42:7b:47:48:51:e0:c0:a1:c2:91:6b:
17:7a:34:8c:3d:c8:47:e8:48:e1:7f:8f:c6:e2:07:87:68:54:
59:cf:43:67
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzne++hlsW3dALiqdCaRTxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA4MDUxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTg1MTlkMDZhNDQ1NDljNzE1ZjIyNWVjYzE1YmZlZjY4YWZmNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb0XDJScvxUwM/H5Rqi4muXQJFdp
WPDMqSQ52ulMB5ixGk2J9RfdifT+MPiFNow6YCEPh+LWd9qrkkXqaRpcmZeOXgt4
lMkHw3kAfazwOQ4DEza5lyQCKdjSZj87poeLIiKVZqmCwapIMrQSaQr5b/uiWo4c
uWbND5efMvLKtmDe00ypSxUM/PiOcGyz7XwM+ijK4Xf78n4FP0246hMy/9zb6lsm
SW0CtMT1yplrGdm0ZiBZvLVYlUMLlEq009RFA/T8RWUKsAvJ8VvX7ChDc2kD4i8j
BhD+kHYdZcaOgWqrph3h0nSgmfzKcefcbyRoEJSWpXuoIE9AvEgAn5JhCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFI6FGdBqRFSccV8iXswVv+9or/VFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvam9VWjBHcEVWSnh4WHlKZXpCV183Mml2OVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABre79ME5AXyCWFv5Md8
uQvxHlXbrI4vpcFc9TCxdX/1paz0dzpECWnLURPSnHUM1/eBy0XfDqf3arRj41N6
t514sCLeInUuLdHNamVInUcR1KtHFdXsDsyV5kRQJgtmc7y2ITNCXcxQjbEHZ9Jc
0GETAKD17eeBDClVLvLdFAeNjb43hu6ZNJ4YQH64G2DtkcgI7+WmjO4/2CkOMwg8
37zvRwmiv5nuLHmc9iJWMKQDcE7lpnrBh7Rq1eHIPTROl0922mKX3wMxtYQWGJGt
anQ8EuXs+B3S+PwDR0jBIoZCe0dIUeDAocKRaxd6NIw9yEfoSOF/j8biB4doVFnP
Q2c=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:26 2025 by rpki-client