Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kYOh8bpwCco2Dd-NgxFO7HTXdBY.roa
File: kYOh8bpwCco2Dd-NgxFO7HTXdBY.roa (raw, json)
Hash identifier: uwVpDgKfULbF4NSadlspdZW1bj+/Xdd2ZlXBCgWyYQA=
Subject key identifier: 91:83:A1:F1:BA:70:09:CA:36:0D:DF:8D:83:11:4E:EC:74:D7:74:16
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E46F415C4F6A240B34802B8BAA4A222A3
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kYOh8bpwCco2Dd-NgxFO7HTXdBY.roa
Signing time: Sat 16 Mar 2024 11:09:45 +0000
ROA not before: Sat 16 Mar 2024 11:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:46:f4:15:c4:f6:a2:40:b3:48:02:b8:ba:a4:a2:22:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 16 11:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9183a1f1ba7009ca360ddf8d83114eec74d77416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:71:da:98:5a:0b:5c:31:a0:f1:b1:5c:3e:32:
77:fb:76:f5:3b:73:b3:dd:3d:f4:04:d1:9d:11:58:
2c:41:96:b4:0b:36:22:34:69:2f:1c:d0:e5:45:f3:
aa:17:e3:db:33:65:63:0f:18:e5:59:56:b6:51:04:
6d:4b:63:aa:22:72:30:4f:e9:74:7e:05:7a:7c:63:
1c:20:e0:8d:01:b6:31:e4:57:2f:b3:7b:e7:72:df:
16:74:6d:16:d8:32:12:af:86:21:b1:0a:ed:7f:bb:
81:b8:0c:b1:3a:60:f8:03:a4:fa:7e:97:80:97:2d:
37:b7:5e:c0:58:5e:6e:61:bf:19:41:8f:91:11:39:
bc:16:63:69:15:6b:d8:15:9e:7e:6f:d0:35:7e:62:
3b:4b:64:87:15:75:09:4a:c0:bd:9e:4f:6f:3a:2e:
c5:e8:3b:6a:c2:33:c4:ce:a3:1d:11:a1:95:f5:23:
ca:56:01:7b:bb:52:9b:3d:30:41:e5:e5:da:c9:f5:
03:1e:5d:04:b8:ca:3b:95:04:dd:13:3e:df:e1:9f:
61:44:08:47:9b:cd:ee:98:1e:41:d3:57:9a:49:51:
0e:b5:52:94:cc:8a:af:ce:63:5a:99:f7:38:dd:8c:
3b:20:b2:24:41:19:63:32:8f:aa:b1:9c:ac:09:f6:
df:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:83:A1:F1:BA:70:09:CA:36:0D:DF:8D:83:11:4E:EC:74:D7:74:16
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/kYOh8bpwCco2Dd-NgxFO7HTXdBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:2f:9e:5b:fc:2b:4f:b3:21:00:ba:7e:b5:9c:bb:74:7e:66:
0e:75:c0:b9:ed:8b:6b:de:c2:18:3f:af:1a:3a:1c:c1:3f:a9:
e8:b7:4a:59:a2:4c:e5:bb:35:85:22:eb:c5:5b:16:d6:a8:2c:
76:f7:67:fb:ab:92:75:34:a4:a5:90:8f:18:45:79:f6:3d:3e:
79:3f:be:a0:1f:06:56:2d:55:d2:6a:9d:72:92:f6:59:fe:cb:
1a:41:74:3e:59:01:cd:6c:4e:05:0a:52:43:ce:94:12:6b:11:
f2:02:0f:ec:90:09:0d:af:b8:52:21:ab:a1:a5:0d:2f:7a:01:
68:e7:36:04:c8:ff:56:a4:98:c4:f3:f7:18:89:a7:ff:f5:40:
d3:d4:2f:80:15:d3:6f:63:48:e4:09:22:51:e9:1f:d2:a6:0c:
79:2a:bf:ad:9c:50:6e:0d:f1:ed:13:86:50:32:3f:89:51:4b:
87:b2:7b:0d:29:36:04:13:0c:e4:af:86:ee:a9:29:b1:b0:66:
43:3a:3d:2e:fb:52:3f:2d:45:f1:02:8a:67:e7:e4:7d:64:5b:
6f:15:37:9d:4f:81:90:18:52:93:25:a8:83:6a:89:35:85:ca:
40:f2:f1:77:67:8c:0c:17:37:ac:17:eb:a5:c2:23:7e:09:3b:
23:6e:0b:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5G9BXE9qJAs0gCuLqkoiKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE2MTEwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTgzYTFmMWJhNzAwOWNhMzYwZGRmOGQ4MzExNGVlYzc0ZDc3NDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnHamFoLXDGg8bFcPjJ3+3b1O3Oz
3T30BNGdEVgsQZa0CzYiNGkvHNDlRfOqF+PbM2VjDxjlWVa2UQRtS2OqInIwT+l0
fgV6fGMcIOCNAbYx5Fcvs3vnct8WdG0W2DISr4YhsQrtf7uBuAyxOmD4A6T6fpeA
ly03t17AWF5uYb8ZQY+RETm8FmNpFWvYFZ5+b9A1fmI7S2SHFXUJSsC9nk9vOi7F
6DtqwjPEzqMdEaGV9SPKVgF7u1KbPTBB5eXayfUDHl0EuMo7lQTdEz7f4Z9hRAhH
m83umB5B01eaSVEOtVKUzIqvzmNamfc43Yw7ILIkQRljMo+qsZysCfbf9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJGDofG6cAnKNg3fjYMRTux013QWMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva1lPaDhicHdDY28yRGQtTmd4Rk83SFRYZEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFAvnlv8K0+zIQC6frWc
u3R+Zg51wLnti2vewhg/rxo6HME/qei3SlmiTOW7NYUi68VbFtaoLHb3Z/urknU0
pKWQjxhFefY9Pnk/vqAfBlYtVdJqnXKS9ln+yxpBdD5ZAc1sTgUKUkPOlBJrEfIC
D+yQCQ2vuFIhq6GlDS96AWjnNgTI/1akmMTz9xiJp//1QNPUL4AV029jSOQJIlHp
H9KmDHkqv62cUG4N8e0ThlAyP4lRS4eyew0pNgQTDOSvhu6pKbGwZkM6PS77Uj8t
RfECimfn5H1kW28VN51PgZAYUpMlqINqiTWFykDy8XdnjAwXN6wX66XCI34JOyNu
C0s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:16 2025 by rpki-client