Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/krAyCZGRqRPwIs5DmanHYDRf7TE.roa
File: krAyCZGRqRPwIs5DmanHYDRf7TE.roa (raw, json)
Hash identifier: pMpd8VCe8ze5O6jQ7MGyffnDDtcslfvGtpqK+TNRqRE=
Subject key identifier: 92:B0:32:09:91:91:A9:13:F0:22:CE:43:99:A9:C7:60:34:5F:ED:31
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E78BFE25D4BC7CEBDBE64C150E84C32B9
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/krAyCZGRqRPwIs5DmanHYDRf7TE.roa
Signing time: Tue 26 Mar 2024 03:13:45 +0000
ROA not before: Tue 26 Mar 2024 03:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:78:bf:e2:5d:4b:c7:ce:bd:be:64:c1:50:e8:4c:32:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 26 03:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92b032099191a913f022ce4399a9c760345fed31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:04:a0:bd:d6:53:55:d4:d7:28:a2:e2:26:74:
e9:72:16:b8:d8:63:59:63:2d:ff:6f:96:65:66:c5:
a1:2e:1e:74:ca:59:86:8f:e9:24:b2:0e:5b:38:6d:
2f:12:6d:59:23:01:b2:9d:ce:96:16:f4:7c:d1:b5:
c8:e2:10:54:6b:f2:85:37:a7:ac:5e:06:00:cf:67:
33:b1:b2:39:ef:a4:08:c0:96:da:d3:3e:45:d0:87:
c7:a7:d7:39:34:0f:58:b2:c7:bc:f2:11:3b:7e:d4:
dd:24:96:c7:c9:a7:80:a4:3f:fe:f5:c0:7a:bb:aa:
d3:a7:a1:7b:a6:67:f2:39:fe:8e:bb:4d:0f:19:76:
30:82:0f:ff:7e:aa:b4:3e:0e:fc:8a:a9:5c:7c:e8:
61:19:cb:4f:51:f1:9a:86:b8:d7:c8:c9:53:2f:79:
9e:d3:9e:12:fb:13:c7:09:b7:e4:6c:38:95:62:e5:
9d:64:6a:35:22:5b:ac:e8:83:c3:63:9e:4d:d7:46:
02:57:e1:b1:8c:63:a3:0b:20:d4:d6:11:75:d9:3a:
45:22:22:d5:0d:f1:ff:9e:39:34:28:50:e2:17:51:
5f:5e:79:45:c2:bb:ed:fa:ba:03:49:85:9d:69:12:
21:b4:d1:53:f0:3b:aa:ba:b5:ad:dc:f7:80:32:ef:
cf:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B0:32:09:91:91:A9:13:F0:22:CE:43:99:A9:C7:60:34:5F:ED:31
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/krAyCZGRqRPwIs5DmanHYDRf7TE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
86:69:c3:d0:7f:55:a2:32:b9:38:46:ae:91:a6:53:b1:de:d3:
49:10:13:c9:1c:45:91:cb:c3:77:41:c7:5c:9f:b5:4d:89:3d:
a7:5e:32:cf:9a:69:c3:85:2c:a5:ba:25:cc:5a:7c:99:d0:ec:
84:25:ea:2d:d7:9a:8b:d6:db:75:02:a1:32:75:e1:ab:78:06:
b3:cf:fa:b6:6c:50:b1:1f:b9:35:da:c9:f3:50:aa:7f:32:ca:
ec:4c:bb:3e:66:83:84:d2:97:c2:19:05:6a:8c:f3:24:09:aa:
b3:9e:d7:74:1e:49:0a:69:fc:0d:c6:02:0d:50:8d:58:d6:cc:
cc:47:f5:b0:c9:f0:01:cc:cb:d0:c8:fd:ea:d9:14:b2:25:78:
e3:86:38:cf:38:4e:44:70:f7:f9:a1:30:0c:7f:97:d3:ff:33:
69:ae:7e:75:d6:2f:60:93:b2:77:2b:ce:19:bd:75:36:1f:62:
c3:db:41:26:2b:55:04:bb:30:c8:dd:8d:5a:59:05:fd:5c:93:
67:31:68:6e:87:1e:e4:e3:45:1d:b5:3f:b1:3f:b3:26:5e:4c:
01:d4:06:07:ef:25:b1:ad:4b:26:8b:1f:53:39:49:7c:f9:98:
84:cd:67:5f:5d:38:f3:a3:c6:a9:ce:5f:30:a0:d4:56:c3:e8:
11:c9:d4:0f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY54v+JdS8fOvb5kwVDoTDK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzI2MDMxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmIwMzIwOTkxOTFhOTEzZjAyMmNlNDM5OWE5Yzc2MDM0NWZlZDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQSgvdZTVdTXKKLiJnTpcha42GNZ
Yy3/b5ZlZsWhLh50ylmGj+kksg5bOG0vEm1ZIwGync6WFvR80bXI4hBUa/KFN6es
XgYAz2czsbI576QIwJba0z5F0IfHp9c5NA9Ysse88hE7ftTdJJbHyaeApD/+9cB6
u6rTp6F7pmfyOf6Ou00PGXYwgg//fqq0Pg78iqlcfOhhGctPUfGahrjXyMlTL3me
054S+xPHCbfkbDiVYuWdZGo1Ilus6IPDY55N10YCV+GxjGOjCyDU1hF12TpFIiLV
DfH/njk0KFDiF1FfXnlFwrvt+roDSYWdaRIhtNFT8DuqurWt3PeAMu/PnwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJKwMgmRkakT8CLOQ5mpx2A0X+0xMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEva3JBeUNaR1JxUlB3SXM1RG1hbkhZRFJmN1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIZpw9B/VaIyuThGrpGm
U7He00kQE8kcRZHLw3dBx1yftU2JPadeMs+aacOFLKW6JcxafJnQ7IQl6i3XmovW
23UCoTJ14at4BrPP+rZsULEfuTXayfNQqn8yyuxMuz5mg4TSl8IZBWqM8yQJqrOe
13QeSQpp/A3GAg1QjVjWzMxH9bDJ8AHMy9DI/erZFLIleOOGOM84TkRw9/mhMAx/
l9P/M2mufnXWL2CTsncrzhm9dTYfYsPbQSYrVQS7MMjdjVpZBf1ck2cxaG6HHuTj
RR21P7E/syZeTAHUBgfvJbGtSyaLH1M5SXz5mITNZ19dOPOjxqnOXzCg1FbD6BHJ
1A8=
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:41 2025 by rpki-client