Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/l4-KiumZoZ7oqLpsqHTY_Dq8Qv0.roa
File: l4-KiumZoZ7oqLpsqHTY_Dq8Qv0.roa (raw, json)
Hash identifier: aWbHxOTajytu10SliGwbBRZn12zc2T7IceJYrz3CnQw=
Subject key identifier: 97:8F:8A:8A:E9:99:A1:9E:E8:A8:BA:6C:A8:74:D8:FC:3A:BC:42:FD
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E569FEC0533173BF8B7D59C3AFCBCCE25
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/l4-KiumZoZ7oqLpsqHTY_Dq8Qv0.roa
Signing time: Tue 19 Mar 2024 12:11:44 +0000
ROA not before: Tue 19 Mar 2024 12:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:9f:ec:05:33:17:3b:f8:b7:d5:9c:3a:fc:bc:ce:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 19 12:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=978f8a8ae999a19ee8a8ba6ca874d8fc3abc42fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:bc:9a:52:ce:c9:42:7b:3c:15:e9:94:cd:91:
40:39:cc:07:8f:3f:7f:c3:02:7f:8b:0d:41:7d:3e:
88:35:ed:42:74:fe:6b:15:2e:3b:cb:d4:60:36:b9:
64:65:5b:17:74:29:bb:40:1c:94:ba:6d:17:35:b9:
68:15:75:54:7b:90:f4:68:c0:42:3c:78:c6:ab:1c:
84:f7:9e:ea:1d:36:d7:b0:e8:92:9a:91:b8:c4:e4:
ec:8c:44:e3:3c:92:72:c2:21:71:4c:9f:32:e0:9c:
68:a4:8f:09:25:dc:b6:00:97:89:ba:3d:71:18:56:
6f:ed:e5:6a:79:f6:89:ce:9a:58:3d:66:11:da:60:
73:a3:a9:2a:c7:9a:82:ea:8f:9c:55:e6:90:a2:ee:
be:a3:92:7f:d7:32:a6:bc:36:64:df:f1:da:87:5c:
7c:f7:02:3d:21:03:8e:1d:b3:76:ed:ee:63:70:3f:
de:f5:a3:b3:b1:fa:0a:6e:79:ba:a8:19:0d:45:91:
2d:4a:36:ba:4e:4e:c1:84:fd:74:5b:b7:94:9d:9d:
62:b3:2d:16:f6:61:39:3c:68:47:bc:0f:dc:a3:3c:
b0:1a:15:64:40:17:5e:31:3a:52:49:f3:e8:58:17:
c8:54:c1:24:a1:75:89:99:45:4c:84:12:6c:90:a8:
e4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:8F:8A:8A:E9:99:A1:9E:E8:A8:BA:6C:A8:74:D8:FC:3A:BC:42:FD
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/l4-KiumZoZ7oqLpsqHTY_Dq8Qv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7f:c6:05:5f:bf:82:10:67:9d:11:82:1c:ac:3f:f1:04:75:80:
97:8b:8b:48:b7:48:17:d7:14:6f:20:27:d4:d2:1f:46:49:12:
09:50:29:d6:d7:d3:17:7e:0d:a2:b4:fe:c4:f4:d0:59:fe:7a:
b9:b3:3e:98:85:c7:55:34:6d:e7:70:8c:9f:16:bb:f8:fb:8a:
e4:28:74:2a:12:4f:5e:0e:94:84:37:a2:d5:11:2d:a7:86:f9:
2d:d0:7c:ec:c6:0c:bb:a9:cf:9f:e1:a7:7a:f3:99:43:a6:4a:
96:49:fb:c6:af:f0:19:2a:1e:44:ed:24:33:1e:be:78:68:4b:
bb:65:a4:23:55:5d:01:56:f3:01:95:49:ee:53:c7:5b:45:56:
95:3f:f7:9a:0a:85:61:be:ed:63:a5:3b:4e:25:5b:fc:64:72:
bc:7f:ac:7d:02:65:22:78:a2:5b:90:4a:2c:0b:df:51:2c:94:
53:de:ce:a9:3f:10:17:57:bc:d9:fe:39:8d:19:7a:8d:cb:c4:
dc:7c:3b:27:38:14:3a:26:59:7a:75:b6:48:43:02:52:ac:38:
af:cb:44:ea:71:38:53:46:3b:f2:9f:e3:6c:52:fa:1f:89:d3:
45:56:4b:67:b5:5f:dd:51:f3:f2:a4:7e:55:8a:3f:5f:70:0d:
ee:e6:f4:85
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5Wn+wFMxc7+LfVnDr8vM4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzE5MTIxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzhmOGE4YWU5OTlhMTllZThhOGJhNmNhODc0ZDhmYzNhYmM0MmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67yaUs7JQns8FemUzZFAOcwHjz9/
wwJ/iw1BfT6INe1CdP5rFS47y9RgNrlkZVsXdCm7QByUum0XNbloFXVUe5D0aMBC
PHjGqxyE957qHTbXsOiSmpG4xOTsjETjPJJywiFxTJ8y4JxopI8JJdy2AJeJuj1x
GFZv7eVqefaJzppYPWYR2mBzo6kqx5qC6o+cVeaQou6+o5J/1zKmvDZk3/Hah1x8
9wI9IQOOHbN27e5jcD/e9aOzsfoKbnm6qBkNRZEtSja6Tk7BhP10W7eUnZ1isy0W
9mE5PGhHvA/cozywGhVkQBdeMTpSSfPoWBfIVMEkoXWJmUVMhBJskKjkDQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJePiorpmaGe6Ki6bKh02Pw6vEL9MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbDQtS2l1bVpvWjdvcUxwc3FIVFlfRHE4UXYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAH/GBV+/ghBnnRGCHKw/
8QR1gJeLi0i3SBfXFG8gJ9TSH0ZJEglQKdbX0xd+DaK0/sT00Fn+ermzPpiFx1U0
bedwjJ8Wu/j7iuQodCoST14OlIQ3otURLaeG+S3QfOzGDLupz5/hp3rzmUOmSpZJ
+8av8BkqHkTtJDMevnhoS7tlpCNVXQFW8wGVSe5Tx1tFVpU/95oKhWG+7WOlO04l
W/xkcrx/rH0CZSJ4oluQSiwL31EslFPezqk/EBdXvNn+OY0Zeo3LxNx8Oyc4FDom
WXp1tkhDAlKsOK/LROpxOFNGO/Kf42xS+h+J00VWS2e1X91R8/KkflWKP19wDe7m
9IU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:04 2025 by rpki-client