Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lT0mg9MtVhy08JIUvREJl1k7vCY.roa
File: lT0mg9MtVhy08JIUvREJl1k7vCY.roa (raw, json)
Hash identifier: onRM1OzMIYAGqRZe1xg0C2eQKAi/3f1LI2SHH9jsWu8=
Subject key identifier: 95:3D:26:83:D3:2D:56:1C:B4:F0:92:14:BD:11:09:97:59:3B:BC:26
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C954F19AF4AF6BB236BF74F89B0E75C47
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lT0mg9MtVhy08JIUvREJl1k7vCY.roa
Signing time: Sat 23 Dec 2023 06:13:58 +0000
ROA not before: Sat 23 Dec 2023 06:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:95:4f:19:af:4a:f6:bb:23:6b:f7:4f:89:b0:e7:5c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 06:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=953d2683d32d561cb4f09214bd110997593bbc26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b1:1f:1e:47:cc:e4:5a:f8:9d:09:d1:d8:16:
46:05:47:db:b0:8a:b3:45:9b:85:34:d1:a1:4a:02:
92:b2:9d:41:1a:51:82:55:da:31:93:32:b1:a6:df:
16:6f:7c:a9:3d:8d:67:eb:64:aa:01:00:15:90:9e:
3a:97:fd:ae:cd:23:5f:af:3f:0d:84:68:21:bb:bb:
c2:68:85:d9:f0:53:25:48:23:8e:14:ae:22:96:ec:
d4:40:4c:cf:2f:1f:47:a6:41:df:15:bf:4a:b2:3d:
d5:c4:6e:e5:fc:fe:3d:67:79:fb:37:11:4e:b6:10:
f0:ef:0f:51:85:c9:9a:1f:59:81:f3:1a:f4:20:28:
f7:8f:35:75:35:f0:bc:ac:f0:b6:01:b9:8a:00:c7:
a6:b5:66:f1:f0:5c:fe:19:54:9e:4e:89:7e:79:a0:
64:7d:88:0f:63:d1:22:b2:a4:cc:c0:05:c4:99:77:
b7:e4:12:8d:7d:87:96:ec:1e:4d:35:93:9b:eb:bc:
83:f8:f1:fd:73:21:cf:9c:87:25:6f:2d:28:18:bd:
30:57:41:2b:cf:30:22:ea:e3:42:a3:24:7e:f8:b1:
31:68:19:7d:28:e2:1a:1f:61:27:b0:da:4b:4e:da:
e4:01:e4:3b:97:36:88:15:70:46:11:80:29:69:98:
67:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:3D:26:83:D3:2D:56:1C:B4:F0:92:14:BD:11:09:97:59:3B:BC:26
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lT0mg9MtVhy08JIUvREJl1k7vCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:d5:93:62:d4:15:78:3a:5b:8d:b3:d0:28:88:53:61:d6:b8:
ff:f2:9c:76:7f:61:84:0c:0a:e8:6f:88:9a:6d:8f:de:e0:b3:
f2:09:5e:c9:dd:88:a2:b4:1b:25:18:da:b3:f8:d9:dc:f0:84:
29:79:c4:ca:ad:af:d0:d5:6b:19:c0:9c:14:b1:40:b3:e4:ad:
f6:4d:6f:d7:56:8e:32:e7:7c:13:d0:32:ca:9f:80:d2:28:3f:
f6:a8:5a:18:d2:8c:0f:3b:52:68:43:9a:dc:f5:a5:32:91:f6:
90:5b:93:ea:5f:0e:99:dd:33:fc:a1:51:56:f2:90:e1:e8:9e:
f1:8d:01:2c:e5:2a:66:19:5c:9a:7c:83:16:6c:7f:71:c1:87:
ef:84:48:bc:30:32:64:9a:9b:e4:ee:3c:ab:10:df:bc:42:96:
41:a5:53:ce:1b:17:31:45:5b:d0:fe:35:64:87:0c:23:61:00:
dc:a2:00:1e:02:ee:cf:6a:ed:c8:b6:e7:ec:56:60:14:18:6a:
b3:ab:86:ed:9f:48:32:71:3c:e8:fd:f5:05:04:a9:16:3d:93:
cc:d8:d9:6a:8f:db:3b:e9:e5:b1:7d:14:3b:3c:97:fb:ca:d7:
78:61:2a:52:2c:91:22:61:89:1f:24:6e:c9:e1:6f:54:4e:29:
b4:08:d5:93
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyVTxmvSva7I2v3T4mw51xHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMDYxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTNkMjY4M2QzMmQ1NjFjYjRmMDkyMTRiZDExMDk5NzU5M2JiYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbEfHkfM5Fr4nQnR2BZGBUfbsIqz
RZuFNNGhSgKSsp1BGlGCVdoxkzKxpt8Wb3ypPY1n62SqAQAVkJ46l/2uzSNfrz8N
hGghu7vCaIXZ8FMlSCOOFK4iluzUQEzPLx9HpkHfFb9Ksj3VxG7l/P49Z3n7NxFO
thDw7w9RhcmaH1mB8xr0ICj3jzV1NfC8rPC2AbmKAMemtWbx8Fz+GVSeTol+eaBk
fYgPY9EisqTMwAXEmXe35BKNfYeW7B5NNZOb67yD+PH9cyHPnIclby0oGL0wV0Er
zzAi6uNCoyR++LExaBl9KOIaH2EnsNpLTtrkAeQ7lzaIFXBGEYApaZhncwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJU9JoPTLVYctPCSFL0RCZdZO7wmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbFQwbWc5TXRWaHkwOEpJVXZSRUpsMWs3dkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAELVk2LUFXg6W42z0CiI
U2HWuP/ynHZ/YYQMCuhviJptj97gs/IJXsndiKK0GyUY2rP42dzwhCl5xMqtr9DV
axnAnBSxQLPkrfZNb9dWjjLnfBPQMsqfgNIoP/aoWhjSjA87UmhDmtz1pTKR9pBb
k+pfDpndM/yhUVbykOHonvGNASzlKmYZXJp8gxZsf3HBh++ESLwwMmSam+TuPKsQ
37xClkGlU84bFzFFW9D+NWSHDCNhANyiAB4C7s9q7ci25+xWYBQYarOrhu2fSDJx
POj99QUEqRY9k8zY2WqP2zvp5bF9FDs8l/vK13hhKlIskSJhiR8kbsnhb1ROKbQI
1ZM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:11 2025 by rpki-client