Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lW3uBtb_O65G_RmbhM9hyK3hBIU.roa
File: lW3uBtb_O65G_RmbhM9hyK3hBIU.roa (raw, json)
Hash identifier: Z6Iba2vKJjIzktT2njtbylosJyJzbzOo8IfVvmI7cwg=
Subject key identifier: 95:6D:EE:06:D6:FF:3B:AE:46:FD:19:9B:84:CF:61:C8:AD:E1:04:85
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBF5DB39060DBBA5AE8C30644E92687A0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lW3uBtb_O65G_RmbhM9hyK3hBIU.roa
Signing time: Sun 31 Dec 2023 10:13:58 +0000
ROA not before: Sun 31 Dec 2023 10:13:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bf:5d:b3:90:60:db:ba:5a:e8:c3:06:44:e9:26:87:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 31 10:13:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=956dee06d6ff3bae46fd199b84cf61c8ade10485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a8:60:6a:c6:18:87:cf:ae:46:07:33:0d:06:
b6:1e:20:78:ad:48:94:ea:f2:6e:09:23:ca:7c:41:
40:9b:9a:68:48:03:d0:fa:41:11:76:5a:4f:55:f6:
31:17:76:77:74:1c:d2:c3:a7:62:96:70:72:c8:ec:
07:8c:81:f3:6c:4c:4a:f0:6a:7a:44:77:95:34:d1:
6a:ae:78:12:9e:fc:87:97:a0:83:71:1c:c6:cf:76:
79:98:d4:48:74:7c:f4:03:bf:f7:57:b7:cb:e5:b1:
98:63:ad:ee:ed:88:65:de:85:e9:e6:dd:64:9f:b2:
93:d9:b6:bc:6d:e6:a6:90:43:55:2a:dd:ad:f7:ef:
04:e2:a1:69:93:0d:3a:84:83:ed:cb:a8:e4:5c:33:
09:18:5c:63:cc:d4:93:45:c8:92:8f:5d:e8:2d:63:
b8:eb:c2:ac:99:e4:51:17:51:1f:24:76:f0:fd:9a:
33:62:45:03:04:bf:46:63:a4:f4:ed:4c:af:32:36:
42:4f:c4:4e:00:f2:a1:c0:a6:d4:40:d8:47:ce:ce:
15:c8:a4:ce:41:08:9b:48:45:71:fb:c1:b1:a9:50:
a3:61:8f:0c:bb:86:b1:77:ab:f8:33:a2:d4:e8:8e:
f4:84:e7:bd:fd:d9:83:b7:26:45:32:56:9e:9a:24:
33:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6D:EE:06:D6:FF:3B:AE:46:FD:19:9B:84:CF:61:C8:AD:E1:04:85
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lW3uBtb_O65G_RmbhM9hyK3hBIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
6c:35:0b:76:6c:10:f8:70:a6:8c:c4:e1:67:f0:98:e2:58:d4:
eb:77:9f:b2:cf:7c:eb:ab:0b:01:b2:1b:36:79:94:81:31:0a:
27:70:11:22:d5:14:59:77:38:7f:bf:fa:8b:62:10:78:0c:bd:
35:0e:e1:a4:79:9d:0c:93:64:eb:8d:6f:f1:2a:ec:bc:11:c4:
0c:e8:a8:b2:cd:8d:8c:65:64:53:10:10:07:07:57:15:cb:bf:
e2:f5:77:35:2e:88:97:e8:2c:b0:ae:b1:ec:74:01:5c:ff:d5:
32:71:c9:8e:cb:39:6a:82:94:ba:e7:cc:16:66:70:ed:04:42:
e2:58:ed:d9:85:3c:5a:29:73:9e:bd:3d:9f:13:9c:84:1e:10:
3b:f5:fe:21:e6:17:da:9f:42:b0:a8:46:c5:69:13:00:e2:ea:
21:98:48:f1:00:0e:fb:7e:40:d7:69:90:02:17:3a:16:5e:d8:
84:f7:a5:04:1b:73:72:59:8d:fb:6a:74:87:23:6c:f6:1c:e5:
0f:1f:90:e2:8a:56:ee:29:5a:c0:31:5b:79:65:d1:93:c0:e9:
dc:fd:1e:bb:80:d3:90:d9:09:bb:eb:66:e0:3e:6a:e0:d8:f1:
40:4a:57:d9:67:4c:3f:0e:b6:8e:3b:c0:7c:7a:fa:b9:ff:15:
ad:41:db:e6
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy/XbOQYNu6WujDBkTpJoegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMxMTAxMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZkZWUwNmQ2ZmYzYmFlNDZmZDE5OWI4NGNmNjFjOGFkZTEwNDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqhgasYYh8+uRgczDQa2HiB4rUiU
6vJuCSPKfEFAm5poSAPQ+kERdlpPVfYxF3Z3dBzSw6dilnByyOwHjIHzbExK8Gp6
RHeVNNFqrngSnvyHl6CDcRzGz3Z5mNRIdHz0A7/3V7fL5bGYY63u7Yhl3oXp5t1k
n7KT2ba8beamkENVKt2t9+8E4qFpkw06hIPty6jkXDMJGFxjzNSTRciSj13oLWO4
68KsmeRRF1EfJHbw/ZozYkUDBL9GY6T07UyvMjZCT8ROAPKhwKbUQNhHzs4VyKTO
QQibSEVx+8GxqVCjYY8Mu4axd6v4M6LU6I70hOe9/dmDtyZFMlaemiQzZwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJVt7gbW/zuuRv0Zm4TPYcit4QSFMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbFczdUJ0Yl9PNjVHX1JtYmhNOWh5SzNoQklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGw1C3ZsEPhwpozE4Wfw
mOJY1Ot3n7LPfOurCwGyGzZ5lIExCidwESLVFFl3OH+/+otiEHgMvTUO4aR5nQyT
ZOuNb/Eq7LwRxAzoqLLNjYxlZFMQEAcHVxXLv+L1dzUuiJfoLLCusex0AVz/1TJx
yY7LOWqClLrnzBZmcO0EQuJY7dmFPFopc569PZ8TnIQeEDv1/iHmF9qfQrCoRsVp
EwDi6iGYSPEADvt+QNdpkAIXOhZe2IT3pQQbc3JZjftqdIcjbPYc5Q8fkOKKVu4p
WsAxW3ll0ZPA6dz9HruA05DZCbvrZuA+auDY8UBKV9lnTD8Oto47wHx6+rn/Fa1B
2+Y=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:33 2025 by rpki-client