Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lWHpe4QMGED7xKEytZ_Y1PvQLe0.roa
File: lWHpe4QMGED7xKEytZ_Y1PvQLe0.roa (raw, json)
Hash identifier: HUxig7ZKTSQD9+PSRrGcK2lEzqL+PLX2ar4TUIRSXow=
Subject key identifier: 95:61:E9:7B:84:0C:18:40:FB:C4:A1:32:B5:9F:D8:D4:FB:D0:2D:ED
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CDD9D14170A80F2F742FD8610FAAF522A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lWHpe4QMGED7xKEytZ_Y1PvQLe0.roa
Signing time: Sat 06 Jan 2024 07:11:48 +0000
ROA not before: Sat 06 Jan 2024 07:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:dd:9d:14:17:0a:80:f2:f7:42:fd:86:10:fa:af:52:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 6 07:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9561e97b840c1840fbc4a132b59fd8d4fbd02ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4a:82:2b:12:b1:7f:09:ae:b3:b4:8b:6b:a6:
6a:00:d1:1c:7f:4f:83:51:9c:38:a7:b1:d0:64:e0:
1f:8c:d5:9f:89:6e:79:49:1d:f0:d5:2f:06:e8:ae:
4e:1a:76:eb:7e:12:6e:d2:26:1c:4b:ef:82:bf:3a:
29:ea:e5:c0:74:77:3c:a3:10:9b:5a:d7:a8:a3:7a:
d2:a8:ca:4b:4c:dd:93:7d:7e:36:e0:71:d4:f7:f8:
6e:59:0d:f0:07:f4:28:b8:42:97:48:e6:12:60:33:
85:46:a3:83:71:31:6a:c4:1e:56:d6:9e:bf:1a:b9:
46:3a:de:dc:ea:b9:fb:54:db:b3:45:c3:8c:1e:23:
23:41:aa:a5:59:c8:0a:fa:ac:67:45:2a:13:a3:f6:
ce:c3:4c:92:54:43:64:78:49:04:d7:58:fb:e0:b2:
8a:09:7d:82:dc:ee:05:f1:46:38:9c:20:56:a6:b5:
f0:31:15:f6:3f:01:63:7c:62:80:19:f3:9c:da:e8:
14:fb:9f:c1:b8:a9:b5:1f:9b:b8:b4:e4:f1:a0:66:
36:92:fe:a1:ce:08:24:76:12:10:fa:d5:85:b5:ea:
ea:51:6b:cf:04:2f:29:4b:83:e5:82:a6:2c:d5:03:
66:97:6e:51:47:5f:41:77:cf:00:2e:ec:d7:ce:f8:
ba:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:61:E9:7B:84:0C:18:40:FB:C4:A1:32:B5:9F:D8:D4:FB:D0:2D:ED
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lWHpe4QMGED7xKEytZ_Y1PvQLe0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
49:b4:de:59:6c:7e:ea:1a:3d:19:c9:40:69:eb:be:b1:e0:d9:
32:74:cf:9e:1f:5b:6b:5f:b7:f0:99:44:28:5f:c4:3a:6f:cf:
ba:93:ff:d0:2c:8c:d0:4c:3c:f9:1e:39:dd:ff:8c:86:44:cc:
c0:9e:5f:de:30:f2:4a:76:dd:1a:31:86:da:f1:46:d7:7e:1c:
fb:3f:b2:24:31:69:4e:01:31:39:bf:25:d3:f0:af:6b:7f:58:
5e:ef:1b:54:04:69:fd:bb:78:b8:cd:a0:3e:4a:87:e9:4a:35:
0b:d4:57:08:99:41:31:cd:c3:cf:e2:99:f2:1f:e8:35:65:e3:
1a:38:da:d0:71:1c:02:92:b4:90:46:a8:11:12:72:00:64:30:
c2:92:8b:76:fc:9a:28:ce:cc:4c:1d:00:de:ac:f2:2d:e5:7d:
1b:8b:1a:89:06:75:9c:b7:f1:86:88:5e:b1:ae:15:de:e6:d5:
92:de:a7:8f:1b:67:6b:7a:5f:9b:52:ed:6b:f8:4d:16:9a:fa:
1a:58:a7:92:7a:12:19:02:46:25:6b:5b:54:d5:9f:bc:6e:ed:
1f:6d:10:70:74:e7:07:16:17:b1:27:ca:7c:2a:82:c0:06:3e:
d5:17:b5:a7:a5:9d:29:5c:93:03:ad:c0:fa:ba:61:a2:aa:2d:
d3:42:04:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzdnRQXCoDy90L9hhD6r1IqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA2MDcxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTYxZTk3Yjg0MGMxODQwZmJjNGExMzJiNTlmZDhkNGZiZDAyZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkqCKxKxfwmus7SLa6ZqANEcf0+D
UZw4p7HQZOAfjNWfiW55SR3w1S8G6K5OGnbrfhJu0iYcS++Cvzop6uXAdHc8oxCb
Wteoo3rSqMpLTN2TfX424HHU9/huWQ3wB/QouEKXSOYSYDOFRqODcTFqxB5W1p6/
GrlGOt7c6rn7VNuzRcOMHiMjQaqlWcgK+qxnRSoTo/bOw0ySVENkeEkE11j74LKK
CX2C3O4F8UY4nCBWprXwMRX2PwFjfGKAGfOc2ugU+5/BuKm1H5u4tOTxoGY2kv6h
zggkdhIQ+tWFterqUWvPBC8pS4PlgqYs1QNml25RR19Bd88ALuzXzvi63QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJVh6XuEDBhA+8ShMrWf2NT70C3tMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbFdIcGU0UU1HRUQ3eEtFeXRaX1kxUHZRTGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEm03llsfuoaPRnJQGnr
vrHg2TJ0z54fW2tft/CZRChfxDpvz7qT/9AsjNBMPPkeOd3/jIZEzMCeX94w8kp2
3RoxhtrxRtd+HPs/siQxaU4BMTm/JdPwr2t/WF7vG1QEaf27eLjNoD5Kh+lKNQvU
VwiZQTHNw8/imfIf6DVl4xo42tBxHAKStJBGqBEScgBkMMKSi3b8mijOzEwdAN6s
8i3lfRuLGokGdZy38YaIXrGuFd7m1ZLep48bZ2t6X5tS7Wv4TRaa+hpYp5J6EhkC
RiVrW1TVn7xu7R9tEHB05wcWF7EnynwqgsAGPtUXtaelnSlckwOtwPq6YaKqLdNC
BIQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:28 2025 by rpki-client