Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lj3pYvjHDJhNrqXFjUmGZ2ailOE.roa
File: lj3pYvjHDJhNrqXFjUmGZ2ailOE.roa (raw, json)
Hash identifier: +T+DFk35jUKZwo3UoW6bPzkGuF4/KUZdElmaT5yZnXI=
Subject key identifier: 96:3D:E9:62:F8:C7:0C:98:4D:AE:A5:C5:8D:49:86:67:66:A2:94:E1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D31B43AC52D03F9FC5E57B3ACAB7B938B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lj3pYvjHDJhNrqXFjUmGZ2ailOE.roa
Signing time: Mon 22 Jan 2024 15:05:11 +0000
ROA not before: Mon 22 Jan 2024 15:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:31b3:642a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:31:b4:3a:c5:2d:03:f9:fc:5e:57:b3:ac:ab:7b:93:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 22 15:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=963de962f8c70c984daea5c58d49866766a294e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:58:8c:39:cb:c3:f8:12:40:94:5b:c6:6a:cb:
7e:43:b6:02:0e:46:97:86:94:ba:3e:a4:fd:e8:f3:
6f:73:7d:b8:64:7f:57:94:ce:5b:32:95:f3:94:07:
54:9d:78:67:cf:74:c5:59:72:53:3d:1d:80:a6:da:
16:48:07:8c:30:be:7f:58:9b:60:dd:c2:9a:65:68:
6b:ab:2e:ff:ab:ec:10:e5:10:c8:32:48:6f:3e:28:
af:04:84:d9:b6:b0:29:d8:1b:f0:a4:ae:3a:aa:24:
16:55:66:d7:4b:ec:ce:5d:90:18:61:f9:27:65:a6:
e7:79:72:1a:c4:ea:cf:73:5d:0b:69:56:d5:9b:2e:
b1:97:a4:29:0b:4c:7c:18:0f:36:1e:fa:e6:57:94:
a1:a2:a1:6e:0f:a3:21:c9:90:88:12:ca:39:47:4a:
ca:4b:9a:72:07:cc:7d:8c:1d:3e:2d:7e:d0:09:68:
7b:e4:27:cb:42:44:34:4c:fa:ab:83:0e:f8:b8:67:
23:56:e1:d3:63:1c:4f:32:0c:22:68:f8:b4:a4:40:
34:36:a4:f1:b5:c4:e8:2d:1a:67:69:f8:8c:4b:61:
88:6a:2d:37:f5:8c:c4:24:4a:0c:6c:96:76:35:45:
56:a1:62:61:a7:34:22:b9:3a:3c:66:d3:81:03:79:
d7:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:3D:E9:62:F8:C7:0C:98:4D:AE:A5:C5:8D:49:86:67:66:A2:94:E1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/lj3pYvjHDJhNrqXFjUmGZ2ailOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
94:40:86:2a:72:ae:fd:97:8f:1c:46:92:5e:7a:17:4c:29:29:
a9:9d:7a:da:14:9c:41:af:ef:c5:a9:14:0d:7f:4e:ad:40:d1:
3c:a6:b4:9f:90:9a:39:b7:69:78:68:8a:a5:79:b8:0b:e5:92:
4c:e4:2d:97:86:f7:5a:7d:fb:47:6b:f5:34:6d:3d:4e:1c:66:
c1:66:6a:25:bd:ee:97:5c:bd:c7:f8:fb:10:63:05:e2:37:34:
a2:36:7d:a8:dd:cd:4a:3d:a9:ab:9f:2b:82:59:08:b2:8a:68:
88:47:42:6c:f1:2f:5a:47:35:13:f1:75:90:0b:61:8f:1a:72:
fd:0d:26:e9:ff:56:d3:2c:15:ea:71:e4:98:82:2a:8e:ed:c3:
01:a4:51:7e:90:94:be:c5:0f:a2:c1:19:60:a0:c2:5e:54:ad:
f3:77:85:42:b5:28:f8:f7:b5:aa:ec:a0:c5:0d:65:93:e0:ac:
f8:0a:49:43:8f:c7:bd:6f:1d:b8:4e:0b:d9:bc:be:8e:0f:7b:
bd:73:1e:39:2d:17:26:3f:ee:0b:32:26:5e:60:2a:16:a3:91:
64:15:17:2b:57:df:aa:51:46:c3:ea:4b:1c:36:11:7f:9a:4a:
99:76:d7:cc:fb:57:49:85:63:ed:25:2c:49:41:56:90:fd:21:
d4:04:2f:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0xtDrFLQP5/F5Xs6yre5OLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTIyMTUwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjNkZTk2MmY4YzcwYzk4NGRhZWE1YzU4ZDQ5ODY2NzY2YTI5NGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFiMOcvD+BJAlFvGast+Q7YCDkaX
hpS6PqT96PNvc324ZH9XlM5bMpXzlAdUnXhnz3TFWXJTPR2AptoWSAeMML5/WJtg
3cKaZWhrqy7/q+wQ5RDIMkhvPiivBITZtrAp2BvwpK46qiQWVWbXS+zOXZAYYfkn
ZabneXIaxOrPc10LaVbVmy6xl6QpC0x8GA82HvrmV5ShoqFuD6MhyZCIEso5R0rK
S5pyB8x9jB0+LX7QCWh75CfLQkQ0TPqrgw74uGcjVuHTYxxPMgwiaPi0pEA0NqTx
tcToLRpnafiMS2GIai039YzEJEoMbJZ2NUVWoWJhpzQiuTo8ZtOBA3nXjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJY96WL4xwyYTa6lxY1JhmdmopThMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbGozcFl2akhESmhOcnFYRmpVbUdaMmFpbE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJRAhipyrv2XjxxGkl56
F0wpKamdetoUnEGv78WpFA1/Tq1A0TymtJ+Qmjm3aXhoiqV5uAvlkkzkLZeG91p9
+0dr9TRtPU4cZsFmaiW97pdcvcf4+xBjBeI3NKI2fajdzUo9qaufK4JZCLKKaIhH
QmzxL1pHNRPxdZALYY8acv0NJun/VtMsFepx5JiCKo7twwGkUX6QlL7FD6LBGWCg
wl5UrfN3hUK1KPj3tarsoMUNZZPgrPgKSUOPx71vHbhOC9m8vo4Pe71zHjktFyY/
7gsyJl5gKhajkWQVFytX36pRRsPqSxw2EX+aSpl218z7V0mFY+0lLElBVpD9IdQE
L3Y=
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:54:33 2025 by rpki-client