Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/n0_Hb23ST7hDM5MBX-_KwbG6jlY.roa
File: n0_Hb23ST7hDM5MBX-_KwbG6jlY.roa (raw, json)
Hash identifier: ZwrTWMUTtJaQBjtCjdDk7Ivk+1rb6NVONNS+tGPEeXE=
Subject key identifier: 9F:4F:C7:6F:6D:D2:4F:B8:43:33:93:01:5F:EF:CA:C1:B1:BA:8E:56
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBB4915755D013560F2551B5D2BE4753C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/n0_Hb23ST7hDM5MBX-_KwbG6jlY.roa
Signing time: Sat 30 Dec 2023 15:12:58 +0000
ROA not before: Sat 30 Dec 2023 15:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bb:49:15:75:5d:01:35:60:f2:55:1b:5d:2b:e4:75:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 30 15:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f4fc76f6dd24fb8433393015fefcac1b1ba8e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:71:49:af:78:8b:61:76:34:d1:6e:b8:99:fd:
a9:11:af:4a:60:37:f9:e7:1f:65:33:32:e0:59:af:
13:99:6c:0a:79:4a:ea:18:04:f5:c0:49:08:36:c1:
54:c1:50:12:f0:10:4a:cd:1a:62:99:6e:9f:ac:cb:
57:78:97:99:95:c8:20:a9:84:26:94:e3:fc:f2:37:
b8:dd:05:37:d4:7b:09:35:f9:8d:ba:17:9b:6e:b5:
ec:60:91:11:ce:27:10:33:31:96:55:f5:a3:3d:d6:
e5:e3:8e:fd:b0:2f:fd:5f:d4:dd:9b:a0:3b:20:57:
12:02:7a:06:ba:9c:fc:c7:03:e8:9a:3b:32:fd:3d:
4a:f4:7f:66:15:db:18:84:18:80:07:70:b5:d1:57:
42:d6:6f:80:b6:7a:e8:7f:a4:50:23:31:7d:6a:1b:
dd:40:57:42:7b:35:6c:a4:47:fd:3d:73:99:66:a4:
07:12:b2:45:05:c2:a7:d9:89:96:b5:ec:5b:51:5b:
e6:39:ca:39:14:76:5b:5e:e7:29:c1:b7:65:0c:2a:
6f:0c:2b:90:0d:80:6f:b6:98:60:8d:e7:43:a7:ff:
25:28:01:b9:fb:65:f5:62:3d:40:5f:f4:c9:6f:97:
88:7f:82:48:68:5e:e6:d6:a1:09:a2:cc:3e:9b:a5:
75:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:4F:C7:6F:6D:D2:4F:B8:43:33:93:01:5F:EF:CA:C1:B1:BA:8E:56
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/n0_Hb23ST7hDM5MBX-_KwbG6jlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9a:81:a2:a9:69:9a:35:da:33:99:1e:7e:1f:3f:59:5e:15:78:
5b:51:fc:5a:30:f4:75:98:9f:c0:7c:7d:8f:6c:22:b7:68:3b:
74:11:3c:b9:8e:6c:b9:43:0d:15:dc:83:e8:66:56:31:5e:cb:
02:32:74:fe:49:d7:83:30:36:6c:6b:2d:d6:3c:48:0e:dd:d4:
59:6d:29:3e:49:65:49:6d:68:58:fb:2a:84:ef:68:fa:ad:e6:
4b:3d:b1:9a:b4:35:42:06:27:42:80:d0:db:8d:8f:96:e8:30:
36:ce:54:d8:00:af:c0:34:6c:42:19:ea:ad:e4:35:be:5b:be:
47:a5:47:a6:c6:55:db:48:f6:da:a0:5f:2e:ca:ca:5f:5f:bc:
cd:a3:9c:7d:bd:62:97:9c:6c:b4:27:83:ec:40:de:21:8b:a3:
f4:a9:b2:b1:53:f1:79:cd:dd:6d:28:5a:29:ce:2d:3f:54:46:
2b:af:9a:e0:75:7a:17:1f:38:51:80:18:29:75:d6:69:84:45:
96:c6:fa:86:78:75:98:70:f5:86:2c:6f:0e:63:90:36:f4:24:
2d:c9:2a:dd:b1:7a:8a:28:2f:0b:dc:32:c4:73:09:e5:4f:48:
90:19:8e:f2:ef:32:d1:1f:8a:32:17:c6:dc:ab:b2:3d:f6:fe:
34:df:d6:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy7SRV1XQE1YPJVG10r5HU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMwMTUxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjRmYzc2ZjZkZDI0ZmI4NDMzMzkzMDE1ZmVmY2FjMWIxYmE4ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3FJr3iLYXY00W64mf2pEa9KYDf5
5x9lMzLgWa8TmWwKeUrqGAT1wEkINsFUwVAS8BBKzRpimW6frMtXeJeZlcggqYQm
lOP88je43QU31HsJNfmNuhebbrXsYJERzicQMzGWVfWjPdbl4479sC/9X9Tdm6A7
IFcSAnoGupz8xwPomjsy/T1K9H9mFdsYhBiAB3C10VdC1m+Atnrof6RQIzF9ahvd
QFdCezVspEf9PXOZZqQHErJFBcKn2YmWtexbUVvmOco5FHZbXucpwbdlDCpvDCuQ
DYBvtphgjedDp/8lKAG5+2X1Yj1AX/TJb5eIf4JIaF7m1qEJosw+m6V1BQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ9Px29t0k+4QzOTAV/vysGxuo5WMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbjBfSGIyM1NUN2hETTVNQlgtX0t3Ykc2amxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJqBoqlpmjXaM5kefh8/
WV4VeFtR/Fow9HWYn8B8fY9sIrdoO3QRPLmObLlDDRXcg+hmVjFeywIydP5J14Mw
NmxrLdY8SA7d1FltKT5JZUltaFj7KoTvaPqt5ks9sZq0NUIGJ0KA0NuNj5boMDbO
VNgAr8A0bEIZ6q3kNb5bvkelR6bGVdtI9tqgXy7Kyl9fvM2jnH29YpecbLQng+xA
3iGLo/SpsrFT8XnN3W0oWinOLT9URiuvmuB1ehcfOFGAGCl11mmERZbG+oZ4dZhw
9YYsbw5jkDb0JC3JKt2xeoooLwvcMsRzCeVPSJAZjvLvMtEfijIXxtyrsj32/jTf
1l0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:11 2025 by rpki-client