Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ndDDRiNqc3dDzj44usgztGVnAJc.roa
File: ndDDRiNqc3dDzj44usgztGVnAJc.roa (raw, json)
Hash identifier: ZncxY7btdbEGYZfFkTi5PnDw4Mt2OGkimdu2w5THC/0=
Subject key identifier: 9D:D0:C3:46:23:6A:73:77:43:CE:3E:38:BA:C8:33:B4:65:67:00:97
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E9D3699E12B0B9C539B920F4CDB012C79
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ndDDRiNqc3dDzj44usgztGVnAJc.roa
Signing time: Tue 02 Apr 2024 05:09:45 +0000
ROA not before: Tue 02 Apr 2024 05:09:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:36:99:e1:2b:0b:9c:53:9b:92:0f:4c:db:01:2c:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 05:09:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9dd0c346236a737743ce3e38bac833b465670097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:d3:a9:cb:af:f6:1b:ea:77:ad:85:72:52:b0:
1e:8a:b0:31:c6:34:f2:7f:24:4a:e4:57:63:b6:61:
28:de:14:32:c3:2c:2c:94:ea:3e:e9:e4:0d:ef:3b:
53:6a:0d:e4:fa:af:03:6a:47:15:a1:6d:7b:4b:d9:
b9:b9:96:d4:79:6a:a6:9d:b8:6b:9f:ae:27:d3:72:
08:ad:e4:98:5f:4a:bd:82:f3:0d:10:ae:4d:80:4c:
ad:51:da:3e:4f:09:ef:ea:37:c5:fc:6a:fa:f8:83:
fd:27:6e:ac:5b:a3:e4:26:d8:6d:1e:62:d8:56:ac:
a0:35:6a:13:68:5a:14:ed:10:6c:35:44:1f:b0:d4:
70:6d:fe:7f:2f:f3:ad:1c:69:4f:67:fc:65:19:30:
f3:d9:05:e4:4c:62:39:9e:51:dd:78:55:22:a7:cb:
07:5d:16:ef:6f:8f:57:60:2d:69:7c:ab:24:37:dd:
c2:89:8b:d2:e4:05:9b:b5:33:d0:f8:19:f6:b6:96:
1b:d5:0f:ed:d4:18:d2:64:53:1a:49:57:5b:a5:70:
75:b1:ee:0c:b5:4f:f8:6d:70:e1:a5:6b:3b:89:83:
10:73:ae:72:65:8a:29:31:55:ab:d8:54:ee:5c:97:
7c:35:8b:bb:b0:d6:18:cb:8d:21:7b:e3:ac:71:2b:
f8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:D0:C3:46:23:6A:73:77:43:CE:3E:38:BA:C8:33:B4:65:67:00:97
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/ndDDRiNqc3dDzj44usgztGVnAJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
33:3c:85:c5:94:87:f2:3b:a7:f0:91:fa:5c:98:ed:19:ea:c1:
28:d0:fb:c1:0f:1c:54:4f:a6:70:3f:b3:9c:de:70:7f:95:d5:
48:07:be:55:85:ee:e4:20:10:d8:45:27:af:f9:02:7b:70:34:
eb:b8:ea:f8:e8:a2:6b:ec:20:e0:d5:79:74:56:d9:81:a5:f0:
05:58:e5:c4:5f:9e:e2:38:73:79:2e:b2:5c:a7:9d:42:cd:22:
ed:07:ff:fd:92:90:c8:4c:19:fb:41:24:1c:fc:70:02:fd:de:
3d:81:80:f8:42:2f:29:15:ac:01:73:44:e1:3b:8d:80:3f:40:
4e:62:fa:67:54:34:9b:d2:14:95:a4:b4:d0:09:f8:bd:e5:06:
7b:8a:94:6f:5e:a7:77:6a:9a:3f:cf:c2:7e:49:be:76:dc:46:
34:9b:75:28:19:9e:fb:97:55:8c:f7:4c:24:73:41:4e:b7:a3:
eb:5b:3c:62:20:83:55:c3:a0:60:31:23:42:9f:9f:89:07:2c:
a6:27:03:99:77:6e:11:5e:f1:e1:32:c6:12:de:2a:bc:8c:e2:
69:77:0c:cc:df:54:ef:43:7f:66:0a:d9:b1:84:04:4d:4a:2c:
75:d8:ae:7b:58:6c:0f:44:29:a6:6d:68:0f:a9:4e:e0:88:05:
f7:0f:48:9d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6dNpnhKwucU5uSD0zbASx5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMDUwOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGQwYzM0NjIzNmE3Mzc3NDNjZTNlMzhiYWM4MzNiNDY1NjcwMDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtOpy6/2G+p3rYVyUrAeirAxxjTy
fyRK5FdjtmEo3hQywywslOo+6eQN7ztTag3k+q8DakcVoW17S9m5uZbUeWqmnbhr
n64n03IIreSYX0q9gvMNEK5NgEytUdo+Twnv6jfF/Gr6+IP9J26sW6PkJthtHmLY
VqygNWoTaFoU7RBsNUQfsNRwbf5/L/OtHGlPZ/xlGTDz2QXkTGI5nlHdeFUip8sH
XRbvb49XYC1pfKskN93CiYvS5AWbtTPQ+Bn2tpYb1Q/t1BjSZFMaSVdbpXB1se4M
tU/4bXDhpWs7iYMQc65yZYopMVWr2FTuXJd8NYu7sNYYy40he+OscSv4rwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ3Qw0YjanN3Q84+OLrIM7RlZwCXMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbmRERFJpTnFjM2REemo0NHVzZ3p0R1ZuQUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBADM8hcWUh/I7p/CR+lyY
7RnqwSjQ+8EPHFRPpnA/s5zecH+V1UgHvlWF7uQgENhFJ6/5AntwNOu46vjoomvs
IODVeXRW2YGl8AVY5cRfnuI4c3kuslynnULNIu0H//2SkMhMGftBJBz8cAL93j2B
gPhCLykVrAFzROE7jYA/QE5i+mdUNJvSFJWktNAJ+L3lBnuKlG9ep3dqmj/Pwn5J
vnbcRjSbdSgZnvuXVYz3TCRzQU63o+tbPGIgg1XDoGAxI0Kfn4kHLKYnA5l3bhFe
8eEyxhLeKryM4ml3DMzfVO9Df2YK2bGEBE1KLHXYrntYbA9EKaZtaA+pTuCIBfcP
SJ0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:52 2025 by rpki-client