Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o1BnpoHwwuG64_vDZ5WstNHr26E.roa
File: o1BnpoHwwuG64_vDZ5WstNHr26E.roa (raw, json)
Hash identifier: jj/OkWSxI/jkhQtnRQAp6Iny/EifOGd9lKu0qxoP2RI=
Subject key identifier: A3:50:67:A6:81:F0:C2:E1:BA:E3:FB:C3:67:95:AC:B4:D1:EB:DB:A1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5E2288AC84B43AE7AEDF1222057A5B99
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o1BnpoHwwuG64_vDZ5WstNHr26E.roa
Signing time: Wed 20 Mar 2024 23:11:45 +0000
ROA not before: Wed 20 Mar 2024 23:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5e:22:88:ac:84:b4:3a:e7:ae:df:12:22:05:7a:5b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 23:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a35067a681f0c2e1bae3fbc36795acb4d1ebdba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:eb:31:c8:59:13:cf:90:1a:29:85:73:84:66:
57:10:bf:5c:a1:ce:88:e5:b1:a1:ca:b0:e4:7d:b1:
f8:1e:f6:72:99:61:92:12:45:6c:fe:72:47:90:8c:
e7:57:40:c4:97:9a:cc:d3:35:93:df:19:46:f4:a3:
a7:95:00:ff:7c:96:ee:4e:cc:aa:7d:77:11:82:4c:
29:d0:1e:2a:5a:6f:22:0d:ec:12:65:43:80:1b:59:
78:4b:42:06:2f:10:dd:b5:01:85:4b:49:dc:25:64:
ad:fa:3c:01:ba:fb:4d:17:73:1a:33:72:0a:c5:16:
c8:5d:3d:56:a7:76:d2:03:e1:1c:16:4c:32:1a:4f:
43:85:76:5b:a4:20:f3:c5:3f:19:1f:52:01:99:af:
84:e7:ed:60:24:90:28:93:4a:41:ea:db:80:97:23:
28:7c:0f:97:dd:71:5a:43:46:0c:16:f6:ca:39:66:
b1:86:ba:a7:aa:ec:2c:dc:0f:d4:44:9c:41:fe:d3:
3a:25:be:7d:ee:05:91:18:90:6d:78:fa:ab:2c:f9:
73:25:2f:63:2f:c1:48:3f:28:68:18:8e:91:46:8b:
64:10:ff:9f:22:76:00:f4:ca:f7:d2:62:e1:5f:b7:
b6:b8:e8:37:a5:4b:42:2b:f1:e4:34:8d:5f:56:dc:
84:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:50:67:A6:81:F0:C2:E1:BA:E3:FB:C3:67:95:AC:B4:D1:EB:DB:A1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/o1BnpoHwwuG64_vDZ5WstNHr26E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
50:07:d3:9b:1f:46:86:5c:ce:3f:69:59:41:9e:e2:b6:b7:eb:
ab:5d:42:b1:65:6c:7a:45:3b:c8:e5:3d:a2:c8:fe:f3:2c:0a:
00:7b:01:3c:47:a6:0d:17:48:cf:b9:cb:a1:ca:0d:ad:4a:2e:
90:7f:ee:94:8b:13:3c:24:6b:64:f6:e7:c6:06:49:2c:80:74:
fb:90:76:d8:2c:f1:fb:49:3c:fc:bf:bb:a1:ad:c5:e4:41:42:
a2:d9:3f:ba:25:f4:08:9a:4e:da:55:cc:75:b1:90:42:d7:e2:
bb:28:9d:8c:d8:99:2e:09:71:7c:ba:26:58:af:47:06:92:ad:
33:f8:ad:dd:e6:77:80:84:7f:7f:70:82:c9:9d:05:33:f2:f5:
7b:ef:7f:b9:2f:32:3b:f8:db:24:a2:32:4d:c0:75:ae:da:0a:
05:25:6f:ea:cf:37:95:80:98:f1:14:66:2d:73:28:d4:06:b0:
b4:7b:d3:82:14:ba:de:61:4a:57:f8:b7:d7:99:14:33:ea:6f:
1d:4e:fb:04:78:99:e0:f7:2b:10:d4:5b:88:ac:04:94:ea:1b:
ae:e0:54:0d:4b:cc:c3:32:a2:c5:b1:7e:db:d4:5b:bd:23:e8:
6e:7e:16:de:01:43:3c:b8:75:1e:e2:fe:14:3a:5a:45:f9:4b:
27:0e:9b:37
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5eIoishLQ6567fEiIFeluZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMjMxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzUwNjdhNjgxZjBjMmUxYmFlM2ZiYzM2Nzk1YWNiNGQxZWJkYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjesxyFkTz5AaKYVzhGZXEL9coc6I
5bGhyrDkfbH4HvZymWGSEkVs/nJHkIznV0DEl5rM0zWT3xlG9KOnlQD/fJbuTsyq
fXcRgkwp0B4qWm8iDewSZUOAG1l4S0IGLxDdtQGFS0ncJWSt+jwBuvtNF3MaM3IK
xRbIXT1Wp3bSA+EcFkwyGk9DhXZbpCDzxT8ZH1IBma+E5+1gJJAok0pB6tuAlyMo
fA+X3XFaQ0YMFvbKOWaxhrqnquws3A/URJxB/tM6Jb597gWRGJBtePqrLPlzJS9j
L8FIPyhoGI6RRotkEP+fInYA9Mr30mLhX7e2uOg3pUtCK/HkNI1fVtyE3QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKNQZ6aB8MLhuuP7w2eVrLTR69uhMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvbzFCbnBvSHd3dUc2NF92RFo1V3N0TkhyMjZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFAH05sfRoZczj9pWUGe
4ra366tdQrFlbHpFO8jlPaLI/vMsCgB7ATxHpg0XSM+5y6HKDa1KLpB/7pSLEzwk
a2T258YGSSyAdPuQdtgs8ftJPPy/u6GtxeRBQqLZP7ol9AiaTtpVzHWxkELX4rso
nYzYmS4JcXy6JlivRwaSrTP4rd3md4CEf39wgsmdBTPy9Xvvf7kvMjv42ySiMk3A
da7aCgUlb+rPN5WAmPEUZi1zKNQGsLR704IUut5hSlf4t9eZFDPqbx1O+wR4meD3
KxDUW4isBJTqG67gVA1LzMMyosWxftvUW70j6G5+Ft4BQzy4dR7i/hQ6WkX5SycO
mzc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:10 2025 by rpki-client