Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oWL3EwRgkGV0k1hFMshfzgfiZ_Y.roa
File: oWL3EwRgkGV0k1hFMshfzgfiZ_Y.roa (raw, json)
Hash identifier: B7HNt71F3Cc8c6xgoRfc84pM30WM3bN63jpquIKNIjU=
Subject key identifier: A1:62:F7:13:04:60:90:65:74:93:58:45:32:C8:5F:CE:07:E2:67:F6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C976C2D533CC019E327B627D52957EE66
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oWL3EwRgkGV0k1hFMshfzgfiZ_Y.roa
Signing time: Sat 23 Dec 2023 16:04:58 +0000
ROA not before: Sat 23 Dec 2023 16:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:976b:70ee/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:6c:2d:53:3c:c0:19:e3:27:b6:27:d5:29:57:ee:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 23 16:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a162f713046090657493584532c85fce07e267f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:52:60:fb:e6:79:0b:9d:6c:8b:94:49:f0:2c:
1c:3a:c3:fe:ac:e9:05:b7:11:c3:ca:41:13:10:2e:
30:bc:48:43:de:d9:37:7e:84:40:2c:9b:38:9d:f0:
ba:2c:22:97:88:4e:33:d6:1d:f6:46:8e:f1:55:91:
0d:74:c0:38:3f:74:63:fa:1d:af:22:18:9b:0d:e3:
0b:50:03:f3:3d:b2:d2:21:ec:76:e9:e3:19:39:8e:
4c:ed:49:93:cb:d9:1b:a0:5c:12:24:fe:35:74:f4:
fe:77:3e:5c:61:b4:e6:3e:d5:19:6a:c3:e8:90:63:
6b:72:5c:3a:21:9a:17:f3:0a:48:9a:8c:6e:8a:40:
80:67:f2:af:d9:90:fe:25:60:27:35:73:d9:2c:13:
51:5d:b3:b0:8a:d3:b6:b5:09:9d:0c:13:f9:e2:dd:
9f:7b:a3:39:5b:af:e7:75:ea:5e:87:8c:83:59:e5:
d6:72:84:1e:9e:cf:2e:1b:88:5b:00:15:1e:b4:ac:
cb:63:ef:07:a8:38:a6:ab:8f:61:88:e5:83:bd:6f:
e5:28:ed:62:e3:f1:f0:44:be:95:60:de:50:5f:a1:
8f:cf:a7:3b:b1:40:19:db:6d:c3:5f:99:ea:b4:0c:
fe:9f:49:6b:59:1a:5d:ba:ff:2c:8c:ba:b5:f1:82:
3c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:62:F7:13:04:60:90:65:74:93:58:45:32:C8:5F:CE:07:E2:67:F6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/oWL3EwRgkGV0k1hFMshfzgfiZ_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9d:47:cc:31:16:c8:9e:c1:94:2e:c8:d4:bd:39:e4:56:bd:e0:
6f:1d:be:97:1b:1d:f9:f1:c5:b2:95:65:03:cd:23:eb:24:8e:
bf:53:23:c8:10:c2:4b:e3:85:b4:b0:c6:b0:29:d1:07:78:81:
10:13:bf:28:26:08:aa:19:1a:18:1b:f6:36:71:fa:4e:ad:de:
04:b3:a9:5c:f8:f5:39:f3:9b:2f:7a:90:60:4d:0e:d6:ad:c8:
1d:ef:81:2c:ba:de:4e:ce:01:0b:8d:83:77:00:7b:1f:20:ce:
67:e9:be:87:5f:88:25:91:a8:09:1c:cc:ea:62:c3:e2:2b:42:
bd:43:61:54:4e:a8:34:4f:c2:dd:56:21:92:5d:f0:a6:e7:0e:
3e:3b:e5:b8:e6:16:60:3d:46:12:5c:ea:eb:ee:82:7b:3e:38:
e8:f3:ba:8b:fb:f2:50:02:36:85:e7:fb:96:99:cc:7d:86:64:
a5:f4:16:0e:a1:c7:62:1b:85:88:7a:4d:6d:8b:36:45:2f:62:
2e:23:27:d2:ba:63:25:84:d5:60:5f:a2:5f:13:80:9a:1a:fa:
b3:f7:0b:67:0e:3a:8d:49:0f:f7:e8:b0:c9:96:10:7e:36:97:
57:19:39:da:b7:fa:50:2b:1d:68:79:2e:1c:e9:59:20:be:0e:
a4:3d:2e:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyXbC1TPMAZ4ye2J9UpV+5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIzMTYwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTYyZjcxMzA0NjA5MDY1NzQ5MzU4NDUzMmM4NWZjZTA3ZTI2N2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVJg++Z5C51si5RJ8CwcOsP+rOkF
txHDykETEC4wvEhD3tk3foRALJs4nfC6LCKXiE4z1h32Ro7xVZENdMA4P3Rj+h2v
IhibDeMLUAPzPbLSIex26eMZOY5M7UmTy9kboFwSJP41dPT+dz5cYbTmPtUZasPo
kGNrclw6IZoX8wpImoxuikCAZ/Kv2ZD+JWAnNXPZLBNRXbOwitO2tQmdDBP54t2f
e6M5W6/ndepeh4yDWeXWcoQens8uG4hbABUetKzLY+8HqDimq49hiOWDvW/lKO1i
4/HwRL6VYN5QX6GPz6c7sUAZ223DX5nqtAz+n0lrWRpduv8sjLq18YI8RQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKFi9xMEYJBldJNYRTLIX84H4mf2MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvb1dMM0V3UmdrR1YwazFoRk1zaGZ6Z2ZpWl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJ1HzDEWyJ7BlC7I1L05
5Fa94G8dvpcbHfnxxbKVZQPNI+skjr9TI8gQwkvjhbSwxrAp0Qd4gRATvygmCKoZ
Ghgb9jZx+k6t3gSzqVz49Tnzmy96kGBNDtatyB3vgSy63k7OAQuNg3cAex8gzmfp
vodfiCWRqAkczOpiw+IrQr1DYVROqDRPwt1WIZJd8KbnDj475bjmFmA9RhJc6uvu
gns+OOjzuov78lACNoXn+5aZzH2GZKX0Fg6hx2IbhYh6TW2LNkUvYi4jJ9K6YyWE
1WBfol8TgJoa+rP3C2cOOo1JD/fosMmWEH42l1cZOdq3+lArHWh5LhzpWSC+DqQ9
LsA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:27 2025 by rpki-client