Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/olXrZmsx1VS6l5oMc7hdSjNKYqY.roa
File: olXrZmsx1VS6l5oMc7hdSjNKYqY.roa (raw, json)
Hash identifier: cA/ahIFQnXhgyd5HWAdIMcrrRx6wf3tkQWTg0v0TT+k=
Subject key identifier: A2:55:EB:66:6B:31:D5:54:BA:97:9A:0C:73:B8:5D:4A:33:4A:62:A6
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E5CD288C0E2BDFD566B661875124B2DC8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/olXrZmsx1VS6l5oMc7hdSjNKYqY.roa
Signing time: Wed 20 Mar 2024 17:04:45 +0000
ROA not before: Wed 20 Mar 2024 17:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:5cd2:3178/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5c:d2:88:c0:e2:bd:fd:56:6b:66:18:75:12:4b:2d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 20 17:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a255eb666b31d554ba979a0c73b85d4a334a62a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f1:13:e7:f5:48:96:fa:6b:dd:34:aa:5e:47:
f0:80:8b:b9:1c:b7:f9:aa:6f:2d:c2:15:1f:77:d3:
44:dd:09:ee:86:61:05:1f:f5:6c:75:c5:0f:60:f5:
fe:a6:fa:05:b3:57:26:bd:1c:94:cb:fd:81:6a:a8:
80:6e:02:22:37:c5:fd:94:01:34:a2:c9:1f:c0:c2:
d9:52:c5:64:b4:9d:e9:58:68:93:eb:c8:6e:ef:2b:
7d:49:78:5a:5d:44:40:7f:46:04:f1:7b:34:01:5a:
96:fb:dc:de:53:bf:43:ff:7b:20:16:1f:e1:9d:f7:
c8:d8:b3:14:bf:b0:d5:05:ba:9b:25:35:11:e0:6a:
ce:c0:6e:da:61:5d:4d:28:88:24:5d:17:89:20:a8:
bf:6e:49:eb:06:66:95:de:9a:0d:37:85:84:da:a8:
29:8c:2c:5e:96:0a:1c:84:d8:2b:c1:b4:33:bd:c8:
33:f2:48:38:61:4e:5a:08:41:3e:d0:b8:75:09:87:
f3:cf:26:4e:f5:b2:a2:cb:f5:df:28:3c:d8:a2:76:
24:fe:f6:f8:44:c5:3e:b8:75:84:83:c0:2d:6a:f0:
81:78:0a:9d:13:81:f9:07:53:da:6f:b3:1d:b4:b3:
2b:80:af:79:c8:98:e4:ff:11:3e:96:a0:9d:3c:69:
1b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:55:EB:66:6B:31:D5:54:BA:97:9A:0C:73:B8:5D:4A:33:4A:62:A6
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/olXrZmsx1VS6l5oMc7hdSjNKYqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
24:76:32:dc:45:85:ba:5d:f2:2d:e1:80:51:ef:c3:eb:ae:e6:
51:db:e7:9f:f9:1b:94:ab:98:e0:61:bf:b5:ca:33:15:ce:40:
17:a1:04:89:4f:5a:4b:40:d5:97:e6:8a:1d:4f:f5:7c:15:cf:
a1:fb:08:2b:89:7d:50:a5:b5:6e:82:9f:29:7a:12:c1:32:1f:
d9:f4:50:35:8e:6e:8a:6d:6f:13:12:4e:28:06:d8:13:eb:2f:
08:d4:dc:31:de:9e:96:32:9d:cd:5b:a8:e4:0b:23:73:9e:96:
7a:57:c2:5f:7c:0b:62:95:9e:05:4f:fa:18:e3:79:a8:ac:7c:
4a:cc:25:44:39:de:17:90:8e:17:bb:53:e3:f1:b6:c1:28:57:
5a:fd:fc:7e:78:c7:f6:f8:c6:59:f2:6d:b9:e5:71:e8:51:7b:
31:ee:b8:2f:a6:73:c4:aa:13:b4:00:cd:15:06:50:14:e4:6b:
07:45:aa:20:2a:34:9a:d5:52:8f:a0:f3:b8:c8:56:68:40:82:
be:45:3f:7f:77:6c:69:97:19:c9:b9:ce:fe:85:c3:32:57:79:
19:3e:96:68:33:6a:e9:df:bb:e9:f6:3c:4a:4b:10:49:d1:53:
a7:48:da:8c:e1:c6:7c:cf:b2:10:46:93:ec:ba:22:03:67:e6:
b1:a2:7e:58
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5c0ojA4r39VmtmGHUSSy3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzIwMTcwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjU1ZWI2NjZiMzFkNTU0YmE5NzlhMGM3M2I4NWQ0YTMzNGE2MmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvET5/VIlvpr3TSqXkfwgIu5HLf5
qm8twhUfd9NE3QnuhmEFH/VsdcUPYPX+pvoFs1cmvRyUy/2BaqiAbgIiN8X9lAE0
oskfwMLZUsVktJ3pWGiT68hu7yt9SXhaXURAf0YE8Xs0AVqW+9zeU79D/3sgFh/h
nffI2LMUv7DVBbqbJTUR4GrOwG7aYV1NKIgkXReJIKi/bknrBmaV3poNN4WE2qgp
jCxelgochNgrwbQzvcgz8kg4YU5aCEE+0Lh1CYfzzyZO9bKiy/XfKDzYonYk/vb4
RMU+uHWEg8AtavCBeAqdE4H5B1Pab7MdtLMrgK95yJjk/xE+lqCdPGkbQwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKJV62ZrMdVUupeaDHO4XUozSmKmMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvb2xYclptc3gxVlM2bDVvTWM3aGRTak5LWXFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACR2MtxFhbpd8i3hgFHv
w+uu5lHb55/5G5SrmOBhv7XKMxXOQBehBIlPWktA1Zfmih1P9XwVz6H7CCuJfVCl
tW6Cnyl6EsEyH9n0UDWOboptbxMSTigG2BPrLwjU3DHenpYync1bqOQLI3OelnpX
wl98C2KVngVP+hjjeaisfErMJUQ53heQjhe7U+PxtsEoV1r9/H54x/b4xlnybbnl
cehRezHuuC+mc8SqE7QAzRUGUBTkawdFqiAqNJrVUo+g87jIVmhAgr5FP393bGmX
Gcm5zv6FwzJXeRk+lmgzaunfu+n2PEpLEEnRU6dI2ozhxnzPshBGk+y6IgNn5rGi
flg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:40:16 2025 by rpki-client