Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/p4gzoP9lrPbNFg47RUUOYH2W6GU.roa
File: p4gzoP9lrPbNFg47RUUOYH2W6GU.roa (raw, json)
Hash identifier: OSk3hRDFuzIhzh0jgekjwqDcnLvj7ssgWdL0vRUZRlY=
Subject key identifier: A7:88:33:A0:FF:65:AC:F6:CD:16:0E:3B:45:45:0E:60:7D:96:E8:65
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D762C12FB0D55418E8E39308F48AE7D38
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/p4gzoP9lrPbNFg47RUUOYH2W6GU.roa
Signing time: Sun 04 Feb 2024 22:10:16 +0000
ROA not before: Sun 04 Feb 2024 22:10:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:76:2c:12:fb:0d:55:41:8e:8e:39:30:8f:48:ae:7d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 4 22:10:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a78833a0ff65acf6cd160e3b45450e607d96e865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:07:1d:91:45:9a:29:c5:29:0c:c4:89:41:14:
3c:a3:2e:12:b5:95:f0:23:7f:dd:f5:f6:47:7c:7e:
10:31:1d:f7:d8:86:d3:f2:b2:8b:66:b5:a5:34:15:
bb:89:87:3a:eb:21:d6:d5:9d:fa:8d:5a:83:fc:98:
c0:23:b5:b0:f5:d3:1f:32:32:32:60:47:a3:77:a9:
52:ff:30:d7:69:3f:b2:70:5b:1e:83:31:0e:59:70:
d5:5b:9d:50:23:b1:c9:66:ce:24:9f:18:a5:ad:a8:
1a:31:32:bd:1b:6b:2b:c7:82:45:2c:98:ca:d0:dc:
ac:da:74:4d:91:3d:7a:85:ee:5b:dd:4a:f8:93:08:
b6:8d:61:7a:93:b5:e4:0c:28:53:ab:65:a7:0b:19:
83:53:a5:41:6a:bc:bf:4d:4b:87:46:22:5b:ca:b0:
95:21:da:2d:9d:8c:76:1d:c4:e8:5a:ad:ac:54:79:
49:3d:df:12:e4:0a:fc:f2:7f:0d:5b:19:5b:e4:ec:
c2:58:6d:33:b6:a9:90:88:8b:93:d6:b0:a7:00:57:
cb:5f:88:2d:ba:6b:f4:ed:57:53:0a:d2:56:52:f6:
a0:56:27:ab:36:ee:b8:c6:67:93:fb:d2:e1:17:c8:
19:44:25:83:9f:c9:c6:97:df:f5:8e:ff:77:79:7f:
d6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:88:33:A0:FF:65:AC:F6:CD:16:0E:3B:45:45:0E:60:7D:96:E8:65
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/p4gzoP9lrPbNFg47RUUOYH2W6GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
4f:0e:70:53:a7:1a:70:1b:8c:ec:3e:84:ce:7f:cd:d7:35:ec:
85:40:96:4b:3f:08:69:99:fe:cb:4f:2e:6b:99:8d:28:c5:da:
64:bb:2d:6b:93:fb:d5:7e:a4:ff:3b:c2:ba:88:00:1f:1a:3f:
4b:b1:7a:42:c5:82:51:5d:9e:f6:e4:fd:05:cc:64:8f:40:e4:
e4:c2:30:d3:ba:6c:60:57:a5:f9:b9:33:d6:6e:58:1e:19:28:
ab:23:75:c4:12:7f:d3:1a:ac:f5:a1:a0:6d:1d:65:01:84:77:
52:3e:d1:c5:83:a8:5d:d9:c4:8c:ed:a6:79:3e:c6:3d:08:83:
5e:67:83:66:4c:72:e7:38:45:24:50:33:04:1d:f3:d9:a3:69:
ce:46:81:bc:79:24:fc:84:01:2d:32:73:d9:69:ee:38:24:bc:
cb:87:b9:e4:63:a3:09:05:3d:f8:26:52:a1:02:ef:f3:f4:06:
99:14:0d:5a:00:67:8b:06:c5:85:e6:fd:ac:98:f3:ae:8d:90:
38:b6:44:8a:55:f4:38:ff:f8:78:3c:57:85:ae:6e:b8:78:57:
a2:b6:62:1d:a5:41:a4:f2:ec:63:5a:7c:da:25:32:9c:86:3d:
5e:d1:bc:62:60:0f:e1:40:37:32:e5:ab:f5:7f:f3:0f:27:6c:
6a:57:6d:81
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY12LBL7DVVBjo45MI9Irn04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA0MjIxMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzg4MzNhMGZmNjVhY2Y2Y2QxNjBlM2I0NTQ1MGU2MDdkOTZlODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwcdkUWaKcUpDMSJQRQ8oy4StZXw
I3/d9fZHfH4QMR332IbT8rKLZrWlNBW7iYc66yHW1Z36jVqD/JjAI7Ww9dMfMjIy
YEejd6lS/zDXaT+ycFsegzEOWXDVW51QI7HJZs4knxilragaMTK9G2srx4JFLJjK
0Nys2nRNkT16he5b3Ur4kwi2jWF6k7XkDChTq2WnCxmDU6VBary/TUuHRiJbyrCV
IdotnYx2HcToWq2sVHlJPd8S5Ar88n8NWxlb5OzCWG0ztqmQiIuT1rCnAFfLX4gt
umv07VdTCtJWUvagVierNu64xmeT+9LhF8gZRCWDn8nGl9/1jv93eX/WCwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKeIM6D/Zaz2zRYOO0VFDmB9luhlMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcDRnem9QOWxyUGJORmc0N1JVVU9ZSDJXNkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAE8OcFOnGnAbjOw+hM5/
zdc17IVAlks/CGmZ/stPLmuZjSjF2mS7LWuT+9V+pP87wrqIAB8aP0uxekLFglFd
nvbk/QXMZI9A5OTCMNO6bGBXpfm5M9ZuWB4ZKKsjdcQSf9MarPWhoG0dZQGEd1I+
0cWDqF3ZxIztpnk+xj0Ig15ng2ZMcuc4RSRQMwQd89mjac5Ggbx5JPyEAS0yc9lp
7jgkvMuHueRjowkFPfgmUqEC7/P0BpkUDVoAZ4sGxYXm/ayY866NkDi2RIpV9Dj/
+Hg8V4Wubrh4V6K2Yh2lQaTy7GNafNolMpyGPV7RvGJgD+FANzLlq/V/8w8nbGpX
bYE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:38 2025 by rpki-client