Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pU5JFzDiP9LbtSZnsj8R-dIA8DA.roa
File: pU5JFzDiP9LbtSZnsj8R-dIA8DA.roa (raw, json)
Hash identifier: ZdF1Hqu2occTkeiOxwsZue+qwdvrRa/wb2WjA+gpMvg=
Subject key identifier: A5:4E:49:17:30:E2:3F:D2:DB:B5:26:67:B2:3F:11:F9:D2:00:F0:30
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D8AC001229DC5C1E1980C4D7614D7013B
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pU5JFzDiP9LbtSZnsj8R-dIA8DA.roa
Signing time: Thu 08 Feb 2024 22:04:15 +0000
ROA not before: Thu 08 Feb 2024 22:04:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:8abf:df44/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8a:c0:01:22:9d:c5:c1:e1:98:0c:4d:76:14:d7:01:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 8 22:04:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a54e491730e23fd2dbb52667b23f11f9d200f030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ff:57:db:ac:84:e1:0d:93:e7:64:e9:50:3e:
fa:69:16:03:91:87:b3:0a:6c:17:f9:be:9d:02:1c:
d7:de:c2:16:28:89:98:6d:48:4a:ae:02:25:f7:60:
93:9e:7b:31:f2:12:7c:e5:05:45:a1:86:45:64:df:
8f:b4:a3:13:31:90:21:3e:c3:be:3b:9e:5f:60:c6:
59:5b:0d:97:8d:9f:71:2e:23:08:4b:68:3d:5e:e6:
2c:d3:b4:b2:31:cc:6f:be:1a:31:a3:c7:1a:ca:43:
1b:45:8f:f1:80:a4:d7:60:d8:53:c1:1d:37:5a:e9:
b9:ba:b3:88:f0:d7:e9:4a:ed:12:cc:32:8c:4e:7b:
e1:3d:43:24:85:be:e4:06:8a:d0:da:d0:f4:2e:a9:
20:ec:ad:fc:b2:1c:01:e6:33:f9:5b:79:0d:a4:00:
94:f0:33:49:ab:92:a3:39:17:fe:bf:f0:d6:75:cd:
5c:31:88:54:7a:c7:77:6f:26:5f:d6:1c:bf:5f:99:
42:ec:36:ec:74:92:f0:2e:37:5d:bd:51:fc:1e:d7:
6f:10:67:2c:ca:c9:85:94:6e:5d:d7:7d:91:c7:21:
d4:27:75:2d:e2:08:69:4a:37:f0:1e:9f:c6:87:05:
a4:69:62:a3:b2:62:ef:2a:b3:92:ab:d8:07:d6:9b:
5a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:4E:49:17:30:E2:3F:D2:DB:B5:26:67:B2:3F:11:F9:D2:00:F0:30
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pU5JFzDiP9LbtSZnsj8R-dIA8DA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
22:73:01:73:09:23:65:71:ee:3a:b3:ed:91:44:e1:82:88:ef:
f8:b3:5b:f7:b6:c3:47:39:d2:34:2b:1f:a3:5c:b7:26:4b:7e:
60:e8:dd:bb:34:b8:47:83:ad:66:22:83:31:82:08:a6:7b:7c:
1a:28:f5:d9:e1:03:27:99:89:4d:c3:68:18:dc:c8:22:41:a5:
08:e6:b2:23:7c:07:5c:b5:75:d9:1f:4b:a3:c7:27:47:21:3d:
0c:65:89:d6:4f:3c:2e:3f:2f:11:79:68:43:e2:42:ea:91:7a:
d5:60:da:b2:d3:fd:6b:f7:8b:0d:15:0a:1a:99:5c:43:a3:30:
39:ee:89:25:fd:c0:4c:42:43:b2:f3:2b:79:74:63:50:aa:51:
ab:d2:e3:07:3c:d4:4d:e0:e7:9d:48:67:dc:8a:b8:51:6d:ad:
57:ef:dd:4f:a8:13:60:92:c0:29:7d:d0:d8:6f:31:d2:26:09:
a6:a0:69:da:6a:7a:9b:cb:4b:53:8b:03:77:4d:19:4d:23:57:
58:37:0f:e8:bf:4d:3b:12:35:f0:97:9c:c9:21:f3:26:07:8a:
5e:1f:00:37:5d:bc:34:72:bd:c6:5b:36:cb:87:7a:47:69:78:
cc:fb:c9:5c:97:2f:dc:0c:50:80:3a:45:77:23:c9:51:04:a5:
98:a2:a4:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2KwAEincXB4ZgMTXYU1wE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjA4MjIwNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTRlNDkxNzMwZTIzZmQyZGJiNTI2NjdiMjNmMTFmOWQyMDBmMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov9X26yE4Q2T52TpUD76aRYDkYez
CmwX+b6dAhzX3sIWKImYbUhKrgIl92CTnnsx8hJ85QVFoYZFZN+PtKMTMZAhPsO+
O55fYMZZWw2XjZ9xLiMIS2g9XuYs07SyMcxvvhoxo8caykMbRY/xgKTXYNhTwR03
Wum5urOI8NfpSu0SzDKMTnvhPUMkhb7kBorQ2tD0Lqkg7K38shwB5jP5W3kNpACU
8DNJq5KjORf+v/DWdc1cMYhUesd3byZf1hy/X5lC7DbsdJLwLjddvVH8HtdvEGcs
ysmFlG5d132RxyHUJ3Ut4ghpSjfwHp/GhwWkaWKjsmLvKrOSq9gH1ptaqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKVOSRcw4j/S27UmZ7I/EfnSAPAwMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcFU1SkZ6RGlQOUxidFNabnNqOFItZElBOERBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACJzAXMJI2Vx7jqz7ZFE
4YKI7/izW/e2w0c50jQrH6NctyZLfmDo3bs0uEeDrWYigzGCCKZ7fBoo9dnhAyeZ
iU3DaBjcyCJBpQjmsiN8B1y1ddkfS6PHJ0chPQxlidZPPC4/LxF5aEPiQuqRetVg
2rLT/Wv3iw0VChqZXEOjMDnuiSX9wExCQ7LzK3l0Y1CqUavS4wc81E3g551IZ9yK
uFFtrVfv3U+oE2CSwCl90NhvMdImCaagadpqepvLS1OLA3dNGU0jV1g3D+i/TTsS
NfCXnMkh8yYHil4fADddvDRyvcZbNsuHekdpeMz7yVyXL9wMUIA6RXcjyVEEpZii
pFQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:48 2025 by rpki-client