Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pbYd0D9cnmhPV5Na9YfLKqffT-E.roa
File: pbYd0D9cnmhPV5Na9YfLKqffT-E.roa (raw, json)
Hash identifier: ZwM2h54zPG9DdaTr/Fl2sICsDQlZVQBCH3OWjwcuse4=
Subject key identifier: A5:B6:1D:D0:3F:5C:9E:68:4F:57:93:5A:F5:87:CB:2A:A7:DF:4F:E1
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA0E47E1D3AEAF165BFEA1F756652F24C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pbYd0D9cnmhPV5Na9YfLKqffT-E.roa
Signing time: Mon 25 Dec 2023 12:12:58 +0000
ROA not before: Mon 25 Dec 2023 12:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a0:e4:7e:1d:3a:ea:f1:65:bf:ea:1f:75:66:52:f2:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 25 12:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5b61dd03f5c9e684f57935af587cb2aa7df4fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:53:5c:15:ce:c7:36:5b:ca:75:14:55:b5:13:
62:3e:70:03:55:30:8b:89:55:e2:75:8d:af:17:15:
9e:21:cd:a0:c1:d2:98:0f:19:fb:7b:1d:7f:1e:33:
a2:02:aa:b6:e7:8a:95:c5:c6:84:78:7d:86:79:ea:
36:1b:6d:50:02:06:39:f8:cb:26:d4:9f:d8:21:eb:
35:f8:7a:17:50:c2:1e:bf:b5:0e:be:bc:d2:e6:81:
2d:bc:37:2c:25:ef:19:87:ca:ee:b8:53:80:ab:14:
6d:8c:69:ce:ff:37:ce:f4:b8:0e:82:8b:4b:2c:ca:
61:f3:ad:d1:f3:63:30:af:1c:01:d1:2d:9a:7a:d0:
52:b9:f3:32:aa:9b:87:c7:49:17:6c:f5:77:ff:7c:
98:22:c6:7f:2b:f1:f0:9d:30:53:30:da:83:4f:e3:
d0:f3:f0:f0:5f:1b:ec:dc:d2:25:79:72:a4:7a:55:
f5:02:8d:33:2e:06:07:91:12:1a:43:a6:2e:85:e1:
ca:48:5c:c0:ef:26:74:fa:a1:43:8e:d3:aa:e4:cb:
6b:8c:5a:db:c0:c7:ad:e3:a5:1f:48:c1:69:9b:26:
54:70:59:54:86:c6:2e:88:72:ee:75:66:33:5d:06:
17:91:da:a8:2a:56:68:f8:a3:36:4f:e0:a2:7c:81:
ef:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B6:1D:D0:3F:5C:9E:68:4F:57:93:5A:F5:87:CB:2A:A7:DF:4F:E1
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/pbYd0D9cnmhPV5Na9YfLKqffT-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8e:dd:20:3d:de:4f:9c:c9:d1:db:87:55:4f:15:59:fe:31:d0:
d5:fc:f3:f3:ee:23:e3:a7:81:74:41:2c:28:08:fb:29:af:eb:
57:b9:a4:25:3d:d3:b8:59:7a:27:fd:2e:a4:71:66:12:6a:8a:
6a:a8:74:05:5e:ca:d4:d6:7d:7b:8f:e3:9e:7c:eb:c8:81:de:
66:0a:35:02:fe:94:b8:64:99:c0:39:d2:71:3d:85:46:0b:b9:
44:15:de:7f:bc:c1:43:0e:98:e1:ba:96:34:88:ea:60:83:9a:
b5:66:ab:56:65:01:8b:e8:c6:9a:9a:61:73:3f:d9:1a:77:af:
84:c4:dc:e6:66:56:b5:d5:ca:7e:86:42:70:95:67:23:35:35:
30:48:36:0e:ec:02:63:45:81:ac:b9:45:02:0f:4c:99:f9:14:
0c:cd:d3:4d:df:d4:7a:70:3d:a7:5f:87:f8:32:75:10:94:b2:
3d:c0:15:69:f1:f8:6c:6e:09:c8:b4:82:50:6c:a6:9d:54:5c:
c6:79:62:b7:2d:8f:23:67:3f:21:84:15:e3:72:75:cb:ae:22:
fb:19:c3:5d:f9:fc:84:b2:b0:75:c9:6d:64:04:a1:fc:0e:05:
3b:2a:3b:96:9c:d3:3b:d4:1e:43:5f:18:ec:e3:d1:36:a4:c7:
14:43:52:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyg5H4dOurxZb/qH3VmUvJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI1MTIxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI2MWRkMDNmNWM5ZTY4NGY1NzkzNWFmNTg3Y2IyYWE3ZGY0ZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA71NcFc7HNlvKdRRVtRNiPnADVTCL
iVXidY2vFxWeIc2gwdKYDxn7ex1/HjOiAqq254qVxcaEeH2Geeo2G21QAgY5+Msm
1J/YIes1+HoXUMIev7UOvrzS5oEtvDcsJe8Zh8ruuFOAqxRtjGnO/zfO9LgOgotL
LMph863R82MwrxwB0S2aetBSufMyqpuHx0kXbPV3/3yYIsZ/K/HwnTBTMNqDT+PQ
8/DwXxvs3NIleXKkelX1Ao0zLgYHkRIaQ6YuheHKSFzA7yZ0+qFDjtOq5MtrjFrb
wMet46UfSMFpmyZUcFlUhsYuiHLudWYzXQYXkdqoKlZo+KM2T+CifIHvyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKW2HdA/XJ5oT1eTWvWHyyqn30/hMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcGJZZDBEOWNubWhQVjVOYTlZZkxLcWZmVC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAI7dID3eT5zJ0duHVU8V
Wf4x0NX88/PuI+OngXRBLCgI+ymv61e5pCU907hZeif9LqRxZhJqimqodAVeytTW
fXuP455868iB3mYKNQL+lLhkmcA50nE9hUYLuUQV3n+8wUMOmOG6ljSI6mCDmrVm
q1ZlAYvoxpqaYXM/2Rp3r4TE3OZmVrXVyn6GQnCVZyM1NTBINg7sAmNFgay5RQIP
TJn5FAzN003f1HpwPadfh/gydRCUsj3AFWnx+GxuCci0glBspp1UXMZ5YrctjyNn
PyGEFeNydcuuIvsZw135/ISysHXJbWQEofwOBTsqO5ac0zvUHkNfGOzj0TakxxRD
UjA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:45:15 2025 by rpki-client