Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/puHtr6NyoRUCmKz0IFgRQ-z1Gxw.roa
File: puHtr6NyoRUCmKz0IFgRQ-z1Gxw.roa (raw, json)
Hash identifier: oBTe1JWzBRJJq5RTPI7nE9dAvAn7ecfnqSOSbWJ6UtM=
Subject key identifier: A6:E1:ED:AF:A3:72:A1:15:02:98:AC:F4:20:58:11:43:EC:F5:1B:1C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DD273002BFAF552F989E41BCE482A052F
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/puHtr6NyoRUCmKz0IFgRQ-z1Gxw.roa
Signing time: Thu 22 Feb 2024 20:12:48 +0000
ROA not before: Thu 22 Feb 2024 20:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d2:73:00:2b:fa:f5:52:f9:89:e4:1b:ce:48:2a:05:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 22 20:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6e1edafa372a1150298acf420581143ecf51b1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a6:3a:4b:f4:d0:9e:be:59:0c:e1:dd:53:0b:
f1:8f:c6:bd:88:35:4c:76:4f:2c:54:74:9f:a5:25:
fc:f1:0a:2d:e3:a3:80:c1:66:3b:95:27:ca:ed:c9:
22:d5:cf:e8:71:d0:cb:5d:ad:8d:44:14:49:0b:b0:
ce:c4:ee:83:d6:23:fc:76:32:9a:bd:a3:ac:6c:63:
f0:0e:55:f9:ec:a9:fe:28:2c:42:88:d7:a9:5e:4e:
91:98:25:1a:51:f6:a8:3c:8e:00:d8:ea:d1:65:ea:
9f:84:7f:f7:5b:52:b2:d5:cf:2d:a0:0d:1f:13:ef:
d2:fb:ea:1f:cf:0d:83:5b:27:36:5c:0f:85:15:b6:
91:45:f8:38:ae:d3:4e:f1:1c:9a:a9:fc:b9:78:51:
fb:ff:1b:c5:c8:24:b7:44:fe:d2:e2:ef:ca:e8:14:
df:63:78:c2:ec:70:77:c5:a7:ab:c2:79:31:97:59:
9f:48:4a:24:be:1b:cb:31:80:ef:7c:9c:44:9f:29:
10:bd:90:4d:62:77:9d:55:b2:f4:f6:3d:37:3f:e5:
13:37:71:0d:01:aa:c3:f1:2c:5f:e3:cd:29:48:9e:
0d:5d:a7:5d:40:aa:b4:6d:34:ab:69:4b:89:59:ad:
eb:43:14:36:37:bc:5b:91:a3:a2:ac:76:8d:df:b6:
bf:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E1:ED:AF:A3:72:A1:15:02:98:AC:F4:20:58:11:43:EC:F5:1B:1C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/puHtr6NyoRUCmKz0IFgRQ-z1Gxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
93:d0:a8:11:ef:5c:dc:07:26:a4:f2:c4:20:9a:46:f0:2e:eb:
aa:ac:d9:00:87:b8:e7:89:4d:a9:94:ec:c7:65:44:dd:1e:a1:
40:fa:3f:d0:94:34:e7:f2:28:ff:6b:10:37:ff:a1:81:94:71:
c1:d8:26:a6:63:86:7a:da:eb:03:40:14:43:0b:da:72:82:e5:
d4:1a:fd:6a:d7:c7:40:b4:82:fe:06:fe:e2:47:f4:48:37:f3:
b8:a8:ff:01:a8:d7:b9:78:58:44:16:2b:64:06:3b:cd:72:a3:
3d:e5:be:38:98:f3:86:6d:ec:e6:01:81:51:a7:7c:56:70:fc:
ab:e6:53:fa:f3:e3:fe:ba:8c:09:b8:7f:63:33:90:fc:6d:41:
33:89:24:a8:e0:79:ec:dd:08:37:88:3d:ab:86:3c:cb:bf:c8:
f9:58:2a:cb:a7:32:3f:c6:2a:ed:ca:98:82:56:d0:7b:d9:78:
3a:bd:86:5e:f1:ee:ed:53:b0:2f:b9:5c:eb:fd:bd:c4:9a:20:
df:03:3a:25:fc:2a:3a:ae:ab:2f:5d:fd:ee:2f:1e:14:ee:2a:
e6:ad:1d:b2:d3:92:17:99:6c:42:29:a2:ef:65:e2:a4:3d:11:
36:1e:56:33:17:4b:8e:48:00:9b:98:5e:9a:a8:f9:8e:c3:01:
bf:1c:e4:04
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3ScwAr+vVS+YnkG85IKgUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIyMjAxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmUxZWRhZmEzNzJhMTE1MDI5OGFjZjQyMDU4MTE0M2VjZjUxYjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaY6S/TQnr5ZDOHdUwvxj8a9iDVM
dk8sVHSfpSX88Qot46OAwWY7lSfK7cki1c/ocdDLXa2NRBRJC7DOxO6D1iP8djKa
vaOsbGPwDlX57Kn+KCxCiNepXk6RmCUaUfaoPI4A2OrRZeqfhH/3W1Ky1c8toA0f
E+/S++ofzw2DWyc2XA+FFbaRRfg4rtNO8Ryaqfy5eFH7/xvFyCS3RP7S4u/K6BTf
Y3jC7HB3xaerwnkxl1mfSEokvhvLMYDvfJxEnykQvZBNYnedVbL09j03P+UTN3EN
AarD8Sxf480pSJ4NXaddQKq0bTSraUuJWa3rQxQ2N7xbkaOirHaN37a/2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKbh7a+jcqEVApis9CBYEUPs9RscMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcHVIdHI2TnlvUlVDbUt6MElGZ1JRLXoxR3h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJPQqBHvXNwHJqTyxCCa
RvAu66qs2QCHuOeJTamU7MdlRN0eoUD6P9CUNOfyKP9rEDf/oYGUccHYJqZjhnra
6wNAFEML2nKC5dQa/WrXx0C0gv4G/uJH9Eg387io/wGo17l4WEQWK2QGO81yoz3l
vjiY84Zt7OYBgVGnfFZw/KvmU/rz4/66jAm4f2MzkPxtQTOJJKjgeezdCDeIPauG
PMu/yPlYKsunMj/GKu3KmIJW0HvZeDq9hl7x7u1TsC+5XOv9vcSaIN8DOiX8Kjqu
qy9d/e4vHhTuKuatHbLTkheZbEIpou9l4qQ9ETYeVjMXS45IAJuYXpqo+Y7DAb8c
5AQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:57 2025 by rpki-client