Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/punG2O0kTxiObtCmMACRnvxETyg.roa
File: punG2O0kTxiObtCmMACRnvxETyg.roa (raw, json)
Hash identifier: Kh5de5XojhLBuyS72RO4NaHN+Myg8tn0qafM9WwspDo=
Subject key identifier: A6:E9:C6:D8:ED:24:4F:18:8E:6E:D0:A6:30:00:91:9E:FC:44:4F:28
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E00285A003A0741C800373589FEFF0C6A
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/punG2O0kTxiObtCmMACRnvxETyg.roa
Signing time: Sat 02 Mar 2024 17:13:48 +0000
ROA not before: Sat 02 Mar 2024 17:13:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:00:28:5a:00:3a:07:41:c8:00:37:35:89:fe:ff:0c:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Mar 2 17:13:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6e9c6d8ed244f188e6ed0a63000919efc444f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8e:9f:4a:d3:76:1e:c1:44:74:a9:99:3d:b8:
8a:e4:9d:90:5e:4b:39:4f:ad:b2:e0:da:13:68:d9:
f7:cc:cf:82:64:55:20:d6:c2:09:5a:0e:64:62:30:
e8:3e:31:34:d2:03:9b:1e:1f:b8:1c:44:5f:32:36:
ac:6a:b6:4d:f3:cb:a0:1a:ba:37:06:c7:1b:6a:c8:
e2:4b:2b:cf:99:93:68:70:2b:4e:2d:6e:72:d5:5f:
24:8a:55:19:23:6c:a8:a2:fc:69:8e:cf:e4:c5:69:
16:dd:b8:d4:4c:cd:fb:58:f4:e7:e3:4f:e4:8c:95:
c4:e4:12:b1:9d:b2:56:18:88:c1:54:3b:c5:9d:8f:
48:07:8b:a1:9b:be:9a:02:af:b5:e4:aa:50:5c:9d:
10:66:87:6f:c9:f8:e3:f1:d4:14:d7:60:50:3c:06:
5e:78:9a:7a:fc:3f:89:e1:ea:52:b2:9f:0b:d6:52:
00:d0:66:99:95:a8:e8:ac:24:25:d6:af:62:4a:40:
7c:48:9a:2c:2e:77:ae:25:f0:96:92:a8:a1:a1:17:
1e:20:4d:9f:b9:8f:3b:81:49:ba:b5:f3:be:0f:c5:
4e:37:90:36:bf:d2:a3:a5:47:39:f7:ad:72:fb:7f:
f5:c3:9a:4f:78:d2:bc:b7:80:99:0b:5b:2b:e8:7c:
cb:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E9:C6:D8:ED:24:4F:18:8E:6E:D0:A6:30:00:91:9E:FC:44:4F:28
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/punG2O0kTxiObtCmMACRnvxETyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
73:76:41:84:cf:47:14:ba:8e:c3:53:e5:cb:9f:7a:53:5d:58:
00:ac:54:ce:58:36:0a:c4:c1:e1:59:6e:f5:42:af:c7:c3:9a:
83:cc:95:60:8e:0f:b2:af:04:ae:84:fe:0a:90:e2:c5:8f:94:
bb:8c:0a:19:de:18:e6:4c:f5:9c:ec:a1:b4:ba:af:80:a6:ed:
41:69:62:82:db:ad:ee:0d:f8:63:db:98:12:ed:df:95:5c:05:
db:d3:49:6f:50:65:50:df:1e:cd:6f:86:4d:52:56:96:10:6e:
d2:90:17:3f:21:5d:63:fc:24:dd:45:e4:b5:9d:2f:80:ab:80:
f2:f2:cf:76:00:20:4a:cd:a6:61:62:3d:a4:12:0a:06:06:14:
1c:36:a4:41:91:e3:73:e9:09:d0:c4:6c:f7:f7:2e:d5:4c:54:
96:67:af:7c:b5:e3:48:88:93:40:ca:27:29:4e:67:7d:e2:16:
39:80:c5:87:c5:5f:ec:5d:da:0b:f9:87:18:5a:2f:e9:c1:d3:
fa:f7:49:2b:4f:e6:f3:ee:36:10:cb:fa:c5:3c:fc:b5:dc:83:
5e:6d:f5:e8:12:1e:80:24:09:bf:8b:4b:21:42:15:bd:ea:e2:
be:5d:91:11:ec:69:ea:6c:41:f4:a5:43:f9:49:bf:34:5c:b3:
3a:02:b7:20
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY4AKFoAOgdByAA3NYn+/wxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMzAyMTcxMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmU5YzZkOGVkMjQ0ZjE4OGU2ZWQwYTYzMDAwOTE5ZWZjNDQ0ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx46fStN2HsFEdKmZPbiK5J2QXks5
T62y4NoTaNn3zM+CZFUg1sIJWg5kYjDoPjE00gObHh+4HERfMjasarZN88ugGro3
BscbasjiSyvPmZNocCtOLW5y1V8kilUZI2yoovxpjs/kxWkW3bjUTM37WPTn40/k
jJXE5BKxnbJWGIjBVDvFnY9IB4uhm76aAq+15KpQXJ0QZodvyfjj8dQU12BQPAZe
eJp6/D+J4epSsp8L1lIA0GaZlajorCQl1q9iSkB8SJosLneuJfCWkqihoRceIE2f
uY87gUm6tfO+D8VON5A2v9KjpUc5961y+3/1w5pPeNK8t4CZC1sr6HzL7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKbpxtjtJE8Yjm7QpjAAkZ78RE8oMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcHVuRzJPMGtUeGlPYnRDbU1BQ1JudnhFVHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHN2QYTPRxS6jsNT5cuf
elNdWACsVM5YNgrEweFZbvVCr8fDmoPMlWCOD7KvBK6E/gqQ4sWPlLuMChneGOZM
9ZzsobS6r4Cm7UFpYoLbre4N+GPbmBLt35VcBdvTSW9QZVDfHs1vhk1SVpYQbtKQ
Fz8hXWP8JN1F5LWdL4CrgPLyz3YAIErNpmFiPaQSCgYGFBw2pEGR43PpCdDEbPf3
LtVMVJZnr3y140iIk0DKJylOZ33iFjmAxYfFX+xd2gv5hxhaL+nB0/r3SStP5vPu
NhDL+sU8/LXcg15t9egSHoAkCb+LSyFCFb3q4r5dkRHsaepsQfSlQ/lJvzRcszoC
tyA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:51 2025 by rpki-client