Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rPJGUDve6PrSxFwSMe6dpC1a_CA.roa
File: rPJGUDve6PrSxFwSMe6dpC1a_CA.roa (raw, json)
Hash identifier: ys+tfzq6/qi7Rbyf5GW5SiKc3CA37pKCd4/B4SpGowk=
Subject key identifier: AC:F2:46:50:3B:DE:E8:FA:D2:C4:5C:12:31:EE:9D:A4:2D:5A:FC:20
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D6E0A2A2717C2D305907CFE9C995E8498
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rPJGUDve6PrSxFwSMe6dpC1a_CA.roa
Signing time: Sat 03 Feb 2024 08:16:16 +0000
ROA not before: Sat 03 Feb 2024 08:16:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:6e:0a:2a:27:17:c2:d3:05:90:7c:fe:9c:99:5e:84:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 3 08:16:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=acf246503bdee8fad2c45c1231ee9da42d5afc20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:05:db:b9:b5:04:0e:82:55:2a:4d:b5:2b:
d7:d1:6e:de:0c:f8:b6:4e:af:30:9e:88:a8:b5:cd:
2f:02:c0:a8:f9:a6:f5:12:f9:4b:20:ca:a0:51:58:
25:03:64:97:c0:bc:d2:b8:1c:a8:bd:a4:f6:6e:f2:
2c:8a:81:15:a9:96:28:ed:86:8e:37:d3:4e:bc:a7:
7f:3b:cb:c2:bf:aa:5d:ad:d9:f5:75:2a:34:19:b6:
01:bc:02:91:8f:2a:5b:f5:0d:3a:a0:da:af:6a:6c:
eb:4d:3c:cd:e6:33:a0:48:26:82:13:44:d4:98:55:
2e:bb:fc:19:d5:7f:6c:94:56:11:33:42:aa:a0:88:
1c:25:9c:5b:36:2f:f5:1b:af:5f:ad:5d:da:e0:2a:
45:38:9d:08:dc:98:bc:7d:02:ba:cf:61:94:3b:64:
13:54:d8:b7:0a:52:f3:7c:ac:9f:bd:96:e0:98:81:
7d:45:95:b0:04:06:30:78:52:59:df:f6:54:e7:90:
76:d2:59:e4:7a:f4:c8:ff:53:bb:1b:97:4b:eb:08:
ae:ea:dc:ba:01:44:04:55:ec:11:32:99:20:b4:35:
36:8f:a9:47:2f:7f:ce:82:aa:48:a6:ad:c4:cf:ea:
e6:08:aa:7b:40:db:93:93:05:11:8a:d3:48:51:39:
49:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F2:46:50:3B:DE:E8:FA:D2:C4:5C:12:31:EE:9D:A4:2D:5A:FC:20
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rPJGUDve6PrSxFwSMe6dpC1a_CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
89:c1:a9:08:ba:aa:c1:85:80:b6:4b:c5:79:b2:21:f3:33:15:
cf:a7:ea:3e:fb:44:72:8c:a7:cb:78:7c:7d:32:74:2e:a5:3a:
21:81:1f:91:b5:e8:09:11:66:74:0d:00:da:94:ba:c9:1f:89:
23:6b:8f:ee:0e:00:32:b1:fc:b7:a1:76:44:95:17:b4:26:df:
aa:c2:26:24:41:13:a8:30:b3:74:7b:59:89:43:10:17:52:f0:
a9:e3:eb:aa:83:b9:0e:ff:6d:7a:a5:48:59:44:4e:b1:03:83:
46:3a:e4:43:1c:ed:1b:4b:3f:4a:85:28:3b:7d:36:23:9e:1b:
6a:21:35:41:31:41:0b:5c:ef:82:c5:b8:db:14:84:16:37:8e:
0a:e3:db:92:c4:c8:69:9a:b1:59:d5:47:80:b3:e7:d7:27:ce:
c3:cd:f1:cd:91:a2:f6:d9:8a:2d:41:f5:2d:7a:41:95:3d:14:
42:95:70:98:32:67:fe:7b:92:7f:2e:bf:41:92:39:90:eb:d5:
d3:65:9e:83:79:cf:48:41:f5:79:fa:bd:6d:8e:be:8f:1b:5c:
a5:5b:e7:66:ed:da:18:da:52:88:07:ee:19:3f:34:92:01:be:
f2:dd:2b:0c:ea:cb:23:ed:ed:d1:f1:95:cd:57:e9:0d:89:2b:
7d:2c:eb:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1uCionF8LTBZB8/pyZXoSYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjAzMDgxNjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2YyNDY1MDNiZGVlOGZhZDJjNDVjMTIzMWVlOWRhNDJkNWFmYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMYF27m1BA6CVSpNtSvX0W7eDPi2
Tq8wnoiotc0vAsCo+ab1EvlLIMqgUVglA2SXwLzSuByovaT2bvIsioEVqZYo7YaO
N9NOvKd/O8vCv6pdrdn1dSo0GbYBvAKRjypb9Q06oNqvamzrTTzN5jOgSCaCE0TU
mFUuu/wZ1X9slFYRM0KqoIgcJZxbNi/1G69frV3a4CpFOJ0I3Ji8fQK6z2GUO2QT
VNi3ClLzfKyfvZbgmIF9RZWwBAYweFJZ3/ZU55B20lnkevTI/1O7G5dL6wiu6ty6
AUQEVewRMpkgtDU2j6lHL3/OgqpIpq3Ez+rmCKp7QNuTkwURitNIUTlJFwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKzyRlA73uj60sRcEjHunaQtWvwgMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvclBKR1VEdmU2UHJTeEZ3U01lNmRwQzFhX0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAInBqQi6qsGFgLZLxXmy
IfMzFc+n6j77RHKMp8t4fH0ydC6lOiGBH5G16AkRZnQNANqUuskfiSNrj+4OADKx
/LehdkSVF7Qm36rCJiRBE6gws3R7WYlDEBdS8Knj66qDuQ7/bXqlSFlETrEDg0Y6
5EMc7RtLP0qFKDt9NiOeG2ohNUExQQtc74LFuNsUhBY3jgrj25LEyGmasVnVR4Cz
59cnzsPN8c2RovbZii1B9S16QZU9FEKVcJgyZ/57kn8uv0GSOZDr1dNlnoN5z0hB
9Xn6vW2Ovo8bXKVb52bt2hjaUogH7hk/NJIBvvLdKwzqyyPt7dHxlc1X6Q2JK30s
6y8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:07 2025 by rpki-client