Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rhyNgF-8SUgX6RlvQWlPlMAjjA0.roa
File: rhyNgF-8SUgX6RlvQWlPlMAjjA0.roa (raw, json)
Hash identifier: oP4y2q1/jt3sgEoH0VfXTAD0xfi+BxAXnUXqRs+LGdw=
Subject key identifier: AE:1C:8D:80:5F:BC:49:48:17:E9:19:6F:41:69:4F:94:C0:23:8C:0D
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EAA18783C59B88BE3BFFE28976A542116
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rhyNgF-8SUgX6RlvQWlPlMAjjA0.roa
Signing time: Thu 04 Apr 2024 17:11:54 +0000
ROA not before: Thu 04 Apr 2024 17:11:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:aa:18:78:3c:59:b8:8b:e3:bf:fe:28:97:6a:54:21:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 4 17:11:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae1c8d805fbc494817e9196f41694f94c0238c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b7:62:6d:79:70:b8:4e:46:31:59:0c:da:9b:
c3:04:8e:ce:f9:d7:83:dd:69:93:44:93:6a:9d:e3:
16:ec:35:a1:0f:2e:fe:a6:20:76:4b:98:89:d3:98:
fe:fe:45:31:14:71:c9:4b:42:50:b6:3b:42:df:2c:
47:09:db:a5:ad:35:90:56:1d:d2:2c:cb:dd:45:77:
b7:0a:6e:f4:8a:3d:39:5f:25:ff:74:1f:c3:f6:7c:
d9:85:76:e0:9b:52:17:10:39:fd:af:43:8d:00:65:
ad:0f:ac:4f:a8:4d:d6:ab:e1:ff:c3:dd:c2:32:e0:
af:62:78:54:16:4e:a2:9f:f1:a5:fa:23:a4:7d:18:
ac:c3:47:8a:be:61:d5:2c:c2:0a:ad:a2:41:3c:10:
e5:f7:23:a6:a5:19:db:8f:c2:90:fb:4a:b1:d9:fa:
d6:b5:d8:7d:a7:95:46:9c:df:61:80:af:48:b1:03:
90:1e:af:04:9a:b8:6b:60:ab:c8:ea:84:96:1a:55:
b2:db:ad:2e:03:b9:9e:13:93:df:12:cf:a2:cd:0d:
e4:9c:a2:24:85:d6:99:5a:86:ae:d6:6a:4a:54:7b:
93:0f:70:53:a5:15:83:4a:1b:ac:50:b9:54:10:b8:
bb:3d:84:6c:37:a5:e2:32:7a:44:5a:23:80:37:1b:
5e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1C:8D:80:5F:BC:49:48:17:E9:19:6F:41:69:4F:94:C0:23:8C:0D
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/rhyNgF-8SUgX6RlvQWlPlMAjjA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
0e:ff:1a:5f:6c:a3:8d:a0:5a:17:7b:2d:5f:f0:ec:8d:9a:f4:
05:85:43:8e:b3:e5:6f:d9:57:aa:1d:5f:97:6b:8b:51:1c:5f:
1f:bc:03:b5:bb:79:00:9d:45:70:5b:09:d8:f6:fb:03:a3:56:
1b:b2:33:65:3a:b1:72:a2:e0:57:0e:64:34:62:c1:dc:13:4c:
8e:f0:43:df:e9:8b:48:e8:5c:bc:a7:1b:b6:a2:a8:fb:07:77:
f6:15:52:4d:4c:73:ed:68:6d:54:5a:9f:e6:10:ab:50:0c:62:
8d:3a:33:44:93:f7:4b:29:ee:37:97:bf:60:16:b0:90:b4:16:
71:c6:e4:71:cc:b1:3c:63:8a:47:41:20:0a:23:a0:c1:82:ea:
17:70:e5:b0:59:ba:08:eb:67:66:a4:52:c5:3f:5e:75:1a:c5:
8f:32:28:68:73:63:b1:90:df:1a:a3:fd:92:4c:01:6e:6f:cc:
27:66:6b:bb:ae:21:84:27:a3:b0:d3:25:08:52:e9:f9:0e:36:
f1:7e:be:fa:8b:fc:9b:7f:07:57:8a:60:7d:65:1b:40:5b:40:
52:a7:d1:f3:44:4a:05:b6:11:7c:a8:88:96:d4:67:f7:82:44:
ab:3b:65:4a:55:61:61:7a:0d:ec:5e:d5:8a:19:9f:88:3b:85:
d1:17:c9:05
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6qGHg8WbiL47/+KJdqVCEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDA0MTcxMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTFjOGQ4MDVmYmM0OTQ4MTdlOTE5NmY0MTY5NGY5NGMwMjM4YzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobdibXlwuE5GMVkM2pvDBI7O+deD
3WmTRJNqneMW7DWhDy7+piB2S5iJ05j+/kUxFHHJS0JQtjtC3yxHCdulrTWQVh3S
LMvdRXe3Cm70ij05XyX/dB/D9nzZhXbgm1IXEDn9r0ONAGWtD6xPqE3Wq+H/w93C
MuCvYnhUFk6in/Gl+iOkfRisw0eKvmHVLMIKraJBPBDl9yOmpRnbj8KQ+0qx2frW
tdh9p5VGnN9hgK9IsQOQHq8EmrhrYKvI6oSWGlWy260uA7meE5PfEs+izQ3knKIk
hdaZWoau1mpKVHuTD3BTpRWDShusULlUELi7PYRsN6XiMnpEWiOANxteyQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK4cjYBfvElIF+kZb0FpT5TAI4wNMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvcmh5TmdGLThTVWdYNlJsdlFXbFBsTUFqakEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAA7/Gl9so42gWhd7LV/w
7I2a9AWFQ46z5W/ZV6odX5dri1EcXx+8A7W7eQCdRXBbCdj2+wOjVhuyM2U6sXKi
4FcOZDRiwdwTTI7wQ9/pi0joXLynG7aiqPsHd/YVUk1Mc+1obVRan+YQq1AMYo06
M0ST90sp7jeXv2AWsJC0FnHG5HHMsTxjikdBIAojoMGC6hdw5bBZugjrZ2akUsU/
XnUaxY8yKGhzY7GQ3xqj/ZJMAW5vzCdma7uuIYQno7DTJQhS6fkONvF+vvqL/Jt/
B1eKYH1lG0BbQFKn0fNESgW2EXyoiJbUZ/eCRKs7ZUpVYWF6Dexe1YoZn4g7hdEX
yQU=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:26:01 2025 by rpki-client