Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s1tpOgLTANW3zXzh3s8U48-XfB4.roa
File: s1tpOgLTANW3zXzh3s8U48-XfB4.roa (raw, json)
Hash identifier: aihtZYjz/m7c21JEwTkKTfx14U+tq0CmZLFbh6J1pH0=
Subject key identifier: B3:5B:69:3A:02:D3:00:D5:B7:CD:7C:E1:DE:CF:14:E3:CF:97:7C:1E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018E9E83DACBFB230BFBE1E9947EFDE579F8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s1tpOgLTANW3zXzh3s8U48-XfB4.roa
Signing time: Tue 02 Apr 2024 11:13:45 +0000
ROA not before: Tue 02 Apr 2024 11:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:83:da:cb:fb:23:0b:fb:e1:e9:94:7e:fd:e5:79:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 2 11:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b35b693a02d300d5b7cd7ce1decf14e3cf977c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5c:a5:7c:58:2d:a0:18:a1:cd:1e:95:77:0e:
80:36:a5:a5:54:04:3d:3b:ea:13:5c:cd:39:3c:16:
69:4f:69:a2:fe:0f:bf:8a:cb:f2:b1:dd:f2:fa:24:
ff:10:6e:8f:6a:49:8a:1b:be:66:5e:8d:e1:1f:08:
0d:5d:53:40:5f:e7:49:00:50:a6:e0:28:7f:ff:a9:
2d:cd:31:5c:b4:3f:0a:61:8a:18:26:ba:46:ea:7b:
2b:77:31:b2:6f:68:40:be:11:fa:84:36:71:dc:9f:
a9:d3:41:c7:1b:73:e1:47:1c:e3:95:a6:1a:28:7b:
c9:a8:fa:6c:10:a3:77:44:7c:85:12:95:c4:eb:9c:
79:b0:98:8a:c6:e6:35:23:2e:db:2c:69:a4:11:a9:
1a:98:b4:e5:5d:f1:41:54:97:ab:c4:02:6e:99:0f:
e1:36:2f:f6:76:00:21:04:ce:63:00:fc:fe:ee:da:
ae:dd:c0:d3:95:ea:b3:21:87:9d:7e:f1:4b:c7:66:
77:84:96:5c:80:1f:4a:21:b7:2b:41:06:22:7d:2f:
05:dc:53:17:fc:36:4a:ca:b8:1e:71:dc:8b:fc:11:
0f:ff:8b:47:9a:23:ec:22:69:fe:6f:62:47:14:b4:
80:1f:bb:c6:c5:17:c6:38:04:fb:18:06:29:71:c7:
fc:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:5B:69:3A:02:D3:00:D5:B7:CD:7C:E1:DE:CF:14:E3:CF:97:7C:1E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/s1tpOgLTANW3zXzh3s8U48-XfB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
00:12:8a:e8:92:c8:b8:02:41:94:07:8f:93:fc:15:0a:6c:73:
d8:1e:11:20:0a:e0:61:14:7f:77:12:be:22:cc:21:e7:90:0d:
3b:33:bb:6a:fc:65:67:74:69:1d:58:e3:70:5b:07:f5:9b:b5:
77:e9:41:1b:3c:62:fa:7a:e2:0c:79:e2:a9:26:e8:da:a1:25:
36:ca:d1:0b:74:f3:cb:ec:17:29:c0:68:74:8b:55:7e:33:ee:
c2:9b:0e:a1:f8:e9:5a:a1:77:30:b8:d0:10:29:dd:d9:f6:13:
33:ae:a6:9b:c1:58:73:9b:fd:87:9c:15:43:f6:48:c1:3d:93:
dd:61:12:39:ac:3d:be:d1:59:05:18:ed:92:b1:ef:6a:60:11:
28:9a:9f:1f:89:5a:e5:12:27:e3:62:80:f2:1c:6b:9b:ff:f7:
82:6e:12:90:2e:82:62:06:76:8b:d5:06:51:aa:0e:b2:0e:8b:
45:42:c6:27:ad:b8:23:d6:34:f0:e9:d5:0c:b2:7f:9b:f8:a0:
f0:4a:a6:9e:35:d6:c2:ad:e9:27:4c:29:92:13:60:22:e9:d4:
b7:7f:4d:d9:35:da:4d:e0:ab:10:f7:c0:39:aa:ab:07:aa:41:
9e:be:6c:44:47:27:27:81:c2:dc:07:52:a1:20:7b:81:a3:30:
2b:87:91:1d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6eg9rL+yML++HplH795Xn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAyMTExMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzViNjkzYTAyZDMwMGQ1YjdjZDdjZTFkZWNmMTRlM2NmOTc3YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1ylfFgtoBihzR6Vdw6ANqWlVAQ9
O+oTXM05PBZpT2mi/g+/isvysd3y+iT/EG6PakmKG75mXo3hHwgNXVNAX+dJAFCm
4Ch//6ktzTFctD8KYYoYJrpG6nsrdzGyb2hAvhH6hDZx3J+p00HHG3PhRxzjlaYa
KHvJqPpsEKN3RHyFEpXE65x5sJiKxuY1Iy7bLGmkEakamLTlXfFBVJerxAJumQ/h
Ni/2dgAhBM5jAPz+7tqu3cDTleqzIYedfvFLx2Z3hJZcgB9KIbcrQQYifS8F3FMX
/DZKyrgecdyL/BEP/4tHmiPsImn+b2JHFLSAH7vGxRfGOAT7GAYpccf8IQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLNbaToC0wDVt8184d7PFOPPl3weMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvczF0cE9nTFRBTlczelh6aDNzOFU0OC1YZkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAASiuiSyLgCQZQHj5P8
FQpsc9geESAK4GEUf3cSviLMIeeQDTszu2r8ZWd0aR1Y43BbB/WbtXfpQRs8Yvp6
4gx54qkm6NqhJTbK0Qt088vsFynAaHSLVX4z7sKbDqH46VqhdzC40BAp3dn2EzOu
ppvBWHOb/YecFUP2SME9k91hEjmsPb7RWQUY7ZKx72pgESianx+JWuUSJ+NigPIc
a5v/94JuEpAugmIGdovVBlGqDrIOi0VCxietuCPWNPDp1Qyyf5v4oPBKpp411sKt
6SdMKZITYCLp1Ld/Tdk12k3gqxD3wDmqqweqQZ6+bERHJyeBwtwHUqEge4GjMCuH
kR0=
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:15:10 2025 by rpki-client