Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sWyZ1EAqDR0XKztk5WAqVft_MjQ.roa
File: sWyZ1EAqDR0XKztk5WAqVft_MjQ.roa (raw, json)
Hash identifier: O37qrQqyZTEkAMYhmRnyj3YY/HLZE6G1t9zHzPbbRVQ=
Subject key identifier: B1:6C:99:D4:40:2A:0D:1D:17:2B:3B:64:E5:60:2A:55:FB:7F:32:34
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018C88375B311AE882418C589C1E49547C37
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sWyZ1EAqDR0XKztk5WAqVft_MjQ.roa
Signing time: Wed 20 Dec 2023 17:12:58 +0000
ROA not before: Wed 20 Dec 2023 17:12:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:88:37:5b:31:1a:e8:82:41:8c:58:9c:1e:49:54:7c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 20 17:12:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b16c99d4402a0d1d172b3b64e5602a55fb7f3234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9e:20:aa:75:67:16:e4:d1:57:ec:6d:9c:a2:
f5:a5:b0:9a:a9:17:67:25:65:46:99:52:b2:27:97:
55:20:85:22:72:e4:c2:92:11:b9:46:45:74:4b:65:
9a:22:c4:58:04:d9:af:1d:6c:f7:0f:f7:79:28:56:
13:1a:0f:3c:f8:e3:7f:b7:b4:3f:ae:5e:1c:71:60:
51:bf:5e:43:6a:24:a4:bc:69:53:4d:6e:46:ed:aa:
02:8a:c9:a8:c8:69:b3:64:4c:e2:f2:1c:66:28:99:
41:97:e8:ea:94:64:e5:77:b5:0d:64:ce:4d:f1:78:
f7:f0:31:f8:6a:70:1a:9d:18:c0:ed:7a:c9:89:e6:
f0:9b:82:04:3f:23:c4:64:22:1e:c6:fb:da:2d:be:
ad:21:4c:b2:a2:76:c8:8a:09:0e:b8:26:e4:15:ab:
4f:d0:a4:53:d2:7b:c5:3d:2c:89:8c:fe:f5:af:a9:
68:34:30:6b:d9:cd:39:f9:05:6c:89:05:1d:8e:8f:
fe:ed:b6:25:a2:a3:2e:88:4e:c8:7d:e1:e8:23:77:
e4:4f:75:e9:89:7f:28:0f:11:89:37:0d:e6:bb:fe:
7d:17:b7:c6:81:05:a7:f4:4b:75:dd:f4:bc:67:8a:
1b:13:4b:bc:36:5c:13:11:e8:8c:29:be:4e:c2:43:
6a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6C:99:D4:40:2A:0D:1D:17:2B:3B:64:E5:60:2A:55:FB:7F:32:34
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/sWyZ1EAqDR0XKztk5WAqVft_MjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
68:5f:a1:e8:62:13:0b:1e:68:d5:e9:e0:98:a9:2d:d3:3d:28:
7e:c3:63:07:f9:8e:fa:50:33:09:32:c4:56:5e:7b:21:88:68:
ae:49:d1:0d:97:b6:11:e6:de:f3:72:24:0f:79:2f:64:fe:6e:
e1:26:06:bf:2d:7c:33:85:4f:7d:18:1a:45:f1:71:8a:89:9e:
34:01:90:b3:ab:7e:c2:ad:1e:64:0c:bf:4a:bb:1e:6f:56:a7:
74:7b:fc:25:a3:42:58:10:f5:8b:e5:42:22:ee:7b:47:01:6d:
e0:a7:13:e3:36:1a:9c:6e:18:72:c4:54:e5:12:90:9f:47:7f:
f1:8f:71:ab:00:fd:cc:b5:53:b1:6a:05:aa:50:fc:8e:58:fe:
02:db:65:78:89:0b:52:56:05:d7:ce:e5:aa:c8:af:ee:39:c7:
5f:51:2e:f4:d2:17:76:6b:6b:83:a7:06:76:19:3d:7f:5f:75:
6b:55:5f:ff:8c:2d:4e:5c:dc:f6:fa:a6:af:db:39:d4:da:24:
0a:22:c3:ef:36:fe:84:81:9f:ec:a4:45:a1:53:fe:5f:21:57:
00:94:cc:b7:1a:88:b6:c8:f5:29:13:55:78:17:d2:0b:15:f2:
c4:c9:28:de:f0:a5:7d:88:57:05:99:21:40:f6:e0:a1:23:a5:
5f:56:5a:39
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYyIN1sxGuiCQYxYnB5JVHw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjIwMTcxMjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTZjOTlkNDQwMmEwZDFkMTcyYjNiNjRlNTYwMmE1NWZiN2YzMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZ4gqnVnFuTRV+xtnKL1pbCaqRdn
JWVGmVKyJ5dVIIUicuTCkhG5RkV0S2WaIsRYBNmvHWz3D/d5KFYTGg88+ON/t7Q/
rl4ccWBRv15DaiSkvGlTTW5G7aoCismoyGmzZEzi8hxmKJlBl+jqlGTld7UNZM5N
8Xj38DH4anAanRjA7XrJiebwm4IEPyPEZCIexvvaLb6tIUyyonbIigkOuCbkFatP
0KRT0nvFPSyJjP71r6loNDBr2c05+QVsiQUdjo/+7bYloqMuiE7IfeHoI3fkT3Xp
iX8oDxGJNw3mu/59F7fGgQWn9Et13fS8Z4obE0u8NlwTEeiMKb5OwkNqrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLFsmdRAKg0dFys7ZOVgKlX7fzI0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvc1d5WjFFQXFEUjBYS3p0azVXQXFWZnRfTWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAGhfoehiEwseaNXp4Jip
LdM9KH7DYwf5jvpQMwkyxFZeeyGIaK5J0Q2XthHm3vNyJA95L2T+buEmBr8tfDOF
T30YGkXxcYqJnjQBkLOrfsKtHmQMv0q7Hm9Wp3R7/CWjQlgQ9YvlQiLue0cBbeCn
E+M2GpxuGHLEVOUSkJ9Hf/GPcasA/cy1U7FqBapQ/I5Y/gLbZXiJC1JWBdfO5arI
r+45x19RLvTSF3Zra4OnBnYZPX9fdWtVX/+MLU5c3Pb6pq/bOdTaJAoiw+82/oSB
n+ykRaFT/l8hVwCUzLcaiLbI9SkTVXgX0gsV8sTJKN7wpX2IVwWZIUD24KEjpV9W
Wjk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:39 2025 by rpki-client