Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/spB__9O8I2Kk-r53E9EompWt-lg.roa
File: spB__9O8I2Kk-r53E9EompWt-lg.roa (raw, json)
Hash identifier: XQDWthod8ZBi3kv8dQPR01UL1eXmplKH+apgSJvUxRM=
Subject key identifier: B2:90:7F:FF:D3:BC:23:62:A4:FA:BE:77:13:D1:28:9A:95:AD:FA:58
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CA568CEB3670FFB339EA05A85CBB6EA7C
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/spB__9O8I2Kk-r53E9EompWt-lg.roa
Signing time: Tue 26 Dec 2023 09:15:58 +0000
ROA not before: Tue 26 Dec 2023 09:15:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:a5:68:ce:b3:67:0f:fb:33:9e:a0:5a:85:cb:b6:ea:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 26 09:15:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b2907fffd3bc2362a4fabe7713d1289a95adfa58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4a:d1:5c:88:4c:c5:54:24:36:43:4d:d0:7c:
4a:e4:42:23:f0:6f:26:f9:90:16:24:ff:d6:7e:83:
df:15:c8:b1:1e:b3:17:f0:25:bf:76:61:38:b2:d5:
32:bb:40:f9:3b:48:2a:1e:65:89:d1:d5:21:74:4c:
fe:f8:a6:12:2c:aa:f0:ab:13:40:2a:30:24:2e:aa:
e7:b4:8d:3b:37:24:54:6c:c3:e7:16:72:20:b4:c1:
59:b3:b6:f1:0f:66:4c:f3:d2:35:40:53:2f:a0:b9:
f6:33:ea:92:e5:93:85:8c:a3:32:98:9c:fc:d1:0a:
2e:b7:0e:c2:b3:1c:af:28:63:14:26:f0:88:5e:fd:
1d:69:44:77:ee:a0:fa:8d:5c:25:1c:34:37:31:6b:
ec:ca:29:48:24:80:37:37:d1:04:68:70:33:38:08:
8c:5b:d0:77:b2:51:a0:70:26:cc:d9:4f:b8:1e:c1:
62:33:e7:38:3f:95:dc:cb:95:da:4d:66:78:87:c7:
39:b3:53:fb:1f:b5:13:03:cb:c7:1b:34:16:f0:b5:
fb:c9:47:e5:f0:88:9e:71:df:72:3b:7b:30:05:aa:
83:d8:1e:7f:fa:b6:37:c3:26:aa:1b:85:f0:22:a0:
cf:56:29:3b:c6:db:56:b1:2e:62:07:ca:03:fd:57:
a6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:90:7F:FF:D3:BC:23:62:A4:FA:BE:77:13:D1:28:9A:95:AD:FA:58
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/spB__9O8I2Kk-r53E9EompWt-lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
2b:ce:c4:0e:47:39:c0:3f:e7:73:77:f6:90:a6:99:7c:94:a8:
4e:f7:32:fd:8e:5d:e8:63:19:aa:61:94:c9:75:9a:5b:2a:6d:
49:51:8f:78:e0:22:2f:3c:94:e2:48:92:f9:5e:9b:ae:38:cb:
05:16:b7:1f:25:c0:a5:ef:20:db:d4:78:f0:d5:63:32:bd:e9:
36:0c:12:ce:fc:53:da:eb:c7:6e:67:79:19:f4:27:0c:7e:69:
a8:f6:d9:00:47:0a:c1:27:b4:10:f8:1c:57:a4:db:cc:2a:84:
ac:51:d4:05:c3:22:8a:aa:3f:0f:7a:ea:56:75:a4:ab:d1:65:
42:6a:b7:3b:7c:5e:18:1d:90:de:53:71:6b:6e:22:24:2b:26:
a4:e5:da:17:75:f5:15:96:79:e5:ad:f1:ec:f8:ab:b6:45:45:
09:8b:7b:3b:fb:fe:2d:f8:0a:0d:37:87:72:3f:5f:60:94:66:
35:8b:59:43:9b:81:8b:54:48:38:76:59:0d:f0:a1:a0:11:ac:
f5:d9:60:b8:c3:46:15:4a:70:32:1c:95:d4:6e:fa:fc:b1:ad:
f7:f6:cf:ca:ed:e4:dd:19:d3:60:63:50:c7:41:92:ed:82:58:
6d:53:bb:b0:3a:6f:fb:89:0e:0a:ce:b8:e3:59:da:6e:87:93:
80:04:db:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYylaM6zZw/7M56gWoXLtup8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjI2MDkxNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjkwN2ZmZmQzYmMyMzYyYTRmYWJlNzcxM2QxMjg5YTk1YWRmYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukrRXIhMxVQkNkNN0HxK5EIj8G8m
+ZAWJP/WfoPfFcixHrMX8CW/dmE4stUyu0D5O0gqHmWJ0dUhdEz++KYSLKrwqxNA
KjAkLqrntI07NyRUbMPnFnIgtMFZs7bxD2ZM89I1QFMvoLn2M+qS5ZOFjKMymJz8
0Qoutw7CsxyvKGMUJvCIXv0daUR37qD6jVwlHDQ3MWvsyilIJIA3N9EEaHAzOAiM
W9B3slGgcCbM2U+4HsFiM+c4P5Xcy5XaTWZ4h8c5s1P7H7UTA8vHGzQW8LX7yUfl
8Iiecd9yO3swBaqD2B5/+rY3wyaqG4XwIqDPVik7xttWsS5iB8oD/Vem0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLKQf//TvCNipPq+dxPRKJqVrfpYMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvc3BCX185TzhJMktrLXI1M0U5RW9tcFd0LWxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBACvOxA5HOcA/53N39pCm
mXyUqE73Mv2OXehjGaphlMl1mlsqbUlRj3jgIi88lOJIkvlem644ywUWtx8lwKXv
INvUePDVYzK96TYMEs78U9rrx25neRn0Jwx+aaj22QBHCsEntBD4HFek28wqhKxR
1AXDIoqqPw966lZ1pKvRZUJqtzt8XhgdkN5TcWtuIiQrJqTl2hd19RWWeeWt8ez4
q7ZFRQmLezv7/i34Cg03h3I/X2CUZjWLWUObgYtUSDh2WQ3woaARrPXZYLjDRhVK
cDIcldRu+vyxrff2z8rt5N0Z02BjUMdBku2CWG1Tu7A6b/uJDgrOuONZ2m6Hk4AE
21M=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:08:02 2025 by rpki-client