Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/swYSiYxGBZh0QnjalL7d_l-rvQk.roa
File: swYSiYxGBZh0QnjalL7d_l-rvQk.roa (raw, json)
Hash identifier: jkUeUFuEVXiUt6qAL9KEaSciIRFUyyygIzTVVytncJw=
Subject key identifier: B3:06:12:89:8C:46:05:98:74:42:78:DA:94:BE:DD:FE:5F:AB:BD:09
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EDEE0EF301F0A31B68DFEDEE431D72437
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/swYSiYxGBZh0QnjalL7d_l-rvQk.roa
Signing time: Sun 14 Apr 2024 23:11:06 +0000
ROA not before: Sun 14 Apr 2024 23:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:de:e0:ef:30:1f:0a:31:b6:8d:fe:de:e4:31:d7:24:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 14 23:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b30612898c460598744278da94beddfe5fabbd09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:60:b8:7a:c9:aa:f5:43:de:f5:80:22:43:4a:
7c:2a:1b:4c:a3:56:79:55:d4:30:6b:ca:ad:e7:d8:
69:40:09:32:5e:2e:e7:ed:3a:52:07:d3:4a:0a:01:
46:c6:ea:16:f2:9e:f1:5d:75:cd:92:36:06:57:10:
5c:8b:03:33:4f:be:9f:d4:fe:f7:91:07:22:35:ff:
e9:18:50:30:12:27:45:39:5d:a0:b5:0a:76:bb:e9:
ee:1b:1f:9a:4f:90:f7:de:2f:23:36:a1:1b:ed:41:
67:10:09:a0:54:1f:59:7e:ee:ed:35:2a:60:2f:7e:
10:7a:cb:64:65:92:8e:20:11:f8:16:b2:c4:a9:c6:
64:bf:99:41:ac:27:d8:e9:f7:f8:a5:a2:93:91:8f:
7f:d8:c3:4b:49:01:72:88:c3:49:1c:da:3b:7f:05:
bc:31:a8:b6:65:d1:e0:2a:ad:01:81:03:96:30:80:
31:25:6a:77:04:23:57:cb:9a:ae:c9:ac:ee:d1:28:
77:44:a8:3a:6a:87:c1:2b:04:17:ac:22:1d:3f:eb:
5e:19:e2:12:f7:22:d5:0a:9e:ed:5c:70:1a:56:b5:
1c:95:96:70:f5:9e:e9:e5:0c:79:90:d4:f2:f0:57:
ed:00:dd:87:84:42:19:3a:e5:92:da:da:54:34:be:
62:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:06:12:89:8C:46:05:98:74:42:78:DA:94:BE:DD:FE:5F:AB:BD:09
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/swYSiYxGBZh0QnjalL7d_l-rvQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
1a:69:b7:61:07:7c:c1:af:65:97:52:33:d9:87:80:08:59:b1:
4d:35:b5:3a:64:da:29:15:41:07:a2:2e:f6:5d:88:3f:ff:2a:
6e:c9:73:c0:4c:be:b7:20:a7:f2:51:d9:eb:69:f5:27:23:d8:
1f:56:08:5c:65:06:0c:ef:91:ea:92:c1:1b:b3:85:c0:a7:4f:
4c:1e:39:73:b8:a8:81:12:a5:09:39:c0:86:8a:b6:e4:9d:25:
fb:c4:09:da:bc:4a:e2:b1:b2:e8:ce:ce:22:21:cb:e8:d4:01:
f7:0c:3b:f0:0f:3e:97:68:ed:b4:79:07:de:b5:d3:25:39:92:
aa:3c:2d:ef:d4:ec:9b:41:52:8a:a7:f8:2a:79:7a:70:5a:f2:
a0:bd:95:99:a2:c1:85:f6:f3:5b:70:41:ad:b5:ae:da:95:8d:
99:85:7e:be:3d:36:cd:b1:ae:d5:ce:4d:95:57:f1:83:1f:52:
f6:c1:c1:b2:55:4a:39:ce:05:4d:42:04:85:c9:25:e1:6e:20:
8e:1f:c7:d2:de:92:b9:c8:ff:2a:83:ba:39:40:92:1e:9e:95:
37:2a:01:9e:14:bf:f4:43:4f:49:61:6d:0a:0b:4b:68:cb:3d:
23:af:bb:b6:ce:15:e3:35:37:57:1c:b3:4e:0e:93:d5:77:ab:
92:c0:78:b5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7e4O8wHwoxto3+3uQx1yQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE0MjMxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzA2MTI4OThjNDYwNTk4NzQ0Mjc4ZGE5NGJlZGRmZTVmYWJiZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmC4esmq9UPe9YAiQ0p8KhtMo1Z5
VdQwa8qt59hpQAkyXi7n7TpSB9NKCgFGxuoW8p7xXXXNkjYGVxBciwMzT76f1P73
kQciNf/pGFAwEidFOV2gtQp2u+nuGx+aT5D33i8jNqEb7UFnEAmgVB9Zfu7tNSpg
L34QestkZZKOIBH4FrLEqcZkv5lBrCfY6ff4paKTkY9/2MNLSQFyiMNJHNo7fwW8
Mai2ZdHgKq0BgQOWMIAxJWp3BCNXy5quyazu0Sh3RKg6aofBKwQXrCIdP+teGeIS
9yLVCp7tXHAaVrUclZZw9Z7p5Qx5kNTy8FftAN2HhEIZOuWS2tpUNL5irwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLMGEomMRgWYdEJ42pS+3f5fq70JMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvc3dZU2lZeEdCWmgwUW5qYWxMN2RfbC1ydlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABppt2EHfMGvZZdSM9mH
gAhZsU01tTpk2ikVQQeiLvZdiD//Km7Jc8BMvrcgp/JR2etp9Scj2B9WCFxlBgzv
keqSwRuzhcCnT0weOXO4qIESpQk5wIaKtuSdJfvECdq8SuKxsujOziIhy+jUAfcM
O/APPpdo7bR5B9610yU5kqo8Le/U7JtBUoqn+Cp5enBa8qC9lZmiwYX281twQa21
rtqVjZmFfr49Ns2xrtXOTZVX8YMfUvbBwbJVSjnOBU1CBIXJJeFuII4fx9LekrnI
/yqDujlAkh6elTcqAZ4Uv/RDT0lhbQoLS2jLPSOvu7bOFeM1N1ccs04Ok9V3q5LA
eLU=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:50:18 2025 by rpki-client