Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tHIpT7bK_w4Q3kP1F79N4BBAJfQ.roa
File: tHIpT7bK_w4Q3kP1F79N4BBAJfQ.roa (raw, json)
Hash identifier: ShX5r4poYyJZ2rLB5gQXnNf81QhfyFTP8o0YAugZIIw=
Subject key identifier: B4:72:29:4F:B6:CA:FF:0E:10:DE:43:F5:17:BF:4D:E0:10:40:25:F4
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CD35146BA5B4607CFC4DC3C891C59B33D
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tHIpT7bK_w4Q3kP1F79N4BBAJfQ.roa
Signing time: Thu 04 Jan 2024 07:12:48 +0000
ROA not before: Thu 04 Jan 2024 07:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d3:51:46:ba:5b:46:07:cf:c4:dc:3c:89:1c:59:b3:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 4 07:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b472294fb6caff0e10de43f517bf4de0104025f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:1b:47:eb:3f:25:2f:e5:98:a0:ec:cd:48:fb:
38:b5:05:79:07:b2:e3:49:a4:69:42:5b:13:42:18:
59:ba:dd:07:62:3c:1a:de:78:3a:0a:85:08:95:f6:
57:94:e2:c5:21:1d:6c:29:6c:6d:39:e7:f1:2b:14:
d0:67:1d:22:93:d2:8a:d9:a2:01:75:a4:23:d9:1a:
3d:ce:be:c8:24:38:88:f7:2f:0e:3e:c7:8d:75:35:
ad:1d:fe:74:a4:d0:7c:8c:f2:d9:21:bb:a1:be:9d:
a3:3f:08:99:ad:fb:82:a0:79:49:b2:11:0a:69:5e:
94:62:61:02:29:6e:13:da:ae:6a:ce:fd:c2:77:23:
ab:4b:74:9c:69:41:58:56:7b:01:a9:84:76:80:1f:
e5:cd:a0:7a:03:96:8a:e4:54:6d:f6:92:5b:bc:7e:
02:e4:df:15:f3:21:5a:d2:c4:c6:a4:f4:3c:66:30:
db:ee:e1:78:f4:8e:d0:85:c7:ee:87:1d:54:07:14:
fe:5a:73:64:ae:99:e1:84:f7:a4:7a:3a:73:a0:8c:
6b:af:b7:4a:96:4c:a9:7e:b0:54:12:9a:da:d6:ae:
b4:09:64:2b:55:80:f4:cf:60:29:72:e6:25:28:a8:
df:0a:f3:2d:40:4c:2f:25:36:d6:76:f8:dc:4b:9c:
67:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:72:29:4F:B6:CA:FF:0E:10:DE:43:F5:17:BF:4D:E0:10:40:25:F4
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tHIpT7bK_w4Q3kP1F79N4BBAJfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
9c:30:b4:27:79:74:c2:62:d1:34:20:c9:b7:81:a3:cc:cf:79:
df:a3:d1:60:fd:6a:25:3e:8c:44:21:20:cc:1b:1c:1a:af:f4:
9f:2b:87:27:12:22:7f:54:eb:aa:dc:b2:5e:6a:a5:ee:b6:2d:
d3:0d:fa:c5:0c:51:6a:1d:a3:75:e6:66:3e:b1:ef:7c:04:a5:
f6:08:e4:5b:b3:72:d3:c7:13:50:d4:9e:38:ed:dd:74:82:a6:
0d:34:d1:ca:86:81:eb:07:7a:5c:26:bd:e2:f4:51:5a:78:33:
41:12:9c:f4:c6:53:cf:9e:42:47:06:ee:ba:bd:bd:15:fc:05:
a0:7c:1a:6a:af:19:99:bc:f5:dc:60:77:c2:37:5d:1d:45:be:
30:48:9f:28:20:40:ec:74:4d:e4:67:4a:25:c4:6d:82:36:2c:
15:d7:47:6d:5a:3a:f2:8c:cd:47:5b:6c:b7:b3:02:96:75:86:
23:c4:54:17:b2:a0:3b:f6:78:7b:eb:1d:ba:91:98:02:26:d2:
b7:dd:f4:0d:08:f0:73:9d:28:c7:f3:4e:88:e8:5c:cf:5b:d6:
61:a6:7b:18:55:97:bc:a3:e2:7d:a1:88:69:9d:1d:30:dc:18:
30:22:6b:f4:c2:23:39:9e:16:5f:12:ea:62:e1:db:e2:f0:e3:
b3:6c:c1:8f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzTUUa6W0YHz8TcPIkcWbM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTA0MDcxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDcyMjk0ZmI2Y2FmZjBlMTBkZTQzZjUxN2JmNGRlMDEwNDAyNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBtH6z8lL+WYoOzNSPs4tQV5B7Lj
SaRpQlsTQhhZut0HYjwa3ng6CoUIlfZXlOLFIR1sKWxtOefxKxTQZx0ik9KK2aIB
daQj2Ro9zr7IJDiI9y8OPseNdTWtHf50pNB8jPLZIbuhvp2jPwiZrfuCoHlJshEK
aV6UYmECKW4T2q5qzv3CdyOrS3ScaUFYVnsBqYR2gB/lzaB6A5aK5FRt9pJbvH4C
5N8V8yFa0sTGpPQ8ZjDb7uF49I7Qhcfuhx1UBxT+WnNkrpnhhPekejpzoIxrr7dK
lkypfrBUEpra1q60CWQrVYD0z2ApcuYlKKjfCvMtQEwvJTbWdvjcS5xnhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLRyKU+2yv8OEN5D9Re/TeAQQCX0MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdEhJcFQ3YktfdzRRM2tQMUY3OU40QkJBSmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJwwtCd5dMJi0TQgybeB
o8zPed+j0WD9aiU+jEQhIMwbHBqv9J8rhycSIn9U66rcsl5qpe62LdMN+sUMUWod
o3XmZj6x73wEpfYI5FuzctPHE1DUnjjt3XSCpg000cqGgesHelwmveL0UVp4M0ES
nPTGU8+eQkcG7rq9vRX8BaB8GmqvGZm89dxgd8I3XR1FvjBInyggQOx0TeRnSiXE
bYI2LBXXR21aOvKMzUdbbLezApZ1hiPEVBeyoDv2eHvrHbqRmAIm0rfd9A0I8HOd
KMfzTojoXM9b1mGmexhVl7yj4n2hiGmdHTDcGDAia/TCIzmeFl8S6mLh2+Lw47Ns
wY8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:58 2025 by rpki-client