Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tNGZIFXZw77rDEC3bXrx4K9_0oM.roa
File: tNGZIFXZw77rDEC3bXrx4K9_0oM.roa (raw, json)
Hash identifier: s+nbn/Md14w0uYoDMnRpG1o90C+0rNCXEkAjAPVpuBA=
Subject key identifier: B4:D1:99:20:55:D9:C3:BE:EB:0C:40:B7:6D:7A:F1:E0:AF:7F:D2:83
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EDF17DD1A211CC28C7BA9A3416B5F55C0
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tNGZIFXZw77rDEC3bXrx4K9_0oM.roa
Signing time: Mon 15 Apr 2024 00:11:06 +0000
ROA not before: Mon 15 Apr 2024 00:11:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:df:17:dd:1a:21:1c:c2:8c:7b:a9:a3:41:6b:5f:55:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 15 00:11:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4d1992055d9c3beeb0c40b76d7af1e0af7fd283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b5:36:ee:87:6b:51:04:8a:96:1a:3c:08:b7:
c1:db:b6:3b:47:5f:3e:2e:d9:88:6f:e9:c7:de:88:
0f:99:d2:30:46:c8:32:b0:ab:5d:95:13:2e:50:ab:
44:33:e5:76:7b:e7:77:3e:2f:7b:02:0e:8c:fc:9a:
f6:eb:70:00:da:7d:e5:86:7c:7d:f2:b7:b7:62:b0:
f5:c5:7b:04:1b:e3:e6:d7:38:6a:74:41:fd:e5:f8:
0b:b4:86:4a:74:e7:28:49:87:ff:45:c7:c3:45:3c:
0a:31:be:66:3c:90:1c:7d:d2:46:73:65:59:f8:89:
38:07:f4:60:0a:5e:d2:e7:5e:7c:3b:c6:2e:6b:52:
4d:e8:25:38:89:69:7c:3a:11:0b:37:59:12:9b:d5:
6e:77:8a:33:1f:d3:44:8b:65:c3:aa:81:e8:d5:a9:
64:4f:40:82:91:ac:dd:b8:6c:45:a1:8b:5f:8b:9f:
82:c2:3d:00:65:f2:99:c9:7d:f5:6e:fd:b6:be:71:
fd:36:64:47:e0:2f:08:b1:d4:74:e8:18:aa:fd:97:
69:89:d7:23:c0:4b:1a:95:d9:6f:99:10:b3:f7:51:
09:a8:e3:e2:47:6d:7d:09:e3:e7:51:10:7f:6f:c8:
59:c0:a7:4d:f6:f3:95:30:7e:d6:68:f8:8e:b3:0f:
46:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D1:99:20:55:D9:C3:BE:EB:0C:40:B7:6D:7A:F1:E0:AF:7F:D2:83
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tNGZIFXZw77rDEC3bXrx4K9_0oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
42:22:dd:2a:1f:35:c4:65:fc:af:e3:e1:a7:ed:77:71:a0:aa:
20:ef:23:28:88:af:5c:01:1c:45:62:02:63:d5:31:b0:0b:be:
33:8d:59:ee:68:43:af:74:65:b3:47:19:cb:66:9e:74:49:88:
0a:98:3a:b1:ee:11:13:2e:22:d0:74:2b:d9:ef:37:52:62:7d:
4c:da:f3:20:ed:74:d1:cd:d8:da:1d:9e:26:16:e3:05:f5:70:
a8:70:c1:02:f9:9a:3e:04:1d:d5:ab:ca:16:c4:ec:d1:34:2b:
42:68:8d:f8:d6:5b:0d:30:6e:32:e1:8f:12:f1:32:96:b6:c0:
01:04:e6:81:55:df:22:68:e2:c3:0b:0e:d8:0a:40:77:03:7b:
27:27:a1:08:0b:1c:e8:da:dd:18:28:cf:3f:b1:65:bd:63:36:
5c:02:ff:b8:6c:f9:6b:73:ec:c8:9a:9a:41:4f:1f:28:02:00:
cc:23:69:e4:55:64:90:67:43:a3:84:14:ba:ce:9a:e9:77:57:
75:85:67:49:7a:fa:c2:b8:80:c5:04:09:f1:09:a9:86:a4:f6:
c7:09:87:0e:1c:9a:5e:a7:8f:4f:c1:a6:b2:37:2a:07:aa:e6:
52:ac:76:1a:e3:54:ab:0e:d7:75:a7:c9:7a:4c:fe:c1:ea:f5:
50:b9:d9:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7fF90aIRzCjHupo0FrX1XAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDE1MDAxMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQxOTkyMDU1ZDljM2JlZWIwYzQwYjc2ZDdhZjFlMGFmN2ZkMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7U27odrUQSKlho8CLfB27Y7R18+
LtmIb+nH3ogPmdIwRsgysKtdlRMuUKtEM+V2e+d3Pi97Ag6M/Jr263AA2n3lhnx9
8re3YrD1xXsEG+Pm1zhqdEH95fgLtIZKdOcoSYf/RcfDRTwKMb5mPJAcfdJGc2VZ
+Ik4B/RgCl7S5158O8Yua1JN6CU4iWl8OhELN1kSm9Vud4ozH9NEi2XDqoHo1alk
T0CCkazduGxFoYtfi5+Cwj0AZfKZyX31bv22vnH9NmRH4C8IsdR06Biq/Zdpidcj
wEsaldlvmRCz91EJqOPiR219CePnURB/b8hZwKdN9vOVMH7WaPiOsw9GhwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLTRmSBV2cO+6wxAt2168eCvf9KDMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdE5HWklGWFp3NzdyREVDM2JYcng0SzlfMG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAEIi3SofNcRl/K/j4aft
d3GgqiDvIyiIr1wBHEViAmPVMbALvjONWe5oQ690ZbNHGctmnnRJiAqYOrHuERMu
ItB0K9nvN1JifUza8yDtdNHN2NodniYW4wX1cKhwwQL5mj4EHdWryhbE7NE0K0Jo
jfjWWw0wbjLhjxLxMpa2wAEE5oFV3yJo4sMLDtgKQHcDeycnoQgLHOja3Rgozz+x
Zb1jNlwC/7hs+Wtz7MiamkFPHygCAMwjaeRVZJBnQ6OEFLrOmul3V3WFZ0l6+sK4
gMUECfEJqYak9scJhw4cml6nj0/BprI3Kgeq5lKsdhrjVKsO13WnyXpM/sHq9VC5
2W0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:22 2025 by rpki-client