Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tQ5BIP46bsCrfeK7b-hz8idKOUE.roa
File: tQ5BIP46bsCrfeK7b-hz8idKOUE.roa (raw, json)
Hash identifier: y1pe5rY5v6hJdsAaGZrlTwWANzbH0UyoGi1somUSbto=
Subject key identifier: B5:0E:41:20:FE:3A:6E:C0:AB:7D:E2:BB:6F:E8:73:F2:27:4A:39:41
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DC523EAABEA3FB704CFE281562A376930
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tQ5BIP46bsCrfeK7b-hz8idKOUE.roa
Signing time: Tue 20 Feb 2024 06:11:21 +0000
ROA not before: Tue 20 Feb 2024 06:11:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:23:ea:ab:ea:3f:b7:04:cf:e2:81:56:2a:37:69:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 20 06:11:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b50e4120fe3a6ec0ab7de2bb6fe873f2274a3941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1b:51:38:08:23:8c:36:bc:45:95:b2:38:27:
7d:8d:8a:c8:4d:d7:bc:de:41:29:31:9f:27:51:ba:
69:a4:e6:32:fb:61:9b:a6:ac:44:46:2a:03:69:d4:
fb:7c:b0:1c:77:2b:92:f0:43:8d:d8:38:45:cd:95:
25:12:d5:a1:2e:07:a7:81:35:9b:44:33:de:32:31:
30:e7:b5:96:98:f4:92:f3:f4:1b:93:68:aa:3a:a1:
bc:41:83:1b:d0:d7:47:63:75:82:2e:35:5b:cb:d9:
7d:38:fa:3a:4a:df:fa:70:52:db:3a:23:c8:c0:dc:
71:62:7d:97:72:29:f6:31:f3:80:53:df:07:3e:97:
0d:cf:1f:98:99:f4:c2:90:10:df:fb:be:88:ff:88:
b1:8c:ee:d1:cd:f3:42:7d:be:84:07:c8:91:5d:85:
dc:62:1f:6e:d0:3c:cd:b5:b5:64:f2:d2:b0:c4:db:
fd:de:fb:15:45:81:23:c9:8c:fe:89:2d:b0:20:68:
35:72:c3:dc:ef:32:f1:03:17:ab:60:a6:74:9f:a3:
94:1d:5d:b9:af:a8:7a:d6:66:08:13:15:f2:0e:dc:
a8:0c:2f:48:6a:09:c2:a7:27:89:d8:0c:14:46:bb:
02:d0:37:54:61:2e:52:2d:e1:8d:9c:be:2d:67:b9:
04:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0E:41:20:FE:3A:6E:C0:AB:7D:E2:BB:6F:E8:73:F2:27:4A:39:41
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tQ5BIP46bsCrfeK7b-hz8idKOUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
96:51:a4:97:98:06:22:22:9e:d2:4a:72:2b:48:da:d5:ff:9c:
c2:cb:e1:0b:82:55:e4:25:36:6f:04:3c:e5:c4:14:66:d0:88:
e8:78:bf:d6:f6:bf:2a:c7:88:8b:b1:21:dd:b0:a7:75:7a:62:
d8:2a:95:36:f5:c8:1c:af:d3:31:e7:65:fd:f4:81:7a:dd:fb:
3b:5a:56:7a:13:04:7c:ec:e0:78:14:e3:b0:68:66:05:6c:90:
35:f5:b0:c0:b7:ec:1c:9c:9a:16:67:0c:e3:88:37:27:26:89:
8d:62:05:ca:ca:50:eb:f5:82:58:ed:ff:cb:f7:61:97:92:1c:
8e:3f:57:86:37:bf:d8:f5:b1:e6:c0:48:1f:07:d1:33:a2:61:
da:ff:0b:3a:68:7c:e5:ad:ed:d4:37:ef:06:79:c7:3b:32:81:
bf:27:da:7a:27:72:01:12:a5:cb:ea:37:bc:c5:e3:b0:3c:18:
95:91:7c:8e:6d:72:35:bc:eb:4d:c1:5c:a4:17:c0:b0:f4:f3:
09:d6:2c:48:a4:28:d2:f3:9b:ef:dd:4d:b0:73:c3:4b:cd:25:
1e:34:d6:0f:e0:05:d1:ae:e6:88:a8:84:06:b4:a2:3f:91:b7:
d5:6a:31:66:e9:7f:35:15:fd:0d:4f:ce:df:4a:82:da:34:ed:
83:c7:b9:c5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3FI+qr6j+3BM/igVYqN2kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjIwMDYxMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTBlNDEyMGZlM2E2ZWMwYWI3ZGUyYmI2ZmU4NzNmMjI3NGEzOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBtROAgjjDa8RZWyOCd9jYrITde8
3kEpMZ8nUbpppOYy+2GbpqxERioDadT7fLAcdyuS8EON2DhFzZUlEtWhLgengTWb
RDPeMjEw57WWmPSS8/Qbk2iqOqG8QYMb0NdHY3WCLjVby9l9OPo6St/6cFLbOiPI
wNxxYn2Xcin2MfOAU98HPpcNzx+YmfTCkBDf+76I/4ixjO7RzfNCfb6EB8iRXYXc
Yh9u0DzNtbVk8tKwxNv93vsVRYEjyYz+iS2wIGg1csPc7zLxAxerYKZ0n6OUHV25
r6h61mYIExXyDtyoDC9IagnCpyeJ2AwURrsC0DdUYS5SLeGNnL4tZ7kEVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLUOQSD+Om7Aq33iu2/oc/InSjlBMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdFE1QklQNDZic0NyZmVLN2ItaHo4aWRLT1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAJZRpJeYBiIintJKcitI
2tX/nMLL4QuCVeQlNm8EPOXEFGbQiOh4v9b2vyrHiIuxId2wp3V6YtgqlTb1yByv
0zHnZf30gXrd+ztaVnoTBHzs4HgU47BoZgVskDX1sMC37BycmhZnDOOINycmiY1i
BcrKUOv1gljt/8v3YZeSHI4/V4Y3v9j1sebASB8H0TOiYdr/CzpofOWt7dQ37wZ5
xzsygb8n2noncgESpcvqN7zF47A8GJWRfI5tcjW8603BXKQXwLD08wnWLEikKNLz
m+/dTbBzw0vNJR401g/gBdGu5oiohAa0oj+Rt9VqMWbpfzUV/Q1Pzt9Kgto07YPH
ucU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:15:31 2025 by rpki-client