Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tf5dRZRjO6SpYAL3x75R_TkSIOw.roa
File: tf5dRZRjO6SpYAL3x75R_TkSIOw.roa (raw, json)
Hash identifier: 4po4aVjsFy4c0leKvFK3h2fhSL6y6sXu44gBv5MvLLY=
Subject key identifier: B5:FE:5D:45:94:63:3B:A4:A9:60:02:F7:C7:BE:51:FD:39:12:20:EC
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018D0AB30526CE8DDCAADFB8886980343F86
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tf5dRZRjO6SpYAL3x75R_TkSIOw.roa
Signing time: Mon 15 Jan 2024 01:18:40 +0000
ROA not before: Mon 15 Jan 2024 01:18:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0a:b3:05:26:ce:8d:dc:aa:df:b8:88:69:80:34:3f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Jan 15 01:18:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5fe5d4594633ba4a96002f7c7be51fd391220ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:03:cf:fb:fe:bf:ba:c2:6d:d8:82:11:07:88:
08:37:bd:cf:c1:fa:af:06:a9:75:16:6e:3f:05:8e:
d6:5b:1e:e9:4d:fe:d9:38:49:d2:dd:7b:64:92:ac:
9d:cb:d7:2d:eb:67:50:9f:d2:99:af:23:19:58:b6:
0a:73:7f:17:12:d2:a5:2e:46:b5:59:02:c7:a2:2f:
dd:6a:01:7b:f0:99:11:ae:7a:3d:16:cc:c2:14:de:
96:c8:0a:f1:c2:46:55:1e:92:fb:b5:a5:dd:94:96:
ec:e4:36:e4:56:fc:bd:09:46:fd:97:b4:c3:50:c1:
2a:f6:b9:d0:c3:6f:73:77:88:bb:c8:36:01:c7:8f:
d2:3a:6e:90:2a:ef:63:f1:b4:8f:1f:67:88:6f:9f:
6e:0b:e0:d0:4a:89:66:ac:00:c7:85:70:fd:8c:3b:
f1:e9:06:81:7e:5f:6e:13:d5:f5:0f:5a:f7:ba:8f:
d4:fd:61:57:a8:f9:32:6e:80:8a:a3:30:07:4b:42:
7e:38:09:72:cb:de:b1:ae:92:f8:bc:88:88:1d:fe:
2a:2c:d2:58:b2:50:16:40:88:e2:9f:7a:cd:5a:32:
26:6f:fd:0d:47:2c:c7:dd:84:a0:fd:7a:c5:3a:8c:
92:ec:d0:9a:00:52:f4:03:1e:35:e2:be:e0:1a:29:
2a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:FE:5D:45:94:63:3B:A4:A9:60:02:F7:C7:BE:51:FD:39:12:20:EC
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tf5dRZRjO6SpYAL3x75R_TkSIOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
7c:eb:6c:40:36:0d:7b:5a:72:94:ee:2b:f3:fe:47:89:22:da:
fb:02:b1:60:8b:b9:ae:c3:72:e9:00:5f:e0:80:5e:cd:fc:38:
6f:b5:21:48:4b:0d:04:84:c5:76:46:b8:88:5c:9d:16:03:43:
4f:56:b9:2e:cf:b4:2f:c8:28:6d:5a:4a:fc:cb:de:4b:df:ee:
98:2c:69:90:1a:50:be:9b:88:21:1f:97:fd:37:38:20:36:72:
da:38:ec:bd:6c:4b:bf:90:c1:f1:1a:4a:3e:ba:c6:a0:b8:f1:
bf:4a:b2:ab:3f:b7:86:38:31:64:a4:d6:b2:78:77:c4:ec:31:
27:ed:de:6a:c3:6e:97:05:9c:4d:c9:54:da:08:96:f7:88:73:
36:23:25:f5:7e:7c:e8:31:f3:34:c0:89:00:8b:69:e9:29:f1:
bb:15:2c:8a:b8:a5:86:5e:e1:b4:6c:34:dd:02:f2:74:6c:59:
9d:ca:67:29:04:f9:0b:6f:c5:82:20:43:ac:8d:7a:8d:7a:fd:
73:3c:af:25:5b:b5:81:fa:a1:92:71:02:1a:38:75:16:70:78:
28:75:4f:87:c3:ad:6f:53:c5:9d:33:f2:06:f0:c0:c7:57:34:
7d:25:fe:9f:ac:c0:7c:3d:7d:90:58:e4:2f:12:0a:8e:15:92:
92:e0:a3:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY0KswUmzo3cqt+4iGmAND+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMTE1MDExODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWZlNWQ0NTk0NjMzYmE0YTk2MDAyZjdjN2JlNTFmZDM5MTIyMGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwPP+/6/usJt2IIRB4gIN73Pwfqv
Bql1Fm4/BY7WWx7pTf7ZOEnS3Xtkkqydy9ct62dQn9KZryMZWLYKc38XEtKlLka1
WQLHoi/dagF78JkRrno9FszCFN6WyArxwkZVHpL7taXdlJbs5DbkVvy9CUb9l7TD
UMEq9rnQw29zd4i7yDYBx4/SOm6QKu9j8bSPH2eIb59uC+DQSolmrADHhXD9jDvx
6QaBfl9uE9X1D1r3uo/U/WFXqPkyboCKozAHS0J+OAlyy96xrpL4vIiIHf4qLNJY
slAWQIjin3rNWjImb/0NRyzH3YSg/XrFOoyS7NCaAFL0Ax414r7gGikqswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLX+XUWUYzukqWAC98e+Uf05EiDsMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdGY1ZFJaUmpPNlNwWUFMM3g3NVJfVGtTSU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAHzrbEA2DXtacpTuK/P+
R4ki2vsCsWCLua7DcukAX+CAXs38OG+1IUhLDQSExXZGuIhcnRYDQ09WuS7PtC/I
KG1aSvzL3kvf7pgsaZAaUL6biCEfl/03OCA2cto47L1sS7+QwfEaSj66xqC48b9K
sqs/t4Y4MWSk1rJ4d8TsMSft3mrDbpcFnE3JVNoIlveIczYjJfV+fOgx8zTAiQCL
aekp8bsVLIq4pYZe4bRsNN0C8nRsWZ3KZykE+QtvxYIgQ6yNeo16/XM8ryVbtYH6
oZJxAho4dRZweCh1T4fDrW9TxZ0z8gbwwMdXNH0l/p+swHw9fZBY5C8SCo4VkpLg
o9s=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:23:02 2025 by rpki-client