Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tijmDbzhXk-SblGMozKjEA3dK3E.roa
File: tijmDbzhXk-SblGMozKjEA3dK3E.roa (raw, json)
Hash identifier: 1na4/vc0rnf+EUVJwcLW5IKkQqcGmzmWjfWDUUyiLL0=
Subject key identifier: B6:28:E6:0D:BC:E1:5E:4F:92:6E:51:8C:A3:32:A3:10:0D:DD:2B:71
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018CBBAFA01EB4D2F9C604808BE06E561536
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tijmDbzhXk-SblGMozKjEA3dK3E.roa
Signing time: Sat 30 Dec 2023 17:04:58 +0000
ROA not before: Sat 30 Dec 2023 17:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18c:bbae:f363/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bb:af:a0:1e:b4:d2:f9:c6:04:80:8b:e0:6e:56:15:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Dec 30 17:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b628e60dbce15e4f926e518ca332a3100ddd2b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e2:35:44:f4:c4:4a:4f:b7:76:83:54:64:cd:
ad:a5:61:ee:0d:5d:17:e1:44:17:80:7f:40:43:b6:
e3:65:0e:39:df:29:ef:c3:f3:95:6c:51:24:06:a1:
80:3f:ac:e0:5e:1a:e1:69:9f:35:f7:9e:eb:8c:db:
b7:8e:0e:72:99:0f:12:74:3e:0a:34:03:41:54:78:
84:01:61:5c:ad:d0:87:78:a1:d0:e9:40:51:5e:97:
e5:a9:18:74:c5:f2:2a:30:4e:49:0b:16:78:32:6c:
b6:f7:30:04:9c:1e:2d:d3:f3:e0:f1:b5:f2:6d:0e:
bf:82:33:77:a3:6a:2e:87:ac:cd:bf:d5:a5:65:b7:
5b:5d:35:c4:1d:20:fc:8e:40:6c:e7:20:80:59:d3:
35:80:7d:c4:fd:21:10:0d:df:ed:34:67:ce:2c:8c:
0e:9f:4d:df:24:ad:8b:8c:dd:56:d2:9b:e0:03:4c:
01:4d:b9:37:0f:d4:00:d3:d0:69:d3:f0:a6:88:0b:
a8:f0:3a:74:bb:32:c0:45:ad:76:e4:27:e9:0f:d9:
f6:81:dd:a3:9f:9b:23:0a:31:ba:7d:65:03:d2:94:
a6:ee:f3:66:95:7d:05:ec:13:da:46:af:11:1f:19:
3a:9f:85:d5:18:91:28:29:69:02:3c:eb:da:52:e8:
b8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:28:E6:0D:BC:E1:5E:4F:92:6E:51:8C:A3:32:A3:10:0D:DD:2B:71
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/tijmDbzhXk-SblGMozKjEA3dK3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
53:d1:87:dd:05:0e:be:33:5f:07:2b:e5:5b:a4:dc:ab:a6:a7:
8f:f0:18:7d:d7:10:38:f5:7c:e1:11:80:93:ae:da:26:67:a4:
65:c8:39:02:76:c1:29:20:5e:d3:d7:1c:6e:0d:7f:88:65:c5:
9b:ba:5c:80:c5:24:7f:5b:c1:ee:d2:14:8a:ee:6c:44:e1:55:
c4:b5:83:10:61:c6:c7:a9:71:61:b8:0e:c9:d1:62:95:82:a2:
04:3e:ef:87:2d:22:27:9e:1c:bb:8b:87:6e:6d:ea:dd:9d:b8:
ec:93:e4:c5:43:63:0f:67:a4:5a:6f:42:60:93:cb:cc:6e:e7:
6f:5d:20:f2:fd:70:5b:1d:27:33:b6:40:28:51:91:a3:e0:8f:
ab:65:6f:bf:5f:93:20:f4:8e:fa:6e:fe:a5:9a:3d:f0:b6:de:
10:ea:b9:0a:42:2a:40:be:1e:40:8a:8a:4b:17:72:72:c5:68:
f3:79:06:08:d9:9f:58:da:90:5a:36:16:5c:73:aa:76:08:80:
73:76:56:24:24:34:91:fa:13:cf:05:6b:60:dc:98:eb:22:3d:
1a:c7:78:7f:a8:ed:05:a0:2b:f9:a4:9d:66:ba:02:e2:8a:47:
8a:1b:f4:9a:3a:b4:6d:93:4a:22:11:71:ff:2c:94:34:e6:57:
23:3a:bf:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYy7r6AetNL5xgSAi+BuVhU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjMxMjMwMTcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI4ZTYwZGJjZTE1ZTRmOTI2ZTUxOGNhMzMyYTMxMDBkZGQyYjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOI1RPTESk+3doNUZM2tpWHuDV0X
4UQXgH9AQ7bjZQ453ynvw/OVbFEkBqGAP6zgXhrhaZ81957rjNu3jg5ymQ8SdD4K
NANBVHiEAWFcrdCHeKHQ6UBRXpflqRh0xfIqME5JCxZ4Mmy29zAEnB4t0/Pg8bXy
bQ6/gjN3o2ouh6zNv9WlZbdbXTXEHSD8jkBs5yCAWdM1gH3E/SEQDd/tNGfOLIwO
n03fJK2LjN1W0pvgA0wBTbk3D9QA09Bp0/CmiAuo8Dp0uzLARa125CfpD9n2gd2j
n5sjCjG6fWUD0pSm7vNmlX0F7BPaRq8RHxk6n4XVGJEoKWkCPOvaUui41QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLYo5g284V5Pkm5RjKMyoxAN3StxMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdGlqbURiemhYay1TYmxHTW96S2pFQTNkSzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFPRh90FDr4zXwcr5Vuk
3Kump4/wGH3XEDj1fOERgJOu2iZnpGXIOQJ2wSkgXtPXHG4Nf4hlxZu6XIDFJH9b
we7SFIrubEThVcS1gxBhxsepcWG4DsnRYpWCogQ+74ctIieeHLuLh25t6t2duOyT
5MVDYw9npFpvQmCTy8xu529dIPL9cFsdJzO2QChRkaPgj6tlb79fkyD0jvpu/qWa
PfC23hDquQpCKkC+HkCKiksXcnLFaPN5BgjZn1jakFo2FlxzqnYIgHN2ViQkNJH6
E88Fa2DcmOsiPRrHeH+o7QWgK/mknWa6AuKKR4ob9Jo6tG2TSiIRcf8slDTmVyM6
vy8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:56 2025 by rpki-client