Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u2HXbRp6cLIudbeUc86oE5ofx3U.roa
File: u2HXbRp6cLIudbeUc86oE5ofx3U.roa (raw, json)
Hash identifier: TpvP63EvjjRuf9K1MTqkiRHCzBrvmvmsg6XbOf03soM=
Subject key identifier: BB:61:D7:6D:1A:7A:70:B2:2E:75:B7:94:73:CE:A8:13:9A:1F:C7:75
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DA5D563C9E090C87F01850A4F481A48DD
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u2HXbRp6cLIudbeUc86oE5ofx3U.roa
Signing time: Wed 14 Feb 2024 04:17:21 +0000
ROA not before: Wed 14 Feb 2024 04:17:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:4013:c01e/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a5:d5:63:c9:e0:90:c8:7f:01:85:0a:4f:48:1a:48:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 14 04:17:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb61d76d1a7a70b22e75b79473cea8139a1fc775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9d:69:67:b5:ff:b9:eb:d7:2d:5c:70:72:97:
38:2f:66:4c:75:4f:88:2a:d7:4c:86:dd:aa:80:62:
5e:2a:39:55:4d:3c:64:86:29:b0:f5:94:9f:94:90:
e8:95:a0:57:70:2e:63:a1:96:9f:db:bf:40:a7:2e:
72:48:ee:21:61:f0:db:66:6c:d5:5a:bd:02:92:d8:
9d:93:d1:09:55:3b:e5:8a:25:b5:b3:e2:b5:fe:fa:
3e:5a:60:7d:d8:b0:a7:0f:65:b2:2c:57:41:51:50:
ba:b7:2a:9c:2d:8b:39:9e:aa:29:56:e6:ed:98:3f:
9e:5f:34:b7:90:34:74:17:d5:75:47:99:d0:4b:cb:
b3:f0:94:72:11:37:8f:8c:09:86:03:40:6f:b2:a8:
d1:4f:2b:3e:72:26:8d:e9:1e:a3:9b:9c:27:11:94:
12:fc:3f:63:7e:f6:fc:62:10:1b:53:c6:ba:b8:1c:
17:b3:a9:6e:60:1a:4f:ef:91:73:a9:25:71:91:f7:
4e:52:ba:ce:2d:a1:5a:69:61:f8:1d:0c:31:41:ff:
d4:30:29:9b:c4:b4:9e:7c:d2:11:58:0a:81:c8:b4:
f9:3f:47:20:ea:f2:e7:13:3d:98:48:ff:1b:bd:e9:
ab:09:3a:ed:62:76:96:8d:de:ab:2d:20:66:ce:96:
2f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:61:D7:6D:1A:7A:70:B2:2E:75:B7:94:73:CE:A8:13:9A:1F:C7:75
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/u2HXbRp6cLIudbeUc86oE5ofx3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a3:ca:b1:ac:81:8e:47:c7:d7:c6:c7:77:c9:d2:b6:c4:3b:95:
07:a4:bf:09:00:6b:40:e9:e9:7e:c7:db:58:20:9b:c2:87:f9:
09:99:6c:d4:01:85:0b:49:ad:1a:fc:9c:c6:fd:8c:78:1a:6f:
30:4a:14:6b:9b:44:21:06:1b:c1:83:65:d0:07:cb:73:09:98:
a8:dd:11:45:6d:17:39:2a:3f:71:d6:33:1f:72:a0:e2:e7:2e:
ff:7b:a0:71:9e:6b:f1:75:6b:8c:4c:f6:9a:f3:a9:58:78:d9:
d1:55:5b:fd:b9:72:ab:e1:20:2f:e3:9f:9b:b1:49:50:50:a5:
8b:6d:14:ef:40:84:11:60:ac:dc:d3:b6:60:84:91:2e:ea:e8:
da:a6:35:03:8c:82:cd:57:2d:50:b8:b6:12:9b:74:86:0a:7c:
58:08:0c:ed:a9:79:28:2a:df:ec:f4:03:5a:e2:8a:36:28:a3:
8f:e6:ed:ea:a1:16:07:4a:a4:81:bc:2a:aa:7f:25:25:38:d3:
64:91:cb:5d:f6:2c:4a:62:77:a1:59:c9:59:f8:4b:5b:3a:5b:
22:b4:7f:89:93:2c:4c:50:69:03:06:df:91:dd:e3:47:fb:99:
4a:61:08:a3:5f:23:d2:1c:39:7b:1b:69:b8:7c:ae:73:a4:1e:
af:d5:5e:76
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY2l1WPJ4JDIfwGFCk9IGkjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjE0MDQxNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjYxZDc2ZDFhN2E3MGIyMmU3NWI3OTQ3M2NlYTgxMzlhMWZjNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ1pZ7X/uevXLVxwcpc4L2ZMdU+I
KtdMht2qgGJeKjlVTTxkhimw9ZSflJDolaBXcC5joZaf279Apy5ySO4hYfDbZmzV
Wr0Cktidk9EJVTvliiW1s+K1/vo+WmB92LCnD2WyLFdBUVC6tyqcLYs5nqopVubt
mD+eXzS3kDR0F9V1R5nQS8uz8JRyETePjAmGA0BvsqjRTys+ciaN6R6jm5wnEZQS
/D9jfvb8YhAbU8a6uBwXs6luYBpP75FzqSVxkfdOUrrOLaFaaWH4HQwxQf/UMCmb
xLSefNIRWAqByLT5P0cg6vLnEz2YSP8bvemrCTrtYnaWjd6rLSBmzpYvUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLth120aenCyLnW3lHPOqBOaH8d1MB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdTJIWGJScDZjTEl1ZGJlVWM4Nm9FNW9meDNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKPKsayBjkfH18bHd8nS
tsQ7lQekvwkAa0Dp6X7H21ggm8KH+QmZbNQBhQtJrRr8nMb9jHgabzBKFGubRCEG
G8GDZdAHy3MJmKjdEUVtFzkqP3HWMx9yoOLnLv97oHGea/F1a4xM9przqVh42dFV
W/25cqvhIC/jn5uxSVBQpYttFO9AhBFgrNzTtmCEkS7q6NqmNQOMgs1XLVC4thKb
dIYKfFgIDO2peSgq3+z0A1riijYoo4/m7eqhFgdKpIG8Kqp/JSU402SRy132LEpi
d6FZyVn4S1s6WyK0f4mTLExQaQMG35Hd40f7mUphCKNfI9IcOXsbabh8rnOkHq/V
XnY=
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:59:54 2025 by rpki-client