Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uA3V2ZyWjW3887e1s3MuJV4vWlw.roa
File: uA3V2ZyWjW3887e1s3MuJV4vWlw.roa (raw, json)
Hash identifier: DJb1TJTKivR9ccENUmAUy0x0VcaaPAVwsHYI9e/9qeU=
Subject key identifier: B8:0D:D5:D9:9C:96:8D:6D:FC:F3:B7:B5:B3:73:2E:25:5E:2F:5A:5C
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018EA44D2E0D4738309DB2881350E00365E8
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uA3V2ZyWjW3887e1s3MuJV4vWlw.roa
Signing time: Wed 03 Apr 2024 14:11:45 +0000
ROA not before: Wed 03 Apr 2024 14:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
2001:67c:64:ffff:0:18d:e84f:370a/128 maxlen: 128
2001:67c:64:ffff:0:18e:76c8:d5da/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:4d:2e:0d:47:38:30:9d:b2:88:13:50:e0:03:65:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Apr 3 14:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b80dd5d99c968d6dfcf3b7b5b3732e255e2f5a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8f:2e:73:ee:5d:f8:bd:b4:a1:91:1a:f7:3a:
5b:31:8b:41:4c:1b:26:2b:2d:15:5a:4f:17:a5:84:
9a:e4:81:df:56:eb:a0:c5:33:ce:34:86:4c:fc:88:
e9:66:9b:94:30:c8:fe:8a:77:d6:2f:c4:f4:5c:f0:
be:de:fc:d1:35:b1:e0:49:46:ca:6e:70:5e:9b:40:
cd:ed:07:97:6c:3a:3d:ea:46:3d:1e:31:0a:bd:35:
3c:9b:15:ce:d0:76:d6:39:25:51:ad:70:7b:df:41:
fc:bd:95:c4:ab:da:e0:78:48:26:f7:06:42:d7:23:
94:4b:3c:1e:8b:12:b7:d0:67:0a:40:33:30:6c:e4:
79:c2:19:d5:a6:f6:cb:aa:09:f6:d8:94:e7:40:e2:
45:34:b8:9a:20:45:6a:a3:5a:33:9e:3e:9e:93:50:
de:fe:b4:6e:22:11:60:26:0c:32:2e:6a:b4:46:8b:
71:e9:84:7c:14:e3:8e:70:16:d2:90:8d:f6:4d:de:
02:51:8d:0c:87:23:5f:d3:c9:cf:c5:0a:13:29:f6:
f7:0b:da:93:fa:2d:f1:f9:a9:6c:fa:89:4d:47:17:
ea:ce:ee:88:ef:2d:e2:bb:27:ec:54:47:74:d1:fc:
d2:de:37:df:e5:53:14:a8:38:d9:a5:75:06:8a:ac:
ff:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:0D:D5:D9:9C:96:8D:6D:FC:F3:B7:B5:B3:73:2E:25:5E:2F:5A:5C
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/uA3V2ZyWjW3887e1s3MuJV4vWlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
52:76:b3:64:a1:97:de:ab:1c:bd:55:30:16:92:a0:2d:02:1e:
77:a6:f0:75:1b:1d:f2:41:71:6b:62:c2:3a:30:4b:9c:92:46:
39:5d:77:ca:cc:8c:ec:b7:63:93:c1:11:d1:68:b2:1b:3f:4e:
eb:8d:5c:36:06:5b:9e:57:4a:9e:19:19:8b:fb:3b:ba:82:db:
a6:27:3e:60:c9:7c:5b:32:91:2b:12:32:6d:93:8c:27:08:38:
a9:5d:68:aa:28:24:5e:9c:8a:57:ad:73:b5:0c:61:87:a3:94:
54:e2:99:af:a4:2c:a2:81:43:ac:f7:5a:16:e0:39:b0:04:37:
a4:3d:0e:4e:d4:4b:62:f0:bc:bb:7c:59:86:a5:02:1d:9f:77:
ee:8e:31:d4:34:5f:50:c8:17:17:3b:fb:97:cc:eb:52:d2:ca:
d5:a8:f4:96:e5:93:d0:d3:d5:a1:2d:06:c1:6e:34:83:7b:66:
f4:2f:b4:48:dd:54:63:8e:82:12:9e:81:5e:c5:4f:8e:dc:f2:
48:5e:c9:0d:f7:85:ed:34:f4:5d:c2:5e:46:cd:a6:1e:e7:65:
3e:b8:97:01:e0:e7:dd:5f:e3:ed:2a:66:e4:69:c2:d7:b4:16:
1b:9c:42:26:3a:11:85:18:b3:21:49:58:9f:dc:eb:b1:72:3d:
9e:b8:03:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY6kTS4NRzgwnbKIE1DgA2XoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwNDAzMTQxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODBkZDVkOTljOTY4ZDZkZmNmM2I3YjViMzczMmUyNTVlMmY1YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo8uc+5d+L20oZEa9zpbMYtBTBsm
Ky0VWk8XpYSa5IHfVuugxTPONIZM/IjpZpuUMMj+infWL8T0XPC+3vzRNbHgSUbK
bnBem0DN7QeXbDo96kY9HjEKvTU8mxXO0HbWOSVRrXB730H8vZXEq9rgeEgm9wZC
1yOUSzweixK30GcKQDMwbOR5whnVpvbLqgn22JTnQOJFNLiaIEVqo1oznj6ek1De
/rRuIhFgJgwyLmq0Rotx6YR8FOOOcBbSkI32Td4CUY0MhyNf08nPxQoTKfb3C9qT
+i3x+als+olNRxfqzu6I7y3iuyfsVEd00fzS3jff5VMUqDjZpXUGiqz/MwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLgN1dmclo1t/PO3tbNzLiVeL1pcMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvdUEzVjJaeVdqVzM4ODdlMXMzTXVKVjR2V2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFJ2s2Shl96rHL1VMBaS
oC0CHnem8HUbHfJBcWtiwjowS5ySRjldd8rMjOy3Y5PBEdFoshs/TuuNXDYGW55X
Sp4ZGYv7O7qC26YnPmDJfFsykSsSMm2TjCcIOKldaKooJF6ciletc7UMYYejlFTi
ma+kLKKBQ6z3WhbgObAEN6Q9Dk7US2LwvLt8WYalAh2fd+6OMdQ0X1DIFxc7+5fM
61LSytWo9Jblk9DT1aEtBsFuNIN7ZvQvtEjdVGOOghKegV7FT47c8kheyQ33he00
9F3CXkbNph7nZT64lwHg591f4+0qZuRpwte0FhucQiY6EYUYsyFJWJ/c67FyPZ64
A14=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:13:18 2025 by rpki-client